diff --git a/provider/cmd/pulumi-resource-vault/schema.json b/provider/cmd/pulumi-resource-vault/schema.json index 64281ee22..12a6027f1 100644 --- a/provider/cmd/pulumi-resource-vault/schema.json +++ b/provider/cmd/pulumi-resource-vault/schema.json @@ -2058,7 +2058,7 @@ }, "containedDb": { "type": "boolean", - "description": "For Vault v1.9+. Set to true when the target is a\nContained Database, e.g. AzureSQL.\nSee [Vault docs](https://www.vaultproject.io/api/secret/databases/mssql#contained_db)\n" + "description": "For Vault v1.9+. Set to true when the target is a\nContained Database, e.g. AzureSQL. \nSee [Vault docs](https://www.vaultproject.io/api/secret/databases/mssql#contained_db)\n" }, "data": { "type": "object", @@ -4097,7 +4097,7 @@ "properties": { "cps": { "type": "string", - "description": "The URL of the CPS for the policy identifier\n\nExample usage:\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Mount;\nimport com.pulumi.vault.MountArgs;\nimport com.pulumi.vault.pkiSecret.SecretBackendRole;\nimport com.pulumi.vault.pkiSecret.SecretBackendRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var pki = new Mount(\"pki\", MountArgs.builder() \n .path(\"pki\")\n .type(\"pki\")\n .defaultLeaseTtlSeconds(3600)\n .maxLeaseTtlSeconds(86400)\n .build());\n\n var role = new SecretBackendRole(\"role\", SecretBackendRoleArgs.builder() \n .backend(pki.path())\n .ttl(3600)\n .allowIpSans(true)\n .keyType(\"rsa\")\n .keyBits(4096)\n .allowedDomains( \n \"example.com\",\n \"my.domain\")\n .allowSubdomains(true)\n .policyIdentifiers( \n Map.ofEntries(\n Map.entry(\"oid\", \"1.3.6.1.4.1.7.8\"),\n Map.entry(\"notice\", \"I am a user Notice\")\n ),\n Map.ofEntries(\n Map.entry(\"oid\", \"1.3.6.1.4.1.44947.1.2.4\"),\n Map.entry(\"cps\", \"https://example.com\")\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n pki:\n type: vault:Mount\n properties:\n path: pki\n type: pki\n defaultLeaseTtlSeconds: 3600\n maxLeaseTtlSeconds: 86400\n role:\n type: vault:pkiSecret:SecretBackendRole\n properties:\n backend: ${pki.path}\n ttl: 3600\n allowIpSans: true\n keyType: rsa\n keyBits: 4096\n allowedDomains:\n - example.com\n - my.domain\n allowSubdomains: true\n policyIdentifiers:\n - oid: 1.3.6.1.4.1.7.8\n notice: I am a user Notice\n - oid: 1.3.6.1.4.1.44947.1.2.4\n cps: https://example.com\n```\n" + "description": "The URL of the CPS for the policy identifier\n\nExample usage:\n\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Mount;\nimport com.pulumi.vault.MountArgs;\nimport com.pulumi.vault.pkiSecret.SecretBackendRole;\nimport com.pulumi.vault.pkiSecret.SecretBackendRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var pki = new Mount(\"pki\", MountArgs.builder() \n .path(\"pki\")\n .type(\"pki\")\n .defaultLeaseTtlSeconds(3600)\n .maxLeaseTtlSeconds(86400)\n .build());\n\n var role = new SecretBackendRole(\"role\", SecretBackendRoleArgs.builder() \n .backend(pki.path())\n .ttl(3600)\n .allowIpSans(true)\n .keyType(\"rsa\")\n .keyBits(4096)\n .allowedDomains( \n \"example.com\",\n \"my.domain\")\n .allowSubdomains(true)\n .policyIdentifiers( \n Map.ofEntries(\n Map.entry(\"oid\", \"1.3.6.1.4.1.7.8\"),\n Map.entry(\"notice\", \"I am a user Notice\")\n ),\n Map.ofEntries(\n Map.entry(\"oid\", \"1.3.6.1.4.1.44947.1.2.4\"),\n Map.entry(\"cps\", \"https://example.com\")\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n pki:\n type: vault:Mount\n properties:\n path: pki\n type: pki\n defaultLeaseTtlSeconds: 3600\n maxLeaseTtlSeconds: 86400\n role:\n type: vault:pkiSecret:SecretBackendRole\n properties:\n backend: ${pki.path}\n ttl: 3600\n allowIpSans: true\n keyType: rsa\n keyBits: 4096\n allowedDomains:\n - example.com\n - my.domain\n allowSubdomains: true\n policyIdentifiers:\n - oid: 1.3.6.1.4.1.7.8\n notice: I am a user Notice\n - oid: 1.3.6.1.4.1.44947.1.2.4\n cps: https://example.com\n```\n" }, "notice": { "type": "string", @@ -4184,7 +4184,7 @@ }, "type": { "type": "string", - "description": "The SSH public key type. \n*Supported key types are:*\n`rsa`, `ecdsa`, `ec`, `dsa`, `ed25519`, `ssh-rsa`, `ssh-dss`, `ssh-ed25519`,\n`ecdsa-sha2-nistp256`, `ecdsa-sha2-nistp384`, `ecdsa-sha2-nistp521`\n" + "description": "The SSH public key type. \n*Supported key types are:* \n`rsa`, `ecdsa`, `ec`, `dsa`, `ed25519`, `ssh-rsa`, `ssh-dss`, `ssh-ed25519`,\n`ecdsa-sha2-nistp256`, `ecdsa-sha2-nistp384`, `ecdsa-sha2-nistp521`\n" } }, "type": "object", @@ -6116,7 +6116,7 @@ }, "useStsRegionFromClient": { "type": "boolean", - "description": "Available in Vault v1.15+. If set, \noverrides both `sts_endpoint` and `sts_region` to instead use the region\nspecified in the client request headers for IAM-based authentication.\nThis can be useful when you have client requests coming from different\nregions and want flexibility in which regional STS API is used.\n" + "description": "Available in Vault v1.15+. If set, \noverrides both `sts_endpoint` and `sts_region` to instead use the region\nspecified in the client request headers for IAM-based authentication.\nThis can be useful when you have client requests coming from different \nregions and want flexibility in which regional STS API is used.\n" } }, "required": [ @@ -6165,7 +6165,7 @@ }, "useStsRegionFromClient": { "type": "boolean", - "description": "Available in Vault v1.15+. If set, \noverrides both `sts_endpoint` and `sts_region` to instead use the region\nspecified in the client request headers for IAM-based authentication.\nThis can be useful when you have client requests coming from different\nregions and want flexibility in which regional STS API is used.\n" + "description": "Available in Vault v1.15+. If set, \noverrides both `sts_endpoint` and `sts_region` to instead use the region\nspecified in the client request headers for IAM-based authentication.\nThis can be useful when you have client requests coming from different \nregions and want flexibility in which regional STS API is used.\n" } }, "stateInputs": { @@ -6213,7 +6213,7 @@ }, "useStsRegionFromClient": { "type": "boolean", - "description": "Available in Vault v1.15+. If set, \noverrides both `sts_endpoint` and `sts_region` to instead use the region\nspecified in the client request headers for IAM-based authentication.\nThis can be useful when you have client requests coming from different\nregions and want flexibility in which regional STS API is used.\n" + "description": "Available in Vault v1.15+. If set, \noverrides both `sts_endpoint` and `sts_region` to instead use the region\nspecified in the client request headers for IAM-based authentication.\nThis can be useful when you have client requests coming from different \nregions and want flexibility in which regional STS API is used.\n" } }, "type": "object" @@ -7642,7 +7642,7 @@ }, "permissionsBoundaryArn": { "type": "string", - "description": "The ARN of the AWS Permissions \nBoundary to attach to IAM users created in the role. Valid only when\n`credential_type` is `iam_user`. If not specified, then no permissions boundary\npolicy will be attached.\n" + "description": "The ARN of the AWS Permissions \nBoundary to attach to IAM users created in the role. Valid only when \n`credential_type` is `iam_user`. If not specified, then no permissions boundary \npolicy will be attached.\n" }, "policyArns": { "type": "array", @@ -7711,7 +7711,7 @@ }, "permissionsBoundaryArn": { "type": "string", - "description": "The ARN of the AWS Permissions \nBoundary to attach to IAM users created in the role. Valid only when\n`credential_type` is `iam_user`. If not specified, then no permissions boundary\npolicy will be attached.\n" + "description": "The ARN of the AWS Permissions \nBoundary to attach to IAM users created in the role. Valid only when \n`credential_type` is `iam_user`. If not specified, then no permissions boundary \npolicy will be attached.\n" }, "policyArns": { "type": "array", @@ -7780,7 +7780,7 @@ }, "permissionsBoundaryArn": { "type": "string", - "description": "The ARN of the AWS Permissions \nBoundary to attach to IAM users created in the role. Valid only when\n`credential_type` is `iam_user`. If not specified, then no permissions boundary\npolicy will be attached.\n" + "description": "The ARN of the AWS Permissions \nBoundary to attach to IAM users created in the role. Valid only when \n`credential_type` is `iam_user`. If not specified, then no permissions boundary \npolicy will be attached.\n" }, "policyArns": { "type": "array", @@ -8333,12 +8333,12 @@ "properties": { "clientId": { "type": "string", - "description": "The OAuth2 client id to connect to Azure.\n", + "description": "(`string:\"\"`) - The OAuth2 client id to connect to Azure.\n", "secret": true }, "clientSecret": { "type": "string", - "description": "The OAuth2 client secret to connect to Azure.\n", + "description": "(`string:\"\"`) - The OAuth2 client secret to connect to Azure.\n", "secret": true }, "description": { @@ -8351,7 +8351,7 @@ }, "environment": { "type": "string", - "description": "The Azure environment.\n" + "description": "(`string:\"\"`) - The Azure environment.\n" }, "namespace": { "type": "string", @@ -8359,21 +8359,21 @@ }, "path": { "type": "string", - "description": "The unique path this backend should be mounted at. Defaults to `azure`.\n" + "description": "(`string: \u003coptional\u003e`) - The unique path this backend should be mounted at. Defaults to `azure`.\n" }, "subscriptionId": { "type": "string", - "description": "The subscription id for the Azure Active Directory.\n", + "description": "(`string: \u003crequired\u003e`) - The subscription id for the Azure Active Directory.\n", "secret": true }, "tenantId": { "type": "string", - "description": "The tenant id for the Azure Active Directory.\n", + "description": "(`string: \u003crequired\u003e`) - The tenant id for the Azure Active Directory.\n", "secret": true }, "useMicrosoftGraphApi": { "type": "boolean", - "description": "Indicates whether the secrets engine should use \nthe Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`.\nFor more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api)\n" + "description": "(`bool: \u003coptional\u003e`) - Indicates whether the secrets engine should use \nthe Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. \nFor more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api)\n" } }, "required": [ @@ -8384,12 +8384,12 @@ "inputProperties": { "clientId": { "type": "string", - "description": "The OAuth2 client id to connect to Azure.\n", + "description": "(`string:\"\"`) - The OAuth2 client id to connect to Azure.\n", "secret": true }, "clientSecret": { "type": "string", - "description": "The OAuth2 client secret to connect to Azure.\n", + "description": "(`string:\"\"`) - The OAuth2 client secret to connect to Azure.\n", "secret": true }, "description": { @@ -8402,7 +8402,7 @@ }, "environment": { "type": "string", - "description": "The Azure environment.\n" + "description": "(`string:\"\"`) - The Azure environment.\n" }, "namespace": { "type": "string", @@ -8411,22 +8411,22 @@ }, "path": { "type": "string", - "description": "The unique path this backend should be mounted at. Defaults to `azure`.\n" + "description": "(`string: \u003coptional\u003e`) - The unique path this backend should be mounted at. Defaults to `azure`.\n" }, "subscriptionId": { "type": "string", - "description": "The subscription id for the Azure Active Directory.\n", + "description": "(`string: \u003crequired\u003e`) - The subscription id for the Azure Active Directory.\n", "secret": true, "willReplaceOnChanges": true }, "tenantId": { "type": "string", - "description": "The tenant id for the Azure Active Directory.\n", + "description": "(`string: \u003crequired\u003e`) - The tenant id for the Azure Active Directory.\n", "secret": true }, "useMicrosoftGraphApi": { "type": "boolean", - "description": "Indicates whether the secrets engine should use \nthe Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`.\nFor more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api)\n" + "description": "(`bool: \u003coptional\u003e`) - Indicates whether the secrets engine should use \nthe Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. \nFor more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api)\n" } }, "requiredInputs": [ @@ -8438,12 +8438,12 @@ "properties": { "clientId": { "type": "string", - "description": "The OAuth2 client id to connect to Azure.\n", + "description": "(`string:\"\"`) - The OAuth2 client id to connect to Azure.\n", "secret": true }, "clientSecret": { "type": "string", - "description": "The OAuth2 client secret to connect to Azure.\n", + "description": "(`string:\"\"`) - The OAuth2 client secret to connect to Azure.\n", "secret": true }, "description": { @@ -8456,7 +8456,7 @@ }, "environment": { "type": "string", - "description": "The Azure environment.\n" + "description": "(`string:\"\"`) - The Azure environment.\n" }, "namespace": { "type": "string", @@ -8465,22 +8465,22 @@ }, "path": { "type": "string", - "description": "The unique path this backend should be mounted at. Defaults to `azure`.\n" + "description": "(`string: \u003coptional\u003e`) - The unique path this backend should be mounted at. Defaults to `azure`.\n" }, "subscriptionId": { "type": "string", - "description": "The subscription id for the Azure Active Directory.\n", + "description": "(`string: \u003crequired\u003e`) - The subscription id for the Azure Active Directory.\n", "secret": true, "willReplaceOnChanges": true }, "tenantId": { "type": "string", - "description": "The tenant id for the Azure Active Directory.\n", + "description": "(`string: \u003crequired\u003e`) - The tenant id for the Azure Active Directory.\n", "secret": true }, "useMicrosoftGraphApi": { "type": "boolean", - "description": "Indicates whether the secrets engine should use \nthe Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`.\nFor more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api)\n" + "description": "(`bool: \u003coptional\u003e`) - Indicates whether the secrets engine should use \nthe Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. \nFor more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api)\n" } }, "type": "object" @@ -11503,7 +11503,7 @@ }, "disableDelete": { "type": "boolean", - "description": "- (Optional) True/false. Set this to true if your\nvault authentication is not able to delete the data or if the endpoint\ndoes not support the `DELETE` method. Defaults to false.\n" + "description": "True/false. Set this to true if your\nvault authentication is not able to delete the data or if the endpoint\ndoes not support the `DELETE` method. Defaults to false.\n" }, "disableRead": { "type": "boolean", @@ -11511,7 +11511,7 @@ }, "ignoreAbsentFields": { "type": "boolean", - "description": "- (Optional) True/false. If set to true,\nignore any fields present when the endpoint is read but that were not\nin `data_json`. Also, if a field that was written is not returned when\nthe endpoint is read, treat that field as being up to date. You should\nset this to `true` when writing to endpoint that, when read, returns a\ndifferent set of fields from the ones you wrote, as is common with\nmany configuration endpoints. Defaults to false.\n" + "description": "True/false. If set to true,\nignore any fields present when the endpoint is read but that were not\nin `data_json`. Also, if a field that was written is not returned when\nthe endpoint is read, treat that field as being up to date. You should\nset this to `true` when writing to endpoint that, when read, returns a\ndifferent set of fields from the ones you wrote, as is common with\nmany configuration endpoints. Defaults to false.\n" }, "namespace": { "type": "string", @@ -11537,7 +11537,7 @@ "items": { "type": "string" }, - "description": "- (Optional). A list of fields that should be returned\nin `write_data_json` and `write_data`. If omitted, data returned by\nthe write operation is not available to the resource or included in\nstate. This helps to avoid accidental storage of sensitive values in\nstate. Some endpoints, such as many dynamic secrets endpoints, return\ndata from writing to an endpoint rather than reading it. You should\nuse `write_fields` if you need information returned in this way.\n" + "description": ". A list of fields that should be returned\nin `write_data_json` and `write_data`. If omitted, data returned by\nthe write operation is not available to the resource or included in\nstate. This helps to avoid accidental storage of sensitive values in\nstate. Some endpoints, such as many dynamic secrets endpoints, return\ndata from writing to an endpoint rather than reading it. You should\nuse `write_fields` if you need information returned in this way.\n" } }, "required": [ @@ -11554,7 +11554,7 @@ }, "disableDelete": { "type": "boolean", - "description": "- (Optional) True/false. Set this to true if your\nvault authentication is not able to delete the data or if the endpoint\ndoes not support the `DELETE` method. Defaults to false.\n" + "description": "True/false. Set this to true if your\nvault authentication is not able to delete the data or if the endpoint\ndoes not support the `DELETE` method. Defaults to false.\n" }, "disableRead": { "type": "boolean", @@ -11562,7 +11562,7 @@ }, "ignoreAbsentFields": { "type": "boolean", - "description": "- (Optional) True/false. If set to true,\nignore any fields present when the endpoint is read but that were not\nin `data_json`. Also, if a field that was written is not returned when\nthe endpoint is read, treat that field as being up to date. You should\nset this to `true` when writing to endpoint that, when read, returns a\ndifferent set of fields from the ones you wrote, as is common with\nmany configuration endpoints. Defaults to false.\n" + "description": "True/false. If set to true,\nignore any fields present when the endpoint is read but that were not\nin `data_json`. Also, if a field that was written is not returned when\nthe endpoint is read, treat that field as being up to date. You should\nset this to `true` when writing to endpoint that, when read, returns a\ndifferent set of fields from the ones you wrote, as is common with\nmany configuration endpoints. Defaults to false.\n" }, "namespace": { "type": "string", @@ -11579,7 +11579,7 @@ "items": { "type": "string" }, - "description": "- (Optional). A list of fields that should be returned\nin `write_data_json` and `write_data`. If omitted, data returned by\nthe write operation is not available to the resource or included in\nstate. This helps to avoid accidental storage of sensitive values in\nstate. Some endpoints, such as many dynamic secrets endpoints, return\ndata from writing to an endpoint rather than reading it. You should\nuse `write_fields` if you need information returned in this way.\n" + "description": ". A list of fields that should be returned\nin `write_data_json` and `write_data`. If omitted, data returned by\nthe write operation is not available to the resource or included in\nstate. This helps to avoid accidental storage of sensitive values in\nstate. Some endpoints, such as many dynamic secrets endpoints, return\ndata from writing to an endpoint rather than reading it. You should\nuse `write_fields` if you need information returned in this way.\n" } }, "requiredInputs": [ @@ -11596,7 +11596,7 @@ }, "disableDelete": { "type": "boolean", - "description": "- (Optional) True/false. Set this to true if your\nvault authentication is not able to delete the data or if the endpoint\ndoes not support the `DELETE` method. Defaults to false.\n" + "description": "True/false. Set this to true if your\nvault authentication is not able to delete the data or if the endpoint\ndoes not support the `DELETE` method. Defaults to false.\n" }, "disableRead": { "type": "boolean", @@ -11604,7 +11604,7 @@ }, "ignoreAbsentFields": { "type": "boolean", - "description": "- (Optional) True/false. If set to true,\nignore any fields present when the endpoint is read but that were not\nin `data_json`. Also, if a field that was written is not returned when\nthe endpoint is read, treat that field as being up to date. You should\nset this to `true` when writing to endpoint that, when read, returns a\ndifferent set of fields from the ones you wrote, as is common with\nmany configuration endpoints. Defaults to false.\n" + "description": "True/false. If set to true,\nignore any fields present when the endpoint is read but that were not\nin `data_json`. Also, if a field that was written is not returned when\nthe endpoint is read, treat that field as being up to date. You should\nset this to `true` when writing to endpoint that, when read, returns a\ndifferent set of fields from the ones you wrote, as is common with\nmany configuration endpoints. Defaults to false.\n" }, "namespace": { "type": "string", @@ -11632,7 +11632,7 @@ "items": { "type": "string" }, - "description": "- (Optional). A list of fields that should be returned\nin `write_data_json` and `write_data`. If omitted, data returned by\nthe write operation is not available to the resource or included in\nstate. This helps to avoid accidental storage of sensitive values in\nstate. Some endpoints, such as many dynamic secrets endpoints, return\ndata from writing to an endpoint rather than reading it. You should\nuse `write_fields` if you need information returned in this way.\n" + "description": ". A list of fields that should be returned\nin `write_data_json` and `write_data`. If omitted, data returned by\nthe write operation is not available to the resource or included in\nstate. This helps to avoid accidental storage of sensitive values in\nstate. Some endpoints, such as many dynamic secrets endpoints, return\ndata from writing to an endpoint rather than reading it. You should\nuse `write_fields` if you need information returned in this way.\n" } }, "type": "object" @@ -12826,7 +12826,7 @@ "properties": { "exclusive": { "type": "boolean", - "description": "Defaults to `true`.\n\nIf `true`, this resource will take exclusive control of the member groups that belong to the group and will set\nit equal to what is specified in the resource.\n\nIf set to `false`, this resource will simply ensure that the member groups specified in the resource are present\nin the group. When destroying the resource, the resource will ensure that the member groups specified in the resource\nare removed.\n" + "description": "Defaults to `true`.\n\nIf `true`, this resource will take exclusive control of the member groups that belong to the group and will set\nit equal to what is specified in the resource.\n\nIf set to `false`, this resource will simply ensure that the member groups specified in the resource are present \nin the group. When destroying the resource, the resource will ensure that the member groups specified in the resource\nare removed.\n" }, "groupId": { "type": "string", @@ -12850,7 +12850,7 @@ "inputProperties": { "exclusive": { "type": "boolean", - "description": "Defaults to `true`.\n\nIf `true`, this resource will take exclusive control of the member groups that belong to the group and will set\nit equal to what is specified in the resource.\n\nIf set to `false`, this resource will simply ensure that the member groups specified in the resource are present\nin the group. When destroying the resource, the resource will ensure that the member groups specified in the resource\nare removed.\n" + "description": "Defaults to `true`.\n\nIf `true`, this resource will take exclusive control of the member groups that belong to the group and will set\nit equal to what is specified in the resource.\n\nIf set to `false`, this resource will simply ensure that the member groups specified in the resource are present \nin the group. When destroying the resource, the resource will ensure that the member groups specified in the resource\nare removed.\n" }, "groupId": { "type": "string", @@ -12878,7 +12878,7 @@ "properties": { "exclusive": { "type": "boolean", - "description": "Defaults to `true`.\n\nIf `true`, this resource will take exclusive control of the member groups that belong to the group and will set\nit equal to what is specified in the resource.\n\nIf set to `false`, this resource will simply ensure that the member groups specified in the resource are present\nin the group. When destroying the resource, the resource will ensure that the member groups specified in the resource\nare removed.\n" + "description": "Defaults to `true`.\n\nIf `true`, this resource will take exclusive control of the member groups that belong to the group and will set\nit equal to what is specified in the resource.\n\nIf set to `false`, this resource will simply ensure that the member groups specified in the resource are present \nin the group. When destroying the resource, the resource will ensure that the member groups specified in the resource\nare removed.\n" }, "groupId": { "type": "string", @@ -14996,7 +14996,7 @@ "items": { "type": "string" }, - "description": ": A comma-separated list of OCSP\nserver addresses. If unset, the OCSP server is determined from the\nAuthorityInformationAccess extension on the certificate being inspected.\nRequires Vault version 1.13+.\n" + "description": "A comma-separated list of OCSP\nserver addresses. If unset, the OCSP server is determined from the\nAuthorityInformationAccess extension on the certificate being inspected.\nRequires Vault version 1.13+.\n" }, "requiredExtensions": { "type": "array", @@ -15158,7 +15158,7 @@ "items": { "type": "string" }, - "description": ": A comma-separated list of OCSP\nserver addresses. If unset, the OCSP server is determined from the\nAuthorityInformationAccess extension on the certificate being inspected.\nRequires Vault version 1.13+.\n" + "description": "A comma-separated list of OCSP\nserver addresses. If unset, the OCSP server is determined from the\nAuthorityInformationAccess extension on the certificate being inspected.\nRequires Vault version 1.13+.\n" }, "requiredExtensions": { "type": "array", @@ -15310,7 +15310,7 @@ "items": { "type": "string" }, - "description": ": A comma-separated list of OCSP\nserver addresses. If unset, the OCSP server is determined from the\nAuthorityInformationAccess extension on the certificate being inspected.\nRequires Vault version 1.13+.\n" + "description": "A comma-separated list of OCSP\nserver addresses. If unset, the OCSP server is determined from the\nAuthorityInformationAccess extension on the certificate being inspected.\nRequires Vault version 1.13+.\n" }, "requiredExtensions": { "type": "array", @@ -15626,7 +15626,7 @@ }, "usernameFormat": { "type": "string", - "description": "`(string)` - A format string for mapping Identity names to MFA method names. \nValues to substitute should be placed in `{{}}`. For example, `\"{{alias.name}}@example.com\"`.\nIf blank, the Alias's Name field will be used as-is. Currently-supported mappings:\n- alias.name: The name returned by the mount configured via the `mount_accessor` parameter\n- entity.name: The name configured for the Entity\n- alias.metadata.`\u003ckey\u003e`: The value of the Alias's metadata parameter\n- entity.metadata.`\u003ckey\u003e`: The value of the Entity's metadata parameter\n" + "description": "`(string)` - A format string for mapping Identity names to MFA method names. \nValues to substitute should be placed in `{{}}`. For example, `\"{{alias.name}}@example.com\"`. \nIf blank, the Alias's Name field will be used as-is. Currently-supported mappings:\n- alias.name: The name returned by the mount configured via the `mount_accessor` parameter\n- entity.name: The name configured for the Entity\n- alias.metadata.`\u003ckey\u003e`: The value of the Alias's metadata parameter\n- entity.metadata.`\u003ckey\u003e`: The value of the Entity's metadata parameter\n" } }, "required": [ @@ -15674,7 +15674,7 @@ }, "usernameFormat": { "type": "string", - "description": "`(string)` - A format string for mapping Identity names to MFA method names. \nValues to substitute should be placed in `{{}}`. For example, `\"{{alias.name}}@example.com\"`.\nIf blank, the Alias's Name field will be used as-is. Currently-supported mappings:\n- alias.name: The name returned by the mount configured via the `mount_accessor` parameter\n- entity.name: The name configured for the Entity\n- alias.metadata.`\u003ckey\u003e`: The value of the Alias's metadata parameter\n- entity.metadata.`\u003ckey\u003e`: The value of the Entity's metadata parameter\n", + "description": "`(string)` - A format string for mapping Identity names to MFA method names. \nValues to substitute should be placed in `{{}}`. For example, `\"{{alias.name}}@example.com\"`. \nIf blank, the Alias's Name field will be used as-is. Currently-supported mappings:\n- alias.name: The name returned by the mount configured via the `mount_accessor` parameter\n- entity.name: The name configured for the Entity\n- alias.metadata.`\u003ckey\u003e`: The value of the Alias's metadata parameter\n- entity.metadata.`\u003ckey\u003e`: The value of the Entity's metadata parameter\n", "willReplaceOnChanges": true } }, @@ -15724,7 +15724,7 @@ }, "usernameFormat": { "type": "string", - "description": "`(string)` - A format string for mapping Identity names to MFA method names. \nValues to substitute should be placed in `{{}}`. For example, `\"{{alias.name}}@example.com\"`.\nIf blank, the Alias's Name field will be used as-is. Currently-supported mappings:\n- alias.name: The name returned by the mount configured via the `mount_accessor` parameter\n- entity.name: The name configured for the Entity\n- alias.metadata.`\u003ckey\u003e`: The value of the Alias's metadata parameter\n- entity.metadata.`\u003ckey\u003e`: The value of the Entity's metadata parameter\n", + "description": "`(string)` - A format string for mapping Identity names to MFA method names. \nValues to substitute should be placed in `{{}}`. For example, `\"{{alias.name}}@example.com\"`. \nIf blank, the Alias's Name field will be used as-is. Currently-supported mappings:\n- alias.name: The name returned by the mount configured via the `mount_accessor` parameter\n- entity.name: The name configured for the Entity\n- alias.metadata.`\u003ckey\u003e`: The value of the Alias's metadata parameter\n- entity.metadata.`\u003ckey\u003e`: The value of the Entity's metadata parameter\n", "willReplaceOnChanges": true } }, @@ -15780,7 +15780,7 @@ }, "usernameFormat": { "type": "string", - "description": "`(string)` - A format string for mapping Identity names to MFA method names. \nValues to substitute should be placed in `{{}}`. For example, `\"{{alias.name}}@example.com\"`.\nIf blank, the Alias's Name field will be used as-is. Currently-supported mappings:\n- alias.name: The name returned by the mount configured via the `mount_accessor` parameter\n- entity.name: The name configured for the Entity\n- alias.metadata.`\u003ckey\u003e`: The value of the Alias's metadata parameter\n- entity.metadata.`\u003ckey\u003e`: The value of the Entity's metadata parameter\n" + "description": "`(string)` - A format string for mapping Identity names to MFA method names. \nValues to substitute should be placed in `{{}}`. For example, `\"{{alias.name}}@example.com\"`. \nIf blank, the Alias's Name field will be used as-is. Currently-supported mappings:\n- alias.name: The name returned by the mount configured via the `mount_accessor` parameter\n- entity.name: The name configured for the Entity\n- alias.metadata.`\u003ckey\u003e`: The value of the Alias's metadata parameter\n- entity.metadata.`\u003ckey\u003e`: The value of the Entity's metadata parameter\n" } }, "required": [ @@ -15818,7 +15818,7 @@ }, "usernameFormat": { "type": "string", - "description": "`(string)` - A format string for mapping Identity names to MFA method names. \nValues to substitute should be placed in `{{}}`. For example, `\"{{alias.name}}@example.com\"`.\nIf blank, the Alias's Name field will be used as-is. Currently-supported mappings:\n- alias.name: The name returned by the mount configured via the `mount_accessor` parameter\n- entity.name: The name configured for the Entity\n- alias.metadata.`\u003ckey\u003e`: The value of the Alias's metadata parameter\n- entity.metadata.`\u003ckey\u003e`: The value of the Entity's metadata parameter\n", + "description": "`(string)` - A format string for mapping Identity names to MFA method names. \nValues to substitute should be placed in `{{}}`. For example, `\"{{alias.name}}@example.com\"`. \nIf blank, the Alias's Name field will be used as-is. Currently-supported mappings:\n- alias.name: The name returned by the mount configured via the `mount_accessor` parameter\n- entity.name: The name configured for the Entity\n- alias.metadata.`\u003ckey\u003e`: The value of the Alias's metadata parameter\n- entity.metadata.`\u003ckey\u003e`: The value of the Entity's metadata parameter\n", "willReplaceOnChanges": true } }, @@ -15879,7 +15879,7 @@ }, "usernameFormat": { "type": "string", - "description": "`(string)` - A format string for mapping Identity names to MFA method names. \nValues to substitute should be placed in `{{}}`. For example, `\"{{alias.name}}@example.com\"`.\nIf blank, the Alias's Name field will be used as-is. Currently-supported mappings:\n- alias.name: The name returned by the mount configured via the `mount_accessor` parameter\n- entity.name: The name configured for the Entity\n- alias.metadata.`\u003ckey\u003e`: The value of the Alias's metadata parameter\n- entity.metadata.`\u003ckey\u003e`: The value of the Entity's metadata parameter\n", + "description": "`(string)` - A format string for mapping Identity names to MFA method names. \nValues to substitute should be placed in `{{}}`. For example, `\"{{alias.name}}@example.com\"`. \nIf blank, the Alias's Name field will be used as-is. Currently-supported mappings:\n- alias.name: The name returned by the mount configured via the `mount_accessor` parameter\n- entity.name: The name configured for the Entity\n- alias.metadata.`\u003ckey\u003e`: The value of the Alias's metadata parameter\n- entity.metadata.`\u003ckey\u003e`: The value of the Entity's metadata parameter\n", "willReplaceOnChanges": true } }, @@ -17926,7 +17926,7 @@ }, "namespaceInState": { "type": "boolean", - "description": "Pass namespace in the OIDC state parameter instead of as a separate query parameter. With this setting, the allowed redirect URL(s) in Vault and on the provider side should not contain a namespace query parameter. This means only one redirect URL entry needs to be maintained on the OIDC provider side for all vault namespaces that will be authenticating against it. Defaults to true for new configs\n\n* tune - (Optional) Extra configuration block. Structure is documented below.\n\nThe `tune` block is used to tune the auth backend:\n" + "description": "Pass namespace in the OIDC state parameter instead of as a separate query parameter. With this setting, the allowed redirect URL(s) in Vault and on the provider side should not contain a namespace query parameter. This means only one redirect URL entry needs to be maintained on the OIDC provider side for all vault namespaces that will be authenticating against it. Defaults to true for new configs\n\n\n* tune - (Optional) Extra configuration block. Structure is documented below.\n\nThe `tune` block is used to tune the auth backend:\n" }, "oidcClientId": { "type": "string", @@ -18030,7 +18030,7 @@ }, "namespaceInState": { "type": "boolean", - "description": "Pass namespace in the OIDC state parameter instead of as a separate query parameter. With this setting, the allowed redirect URL(s) in Vault and on the provider side should not contain a namespace query parameter. This means only one redirect URL entry needs to be maintained on the OIDC provider side for all vault namespaces that will be authenticating against it. Defaults to true for new configs\n\n* tune - (Optional) Extra configuration block. Structure is documented below.\n\nThe `tune` block is used to tune the auth backend:\n" + "description": "Pass namespace in the OIDC state parameter instead of as a separate query parameter. With this setting, the allowed redirect URL(s) in Vault and on the provider side should not contain a namespace query parameter. This means only one redirect URL entry needs to be maintained on the OIDC provider side for all vault namespaces that will be authenticating against it. Defaults to true for new configs\n\n\n* tune - (Optional) Extra configuration block. Structure is documented below.\n\nThe `tune` block is used to tune the auth backend:\n" }, "oidcClientId": { "type": "string", @@ -18137,7 +18137,7 @@ }, "namespaceInState": { "type": "boolean", - "description": "Pass namespace in the OIDC state parameter instead of as a separate query parameter. With this setting, the allowed redirect URL(s) in Vault and on the provider side should not contain a namespace query parameter. This means only one redirect URL entry needs to be maintained on the OIDC provider side for all vault namespaces that will be authenticating against it. Defaults to true for new configs\n\n* tune - (Optional) Extra configuration block. Structure is documented below.\n\nThe `tune` block is used to tune the auth backend:\n" + "description": "Pass namespace in the OIDC state parameter instead of as a separate query parameter. With this setting, the allowed redirect URL(s) in Vault and on the provider side should not contain a namespace query parameter. This means only one redirect URL entry needs to be maintained on the OIDC provider side for all vault namespaces that will be authenticating against it. Defaults to true for new configs\n\n\n* tune - (Optional) Extra configuration block. Structure is documented below.\n\nThe `tune` block is used to tune the auth backend:\n" }, "oidcClientId": { "type": "string", @@ -18324,7 +18324,7 @@ }, "userClaimJsonPointer": { "type": "boolean", - "description": "Specifies if the `user_claim` value uses\n[JSON pointer](https://www.vaultproject.io/docs/auth/jwt#claim-specifications-and-json-pointer)\nsyntax for referencing claims. By default, the `user_claim` value will not use JSON pointer.\nRequires Vault 1.11+.\n" + "description": "Specifies if the `user_claim` value uses\n[JSON pointer](https://www.vaultproject.io/docs/auth/jwt#claim-specifications-and-json-pointer) \nsyntax for referencing claims. By default, the `user_claim` value will not use JSON pointer.\nRequires Vault 1.11+.\n" }, "verboseOidcLogging": { "type": "boolean", @@ -18473,7 +18473,7 @@ }, "userClaimJsonPointer": { "type": "boolean", - "description": "Specifies if the `user_claim` value uses\n[JSON pointer](https://www.vaultproject.io/docs/auth/jwt#claim-specifications-and-json-pointer)\nsyntax for referencing claims. By default, the `user_claim` value will not use JSON pointer.\nRequires Vault 1.11+.\n" + "description": "Specifies if the `user_claim` value uses\n[JSON pointer](https://www.vaultproject.io/docs/auth/jwt#claim-specifications-and-json-pointer) \nsyntax for referencing claims. By default, the `user_claim` value will not use JSON pointer.\nRequires Vault 1.11+.\n" }, "verboseOidcLogging": { "type": "boolean", @@ -18622,7 +18622,7 @@ }, "userClaimJsonPointer": { "type": "boolean", - "description": "Specifies if the `user_claim` value uses\n[JSON pointer](https://www.vaultproject.io/docs/auth/jwt#claim-specifications-and-json-pointer)\nsyntax for referencing claims. By default, the `user_claim` value will not use JSON pointer.\nRequires Vault 1.11+.\n" + "description": "Specifies if the `user_claim` value uses\n[JSON pointer](https://www.vaultproject.io/docs/auth/jwt#claim-specifications-and-json-pointer) \nsyntax for referencing claims. By default, the `user_claim` value will not use JSON pointer.\nRequires Vault 1.11+.\n" }, "verboseOidcLogging": { "type": "boolean", @@ -19663,11 +19663,11 @@ }, "kubernetesCaCert": { "type": "string", - "description": "A PEM-encoded CA certificate used by the \nsecrets engine to verify the Kubernetes API server certificate. Defaults to the local\npod’s CA if Vault is running in Kubernetes. Otherwise, defaults to the root CA set where\nVault is running.\n" + "description": "A PEM-encoded CA certificate used by the \nsecrets engine to verify the Kubernetes API server certificate. Defaults to the local \npod’s CA if Vault is running in Kubernetes. Otherwise, defaults to the root CA set where\nVault is running.\n" }, "kubernetesHost": { "type": "string", - "description": "The Kubernetes API URL to connect to. Required if the \nstandard pod environment variables `KUBERNETES_SERVICE_HOST` or `KUBERNETES_SERVICE_PORT`\nare not set on the host that Vault is running on.\n" + "description": "The Kubernetes API URL to connect to. Required if the \nstandard pod environment variables `KUBERNETES_SERVICE_HOST` or `KUBERNETES_SERVICE_PORT` \nare not set on the host that Vault is running on.\n" }, "local": { "type": "boolean", @@ -19698,7 +19698,7 @@ }, "serviceAccountJwt": { "type": "string", - "description": "The JSON web token of the service account used by the\nsecrets engine to manage Kubernetes credentials. Defaults to the local pod’s JWT if Vault\nis running in Kubernetes.\n", + "description": "The JSON web token of the service account used by the\nsecrets engine to manage Kubernetes credentials. Defaults to the local pod’s JWT if Vault \nis running in Kubernetes.\n", "secret": true } }, @@ -19753,11 +19753,11 @@ }, "kubernetesCaCert": { "type": "string", - "description": "A PEM-encoded CA certificate used by the \nsecrets engine to verify the Kubernetes API server certificate. Defaults to the local\npod’s CA if Vault is running in Kubernetes. Otherwise, defaults to the root CA set where\nVault is running.\n" + "description": "A PEM-encoded CA certificate used by the \nsecrets engine to verify the Kubernetes API server certificate. Defaults to the local \npod’s CA if Vault is running in Kubernetes. Otherwise, defaults to the root CA set where\nVault is running.\n" }, "kubernetesHost": { "type": "string", - "description": "The Kubernetes API URL to connect to. Required if the \nstandard pod environment variables `KUBERNETES_SERVICE_HOST` or `KUBERNETES_SERVICE_PORT`\nare not set on the host that Vault is running on.\n" + "description": "The Kubernetes API URL to connect to. Required if the \nstandard pod environment variables `KUBERNETES_SERVICE_HOST` or `KUBERNETES_SERVICE_PORT` \nare not set on the host that Vault is running on.\n" }, "local": { "type": "boolean", @@ -19791,7 +19791,7 @@ }, "serviceAccountJwt": { "type": "string", - "description": "The JSON web token of the service account used by the\nsecrets engine to manage Kubernetes credentials. Defaults to the local pod’s JWT if Vault\nis running in Kubernetes.\n", + "description": "The JSON web token of the service account used by the\nsecrets engine to manage Kubernetes credentials. Defaults to the local pod’s JWT if Vault \nis running in Kubernetes.\n", "secret": true } }, @@ -19846,11 +19846,11 @@ }, "kubernetesCaCert": { "type": "string", - "description": "A PEM-encoded CA certificate used by the \nsecrets engine to verify the Kubernetes API server certificate. Defaults to the local\npod’s CA if Vault is running in Kubernetes. Otherwise, defaults to the root CA set where\nVault is running.\n" + "description": "A PEM-encoded CA certificate used by the \nsecrets engine to verify the Kubernetes API server certificate. Defaults to the local \npod’s CA if Vault is running in Kubernetes. Otherwise, defaults to the root CA set where\nVault is running.\n" }, "kubernetesHost": { "type": "string", - "description": "The Kubernetes API URL to connect to. Required if the \nstandard pod environment variables `KUBERNETES_SERVICE_HOST` or `KUBERNETES_SERVICE_PORT`\nare not set on the host that Vault is running on.\n" + "description": "The Kubernetes API URL to connect to. Required if the \nstandard pod environment variables `KUBERNETES_SERVICE_HOST` or `KUBERNETES_SERVICE_PORT` \nare not set on the host that Vault is running on.\n" }, "local": { "type": "boolean", @@ -19884,7 +19884,7 @@ }, "serviceAccountJwt": { "type": "string", - "description": "The JSON web token of the service account used by the\nsecrets engine to manage Kubernetes credentials. Defaults to the local pod’s JWT if Vault\nis running in Kubernetes.\n", + "description": "The JSON web token of the service account used by the\nsecrets engine to manage Kubernetes credentials. Defaults to the local pod’s JWT if Vault \nis running in Kubernetes.\n", "secret": true } }, @@ -19921,11 +19921,11 @@ }, "generatedRoleRules": { "type": "string", - "description": "The Role or ClusterRole rules to use when generating \na role. Accepts either JSON or YAML formatted rules. Mutually exclusive with `service_account_name`\nand `kubernetes_role_name`. If set, the entire chain of Kubernetes objects will be generated\nwhen credentials are requested.\n" + "description": "The Role or ClusterRole rules to use when generating \na role. Accepts either JSON or YAML formatted rules. Mutually exclusive with `service_account_name` \nand `kubernetes_role_name`. If set, the entire chain of Kubernetes objects will be generated \nwhen credentials are requested.\n" }, "kubernetesRoleName": { "type": "string", - "description": "The pre-existing Role or ClusterRole to bind a \ngenerated service account to. Mutually exclusive with `service_account_name` and\n`generated_role_rules`. If set, Kubernetes token, service account, and role\nbinding objects will be created when credentials are requested.\n" + "description": "The pre-existing Role or ClusterRole to bind a \ngenerated service account to. Mutually exclusive with `service_account_name` and \n`generated_role_rules`. If set, Kubernetes token, service account, and role \nbinding objects will be created when credentials are requested.\n" }, "kubernetesRoleType": { "type": "string", @@ -19990,11 +19990,11 @@ }, "generatedRoleRules": { "type": "string", - "description": "The Role or ClusterRole rules to use when generating \na role. Accepts either JSON or YAML formatted rules. Mutually exclusive with `service_account_name`\nand `kubernetes_role_name`. If set, the entire chain of Kubernetes objects will be generated\nwhen credentials are requested.\n" + "description": "The Role or ClusterRole rules to use when generating \na role. Accepts either JSON or YAML formatted rules. Mutually exclusive with `service_account_name` \nand `kubernetes_role_name`. If set, the entire chain of Kubernetes objects will be generated \nwhen credentials are requested.\n" }, "kubernetesRoleName": { "type": "string", - "description": "The pre-existing Role or ClusterRole to bind a \ngenerated service account to. Mutually exclusive with `service_account_name` and\n`generated_role_rules`. If set, Kubernetes token, service account, and role\nbinding objects will be created when credentials are requested.\n" + "description": "The pre-existing Role or ClusterRole to bind a \ngenerated service account to. Mutually exclusive with `service_account_name` and \n`generated_role_rules`. If set, Kubernetes token, service account, and role \nbinding objects will be created when credentials are requested.\n" }, "kubernetesRoleType": { "type": "string", @@ -20062,11 +20062,11 @@ }, "generatedRoleRules": { "type": "string", - "description": "The Role or ClusterRole rules to use when generating \na role. Accepts either JSON or YAML formatted rules. Mutually exclusive with `service_account_name`\nand `kubernetes_role_name`. If set, the entire chain of Kubernetes objects will be generated\nwhen credentials are requested.\n" + "description": "The Role or ClusterRole rules to use when generating \na role. Accepts either JSON or YAML formatted rules. Mutually exclusive with `service_account_name` \nand `kubernetes_role_name`. If set, the entire chain of Kubernetes objects will be generated \nwhen credentials are requested.\n" }, "kubernetesRoleName": { "type": "string", - "description": "The pre-existing Role or ClusterRole to bind a \ngenerated service account to. Mutually exclusive with `service_account_name` and\n`generated_role_rules`. If set, Kubernetes token, service account, and role\nbinding objects will be created when credentials are requested.\n" + "description": "The pre-existing Role or ClusterRole to bind a \ngenerated service account to. Mutually exclusive with `service_account_name` and \n`generated_role_rules`. If set, Kubernetes token, service account, and role \nbinding objects will be created when credentials are requested.\n" }, "kubernetesRoleType": { "type": "string", @@ -24286,7 +24286,7 @@ }, "keyBits": { "type": "integer", - "description": "Specifies the number of bits to use for the generated keys. \nAllowed values are 0 (universal default); with `key_type=rsa`, allowed values are:\n2048 (default), 3072, or 4096; with `key_type=ec`, allowed values are: 224, 256 (default),\n384, or 521; ignored with `key_type=ed25519`.\n" + "description": "Specifies the number of bits to use for the generated keys. \nAllowed values are 0 (universal default); with `key_type=rsa`, allowed values are:\n2048 (default), 3072, or 4096; with `key_type=ec`, allowed values are: 224, 256 (default), \n384, or 521; ignored with `key_type=ed25519`.\n" }, "keyId": { "type": "string", @@ -24332,7 +24332,7 @@ }, "keyBits": { "type": "integer", - "description": "Specifies the number of bits to use for the generated keys. \nAllowed values are 0 (universal default); with `key_type=rsa`, allowed values are:\n2048 (default), 3072, or 4096; with `key_type=ec`, allowed values are: 224, 256 (default),\n384, or 521; ignored with `key_type=ed25519`.\n", + "description": "Specifies the number of bits to use for the generated keys. \nAllowed values are 0 (universal default); with `key_type=rsa`, allowed values are:\n2048 (default), 3072, or 4096; with `key_type=ec`, allowed values are: 224, 256 (default), \n384, or 521; ignored with `key_type=ed25519`.\n", "willReplaceOnChanges": true }, "keyName": { @@ -24377,7 +24377,7 @@ }, "keyBits": { "type": "integer", - "description": "Specifies the number of bits to use for the generated keys. \nAllowed values are 0 (universal default); with `key_type=rsa`, allowed values are:\n2048 (default), 3072, or 4096; with `key_type=ec`, allowed values are: 224, 256 (default),\n384, or 521; ignored with `key_type=ed25519`.\n", + "description": "Specifies the number of bits to use for the generated keys. \nAllowed values are 0 (universal default); with `key_type=rsa`, allowed values are:\n2048 (default), 3072, or 4096; with `key_type=ec`, allowed values are: 224, 256 (default), \n384, or 521; ignored with `key_type=ed25519`.\n", "willReplaceOnChanges": true }, "keyId": { @@ -26772,7 +26772,7 @@ }, "verboseLogging": { "type": "boolean", - "description": "If set to `true`, logs additional, potentially sensitive\ninformation during the SAML exchange according to the current logging level. Not\nrecommended for production.\n" + "description": "If set to `true`, logs additional, potentially sensitive\ninformation during the SAML exchange according to the current logging level. Not \nrecommended for production.\n" } }, "required": [ @@ -26828,7 +26828,7 @@ }, "verboseLogging": { "type": "boolean", - "description": "If set to `true`, logs additional, potentially sensitive\ninformation during the SAML exchange according to the current logging level. Not\nrecommended for production.\n" + "description": "If set to `true`, logs additional, potentially sensitive\ninformation during the SAML exchange according to the current logging level. Not \nrecommended for production.\n" } }, "requiredInputs": [ @@ -26885,7 +26885,7 @@ }, "verboseLogging": { "type": "boolean", - "description": "If set to `true`, logs additional, potentially sensitive\ninformation during the SAML exchange according to the current logging level. Not\nrecommended for production.\n" + "description": "If set to `true`, logs additional, potentially sensitive\ninformation during the SAML exchange according to the current logging level. Not \nrecommended for production.\n" } }, "type": "object" @@ -27297,14 +27297,14 @@ "items": { "$ref": "#/types/vault:ssh/SecretBackendRoleAllowedUserKeyConfig:SecretBackendRoleAllowedUserKeyConfig" }, - "description": "Set of configuration blocks to define allowed \nuser key configuration, like key type and their lengths. Can be specified multiple times.\n*See Configuration-Options for more info*\n" + "description": "Set of configuration blocks to define allowed \nuser key configuration, like key type and their lengths. Can be specified multiple times. \n*See Configuration-Options for more info*\n" }, "allowedUserKeyLengths": { "type": "object", "additionalProperties": { "type": "integer" }, - "description": "Specifies a map of ssh key types and their expected sizes which \nare allowed to be signed by the CA type.\n*Deprecated: use* allowed_user_key_config *instead*\n", + "description": "Specifies a map of ssh key types and their expected sizes which \nare allowed to be signed by the CA type. \n*Deprecated: use* allowed_user_key_config *instead*\n", "deprecationMessage": "Set in allowed_user_key_config" }, "allowedUsers": { @@ -27430,14 +27430,14 @@ "items": { "$ref": "#/types/vault:ssh/SecretBackendRoleAllowedUserKeyConfig:SecretBackendRoleAllowedUserKeyConfig" }, - "description": "Set of configuration blocks to define allowed \nuser key configuration, like key type and their lengths. Can be specified multiple times.\n*See Configuration-Options for more info*\n" + "description": "Set of configuration blocks to define allowed \nuser key configuration, like key type and their lengths. Can be specified multiple times. \n*See Configuration-Options for more info*\n" }, "allowedUserKeyLengths": { "type": "object", "additionalProperties": { "type": "integer" }, - "description": "Specifies a map of ssh key types and their expected sizes which \nare allowed to be signed by the CA type.\n*Deprecated: use* allowed_user_key_config *instead*\n", + "description": "Specifies a map of ssh key types and their expected sizes which \nare allowed to be signed by the CA type. \n*Deprecated: use* allowed_user_key_config *instead*\n", "deprecationMessage": "Set in allowed_user_key_config" }, "allowedUsers": { @@ -27562,14 +27562,14 @@ "items": { "$ref": "#/types/vault:ssh/SecretBackendRoleAllowedUserKeyConfig:SecretBackendRoleAllowedUserKeyConfig" }, - "description": "Set of configuration blocks to define allowed \nuser key configuration, like key type and their lengths. Can be specified multiple times.\n*See Configuration-Options for more info*\n" + "description": "Set of configuration blocks to define allowed \nuser key configuration, like key type and their lengths. Can be specified multiple times. \n*See Configuration-Options for more info*\n" }, "allowedUserKeyLengths": { "type": "object", "additionalProperties": { "type": "integer" }, - "description": "Specifies a map of ssh key types and their expected sizes which \nare allowed to be signed by the CA type.\n*Deprecated: use* allowed_user_key_config *instead*\n", + "description": "Specifies a map of ssh key types and their expected sizes which \nare allowed to be signed by the CA type. \n*Deprecated: use* allowed_user_key_config *instead*\n", "deprecationMessage": "Set in allowed_user_key_config" }, "allowedUsers": { @@ -29427,7 +29427,7 @@ }, "environment": { "type": "string", - "description": "The Azure environment to use during credential validation.\nDefaults to the environment configured in the Vault backend.\nSome possible values: `AzurePublicCloud`, `AzureGovernmentCloud`\n*See the caveats section for more information on this field.*\n" + "description": "The Azure environment to use during credential validation.\nDefaults to the environment configured in the Vault backend.\nSome possible values: `AzurePublicCloud`, `AzureGovernmentCloud` \n*See the caveats section for more information on this field.*\n" }, "maxCredValidationSeconds": { "type": "integer", @@ -29444,7 +29444,7 @@ }, "numSequentialSuccesses": { "type": "integer", - "description": "If 'validate_creds' is true, \nthe number of sequential successes required to validate generated\ncredentials. Defaults to 8.\n" + "description": "If 'validate_creds' is true, \nthe number of sequential successes required to validate generated \ncredentials. Defaults to 8.\n" }, "role": { "type": "string", @@ -29452,15 +29452,15 @@ }, "subscriptionId": { "type": "string", - "description": "The subscription ID to use during credential\nvalidation. Defaults to the subscription ID configured in the Vault `backend`.\n*See the caveats section for more information on this field.*\n" + "description": "The subscription ID to use during credential\nvalidation. Defaults to the subscription ID configured in the Vault `backend`. \n*See the caveats section for more information on this field.*\n" }, "tenantId": { "type": "string", - "description": "The tenant ID to use during credential validation.\nDefaults to the tenant ID configured in the Vault `backend`.\n*See the caveats section for more information on this field.*\n" + "description": "The tenant ID to use during credential validation.\nDefaults to the tenant ID configured in the Vault `backend`. \n*See the caveats section for more information on this field.*\n" }, "validateCreds": { "type": "boolean", - "description": "Whether generated credentials should be \nvalidated before being returned. Defaults to `false`, which returns\ncredentials without checking whether they have fully propagated throughout\nAzure Active Directory. Designating `true` activates testing.\n" + "description": "Whether generated credentials should be \nvalidated before being returned. Defaults to `false`, which returns \ncredentials without checking whether they have fully propagated throughout\nAzure Active Directory. Designating `true` activates testing.\n" } }, "type": "object", diff --git a/provider/go.mod b/provider/go.mod index 62a7778bf..4ebc51cc4 100644 --- a/provider/go.mod +++ b/provider/go.mod @@ -4,7 +4,7 @@ go 1.21.3 require ( github.com/hashicorp/terraform-provider-vault v0.0.0 - github.com/pulumi/pulumi-terraform-bridge/v3 v3.65.0 + github.com/pulumi/pulumi-terraform-bridge/v3 v3.65.1-0.20231117214246-27a2e69fd393 github.com/pulumi/pulumi/sdk/v3 v3.93.0 ) @@ -247,6 +247,7 @@ require ( github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb // indirect github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect github.com/xeipuuv/gojsonschema v1.2.0 // indirect + github.com/yuin/goldmark v1.5.2 // indirect github.com/zclconf/go-cty v1.14.0 // indirect go.opencensus.io v0.24.0 // indirect go.uber.org/atomic v1.10.0 // indirect diff --git a/provider/go.sum b/provider/go.sum index 19d391468..b33104172 100644 --- a/provider/go.sum +++ b/provider/go.sum @@ -2460,8 +2460,8 @@ github.com/pulumi/pulumi-java/pkg v0.9.8 h1:c8mYsalnRXA2Ibgvv6scefOn6mW1Vb0UT0mc github.com/pulumi/pulumi-java/pkg v0.9.8/go.mod h1:c6rSw/+q4O0IImgJ9axxoC6QesbPYWBaG5gimbHouUQ= github.com/pulumi/pulumi-terraform-bridge/testing v0.0.1 h1:SCg1gjfY9N4yn8U8peIUYATifjoDABkyR7H9lmefsfc= github.com/pulumi/pulumi-terraform-bridge/testing v0.0.1/go.mod h1:7OeUPH8rpt5ipyj9EFcnXpuzQ8SHL0dyqdfa8nOacdk= -github.com/pulumi/pulumi-terraform-bridge/v3 v3.65.0 h1:uZGU4J23ABm6BYDSbzVJjVHzuilVHyKxetUI7k7SZBg= -github.com/pulumi/pulumi-terraform-bridge/v3 v3.65.0/go.mod h1:xs+jm130x0f6wl99ACQIagAU4m/TP0+cTO+qARnDYAE= +github.com/pulumi/pulumi-terraform-bridge/v3 v3.65.1-0.20231117214246-27a2e69fd393 h1:IrfEll9HsamlhmvJMJAdNFGV6Ytk67lb5cuDtNGRcQM= +github.com/pulumi/pulumi-terraform-bridge/v3 v3.65.1-0.20231117214246-27a2e69fd393/go.mod h1:nD6WrXZnT15wXDnZWwci6BblExOaz3oRlCYYzCN34do= github.com/pulumi/pulumi-terraform-bridge/x/muxer v0.0.4 h1:rIzMmtcVpPX8ynaz6/nW5AHNY63DiNfCohqmxWvMpM4= github.com/pulumi/pulumi-terraform-bridge/x/muxer v0.0.4/go.mod h1:Kt8RIZWa/N8rW3+0g6NrqCBmF3o+HuIhFaZpssEkG6w= github.com/pulumi/pulumi-yaml v1.4.0 h1:vIm+F18aPXqHcgCZcD+PCEtA96Fbs96wHoW8RPVxJfk= @@ -2711,6 +2711,8 @@ github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9dec github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= github.com/yuin/goldmark v1.4.1/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= +github.com/yuin/goldmark v1.5.2 h1:ALmeCk/px5FSm1MAcFBAsVKZjDuMVj8Tm7FFIlMJnqU= +github.com/yuin/goldmark v1.5.2/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= github.com/yvasiyarov/go-metrics v0.0.0-20140926110328-57bccd1ccd43/go.mod h1:aX5oPXxHm3bOH+xeAttToC8pqch2ScQN/JoXYupl6xs= github.com/yvasiyarov/gorelic v0.0.0-20141212073537-a9bba5b9ab50/go.mod h1:NUSPSUX/bi6SeDMUh6brw0nXpxHnc96TguQh0+r/ssA= github.com/yvasiyarov/newrelic_platform_go v0.0.0-20140908184405-b21fdbd4370f/go.mod h1:GlGEuHIJweS1mbCqG+7vt2nvWLzLLnRHbXz5JKd/Qbg= diff --git a/sdk/dotnet/Aws/AuthBackendClient.cs b/sdk/dotnet/Aws/AuthBackendClient.cs index 9d51b69f8..438be1dac 100644 --- a/sdk/dotnet/Aws/AuthBackendClient.cs +++ b/sdk/dotnet/Aws/AuthBackendClient.cs @@ -116,7 +116,7 @@ public partial class AuthBackendClient : global::Pulumi.CustomResource /// Available in Vault v1.15+. If set, /// overrides both `sts_endpoint` and `sts_region` to instead use the region /// specified in the client request headers for IAM-based authentication. - /// This can be useful when you have client requests coming from different + /// This can be useful when you have client requests coming from different /// regions and want flexibility in which regional STS API is used. /// [Output("useStsRegionFromClient")] @@ -263,7 +263,7 @@ public Input? SecretKey /// Available in Vault v1.15+. If set, /// overrides both `sts_endpoint` and `sts_region` to instead use the region /// specified in the client request headers for IAM-based authentication. - /// This can be useful when you have client requests coming from different + /// This can be useful when you have client requests coming from different /// regions and want flexibility in which regional STS API is used. /// [Input("useStsRegionFromClient")] @@ -367,7 +367,7 @@ public Input? SecretKey /// Available in Vault v1.15+. If set, /// overrides both `sts_endpoint` and `sts_region` to instead use the region /// specified in the client request headers for IAM-based authentication. - /// This can be useful when you have client requests coming from different + /// This can be useful when you have client requests coming from different /// regions and want flexibility in which regional STS API is used. /// [Input("useStsRegionFromClient")] diff --git a/sdk/dotnet/Aws/SecretBackendRole.cs b/sdk/dotnet/Aws/SecretBackendRole.cs index 523b79d86..f6a4ddc6b 100644 --- a/sdk/dotnet/Aws/SecretBackendRole.cs +++ b/sdk/dotnet/Aws/SecretBackendRole.cs @@ -119,8 +119,8 @@ public partial class SecretBackendRole : global::Pulumi.CustomResource /// /// The ARN of the AWS Permissions - /// Boundary to attach to IAM users created in the role. Valid only when - /// `credential_type` is `iam_user`. If not specified, then no permissions boundary + /// Boundary to attach to IAM users created in the role. Valid only when + /// `credential_type` is `iam_user`. If not specified, then no permissions boundary /// policy will be attached. /// [Output("permissionsBoundaryArn")] @@ -277,8 +277,8 @@ public InputList IamGroups /// /// The ARN of the AWS Permissions - /// Boundary to attach to IAM users created in the role. Valid only when - /// `credential_type` is `iam_user`. If not specified, then no permissions boundary + /// Boundary to attach to IAM users created in the role. Valid only when + /// `credential_type` is `iam_user`. If not specified, then no permissions boundary /// policy will be attached. /// [Input("permissionsBoundaryArn")] @@ -409,8 +409,8 @@ public InputList IamGroups /// /// The ARN of the AWS Permissions - /// Boundary to attach to IAM users created in the role. Valid only when - /// `credential_type` is `iam_user`. If not specified, then no permissions boundary + /// Boundary to attach to IAM users created in the role. Valid only when + /// `credential_type` is `iam_user`. If not specified, then no permissions boundary /// policy will be attached. /// [Input("permissionsBoundaryArn")] diff --git a/sdk/dotnet/Azure/Backend.cs b/sdk/dotnet/Azure/Backend.cs index 151dc956d..94a391e39 100644 --- a/sdk/dotnet/Azure/Backend.cs +++ b/sdk/dotnet/Azure/Backend.cs @@ -60,13 +60,13 @@ namespace Pulumi.Vault.Azure public partial class Backend : global::Pulumi.CustomResource { /// - /// The OAuth2 client id to connect to Azure. + /// (`string:""`) - The OAuth2 client id to connect to Azure. /// [Output("clientId")] public Output ClientId { get; private set; } = null!; /// - /// The OAuth2 client secret to connect to Azure. + /// (`string:""`) - The OAuth2 client secret to connect to Azure. /// [Output("clientSecret")] public Output ClientSecret { get; private set; } = null!; @@ -85,7 +85,7 @@ public partial class Backend : global::Pulumi.CustomResource public Output DisableRemount { get; private set; } = null!; /// - /// The Azure environment. + /// (`string:""`) - The Azure environment. /// [Output("environment")] public Output Environment { get; private set; } = null!; @@ -100,26 +100,26 @@ public partial class Backend : global::Pulumi.CustomResource public Output Namespace { get; private set; } = null!; /// - /// The unique path this backend should be mounted at. Defaults to `azure`. + /// (`string: <optional>`) - The unique path this backend should be mounted at. Defaults to `azure`. /// [Output("path")] public Output Path { get; private set; } = null!; /// - /// The subscription id for the Azure Active Directory. + /// (`string: <required>`) - The subscription id for the Azure Active Directory. /// [Output("subscriptionId")] public Output SubscriptionId { get; private set; } = null!; /// - /// The tenant id for the Azure Active Directory. + /// (`string: <required>`) - The tenant id for the Azure Active Directory. /// [Output("tenantId")] public Output TenantId { get; private set; } = null!; /// - /// Indicates whether the secrets engine should use - /// the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. + /// (`bool: <optional>`) - Indicates whether the secrets engine should use + /// the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. /// For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api) /// [Output("useMicrosoftGraphApi")] @@ -182,7 +182,7 @@ public sealed class BackendArgs : global::Pulumi.ResourceArgs private Input? _clientId; /// - /// The OAuth2 client id to connect to Azure. + /// (`string:""`) - The OAuth2 client id to connect to Azure. /// public Input? ClientId { @@ -198,7 +198,7 @@ public Input? ClientId private Input? _clientSecret; /// - /// The OAuth2 client secret to connect to Azure. + /// (`string:""`) - The OAuth2 client secret to connect to Azure. /// public Input? ClientSecret { @@ -224,7 +224,7 @@ public Input? ClientSecret public Input? DisableRemount { get; set; } /// - /// The Azure environment. + /// (`string:""`) - The Azure environment. /// [Input("environment")] public Input? Environment { get; set; } @@ -239,7 +239,7 @@ public Input? ClientSecret public Input? Namespace { get; set; } /// - /// The unique path this backend should be mounted at. Defaults to `azure`. + /// (`string: <optional>`) - The unique path this backend should be mounted at. Defaults to `azure`. /// [Input("path")] public Input? Path { get; set; } @@ -248,7 +248,7 @@ public Input? ClientSecret private Input? _subscriptionId; /// - /// The subscription id for the Azure Active Directory. + /// (`string: <required>`) - The subscription id for the Azure Active Directory. /// public Input? SubscriptionId { @@ -264,7 +264,7 @@ public Input? SubscriptionId private Input? _tenantId; /// - /// The tenant id for the Azure Active Directory. + /// (`string: <required>`) - The tenant id for the Azure Active Directory. /// public Input? TenantId { @@ -277,8 +277,8 @@ public Input? TenantId } /// - /// Indicates whether the secrets engine should use - /// the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. + /// (`bool: <optional>`) - Indicates whether the secrets engine should use + /// the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. /// For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api) /// [Input("useMicrosoftGraphApi")] @@ -296,7 +296,7 @@ public sealed class BackendState : global::Pulumi.ResourceArgs private Input? _clientId; /// - /// The OAuth2 client id to connect to Azure. + /// (`string:""`) - The OAuth2 client id to connect to Azure. /// public Input? ClientId { @@ -312,7 +312,7 @@ public Input? ClientId private Input? _clientSecret; /// - /// The OAuth2 client secret to connect to Azure. + /// (`string:""`) - The OAuth2 client secret to connect to Azure. /// public Input? ClientSecret { @@ -338,7 +338,7 @@ public Input? ClientSecret public Input? DisableRemount { get; set; } /// - /// The Azure environment. + /// (`string:""`) - The Azure environment. /// [Input("environment")] public Input? Environment { get; set; } @@ -353,7 +353,7 @@ public Input? ClientSecret public Input? Namespace { get; set; } /// - /// The unique path this backend should be mounted at. Defaults to `azure`. + /// (`string: <optional>`) - The unique path this backend should be mounted at. Defaults to `azure`. /// [Input("path")] public Input? Path { get; set; } @@ -362,7 +362,7 @@ public Input? ClientSecret private Input? _subscriptionId; /// - /// The subscription id for the Azure Active Directory. + /// (`string: <required>`) - The subscription id for the Azure Active Directory. /// public Input? SubscriptionId { @@ -378,7 +378,7 @@ public Input? SubscriptionId private Input? _tenantId; /// - /// The tenant id for the Azure Active Directory. + /// (`string: <required>`) - The tenant id for the Azure Active Directory. /// public Input? TenantId { @@ -391,8 +391,8 @@ public Input? TenantId } /// - /// Indicates whether the secrets engine should use - /// the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. + /// (`bool: <optional>`) - Indicates whether the secrets engine should use + /// the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. /// For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api) /// [Input("useMicrosoftGraphApi")] diff --git a/sdk/dotnet/Azure/GetAccessCredentials.cs b/sdk/dotnet/Azure/GetAccessCredentials.cs index f616efef8..c4ea0c426 100644 --- a/sdk/dotnet/Azure/GetAccessCredentials.cs +++ b/sdk/dotnet/Azure/GetAccessCredentials.cs @@ -95,7 +95,7 @@ public sealed class GetAccessCredentialsArgs : global::Pulumi.InvokeArgs /// /// The Azure environment to use during credential validation. /// Defaults to the environment configured in the Vault backend. - /// Some possible values: `AzurePublicCloud`, `AzureGovernmentCloud` + /// Some possible values: `AzurePublicCloud`, `AzureGovernmentCloud` /// *See the caveats section for more information on this field.* /// [Input("environment")] @@ -128,7 +128,7 @@ public sealed class GetAccessCredentialsArgs : global::Pulumi.InvokeArgs /// /// If 'validate_creds' is true, - /// the number of sequential successes required to validate generated + /// the number of sequential successes required to validate generated /// credentials. Defaults to 8. /// [Input("numSequentialSuccesses")] @@ -143,7 +143,7 @@ public sealed class GetAccessCredentialsArgs : global::Pulumi.InvokeArgs /// /// The subscription ID to use during credential - /// validation. Defaults to the subscription ID configured in the Vault `backend`. + /// validation. Defaults to the subscription ID configured in the Vault `backend`. /// *See the caveats section for more information on this field.* /// [Input("subscriptionId")] @@ -151,7 +151,7 @@ public sealed class GetAccessCredentialsArgs : global::Pulumi.InvokeArgs /// /// The tenant ID to use during credential validation. - /// Defaults to the tenant ID configured in the Vault `backend`. + /// Defaults to the tenant ID configured in the Vault `backend`. /// *See the caveats section for more information on this field.* /// [Input("tenantId")] @@ -159,7 +159,7 @@ public sealed class GetAccessCredentialsArgs : global::Pulumi.InvokeArgs /// /// Whether generated credentials should be - /// validated before being returned. Defaults to `false`, which returns + /// validated before being returned. Defaults to `false`, which returns /// credentials without checking whether they have fully propagated throughout /// Azure Active Directory. Designating `true` activates testing. /// @@ -184,7 +184,7 @@ public sealed class GetAccessCredentialsInvokeArgs : global::Pulumi.InvokeArgs /// /// The Azure environment to use during credential validation. /// Defaults to the environment configured in the Vault backend. - /// Some possible values: `AzurePublicCloud`, `AzureGovernmentCloud` + /// Some possible values: `AzurePublicCloud`, `AzureGovernmentCloud` /// *See the caveats section for more information on this field.* /// [Input("environment")] @@ -217,7 +217,7 @@ public sealed class GetAccessCredentialsInvokeArgs : global::Pulumi.InvokeArgs /// /// If 'validate_creds' is true, - /// the number of sequential successes required to validate generated + /// the number of sequential successes required to validate generated /// credentials. Defaults to 8. /// [Input("numSequentialSuccesses")] @@ -232,7 +232,7 @@ public sealed class GetAccessCredentialsInvokeArgs : global::Pulumi.InvokeArgs /// /// The subscription ID to use during credential - /// validation. Defaults to the subscription ID configured in the Vault `backend`. + /// validation. Defaults to the subscription ID configured in the Vault `backend`. /// *See the caveats section for more information on this field.* /// [Input("subscriptionId")] @@ -240,7 +240,7 @@ public sealed class GetAccessCredentialsInvokeArgs : global::Pulumi.InvokeArgs /// /// The tenant ID to use during credential validation. - /// Defaults to the tenant ID configured in the Vault `backend`. + /// Defaults to the tenant ID configured in the Vault `backend`. /// *See the caveats section for more information on this field.* /// [Input("tenantId")] @@ -248,7 +248,7 @@ public sealed class GetAccessCredentialsInvokeArgs : global::Pulumi.InvokeArgs /// /// Whether generated credentials should be - /// validated before being returned. Defaults to `false`, which returns + /// validated before being returned. Defaults to `false`, which returns /// credentials without checking whether they have fully propagated throughout /// Azure Active Directory. Designating `true` activates testing. /// diff --git a/sdk/dotnet/CertAuthBackendRole.cs b/sdk/dotnet/CertAuthBackendRole.cs index 84c05e858..f3be85ac5 100644 --- a/sdk/dotnet/CertAuthBackendRole.cs +++ b/sdk/dotnet/CertAuthBackendRole.cs @@ -159,7 +159,7 @@ public partial class CertAuthBackendRole : global::Pulumi.CustomResource public Output OcspQueryAllServers { get; private set; } = null!; /// - /// : A comma-separated list of OCSP + /// A comma-separated list of OCSP /// server addresses. If unset, the OCSP server is determined from the /// AuthorityInformationAccess extension on the certificate being inspected. /// Requires Vault version 1.13+. @@ -445,7 +445,7 @@ public InputList AllowedUriSans private InputList? _ocspServersOverrides; /// - /// : A comma-separated list of OCSP + /// A comma-separated list of OCSP /// server addresses. If unset, the OCSP server is determined from the /// AuthorityInformationAccess extension on the certificate being inspected. /// Requires Vault version 1.13+. @@ -714,7 +714,7 @@ public InputList AllowedUriSans private InputList? _ocspServersOverrides; /// - /// : A comma-separated list of OCSP + /// A comma-separated list of OCSP /// server addresses. If unset, the OCSP server is determined from the /// AuthorityInformationAccess extension on the certificate being inspected. /// Requires Vault version 1.13+. diff --git a/sdk/dotnet/Database/Inputs/SecretsMountMssqlArgs.cs b/sdk/dotnet/Database/Inputs/SecretsMountMssqlArgs.cs index 635d89b10..091d1d2fc 100644 --- a/sdk/dotnet/Database/Inputs/SecretsMountMssqlArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretsMountMssqlArgs.cs @@ -34,7 +34,7 @@ public InputList AllowedRoles /// /// For Vault v1.9+. Set to true when the target is a - /// Contained Database, e.g. AzureSQL. + /// Contained Database, e.g. AzureSQL. /// See [Vault docs](https://www.vaultproject.io/api/secret/databases/mssql#contained_db) /// [Input("containedDb")] diff --git a/sdk/dotnet/Database/Inputs/SecretsMountMssqlGetArgs.cs b/sdk/dotnet/Database/Inputs/SecretsMountMssqlGetArgs.cs index e69f225fe..f6df00586 100644 --- a/sdk/dotnet/Database/Inputs/SecretsMountMssqlGetArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretsMountMssqlGetArgs.cs @@ -34,7 +34,7 @@ public InputList AllowedRoles /// /// For Vault v1.9+. Set to true when the target is a - /// Contained Database, e.g. AzureSQL. + /// Contained Database, e.g. AzureSQL. /// See [Vault docs](https://www.vaultproject.io/api/secret/databases/mssql#contained_db) /// [Input("containedDb")] diff --git a/sdk/dotnet/Database/Outputs/SecretsMountMssql.cs b/sdk/dotnet/Database/Outputs/SecretsMountMssql.cs index b7f1896cf..e1ca8e10d 100644 --- a/sdk/dotnet/Database/Outputs/SecretsMountMssql.cs +++ b/sdk/dotnet/Database/Outputs/SecretsMountMssql.cs @@ -25,7 +25,7 @@ public sealed class SecretsMountMssql public readonly string? ConnectionUrl; /// /// For Vault v1.9+. Set to true when the target is a - /// Contained Database, e.g. AzureSQL. + /// Contained Database, e.g. AzureSQL. /// See [Vault docs](https://www.vaultproject.io/api/secret/databases/mssql#contained_db) /// public readonly bool? ContainedDb; diff --git a/sdk/dotnet/Generic/Endpoint.cs b/sdk/dotnet/Generic/Endpoint.cs index 5af0a5b9c..a0ee581d2 100644 --- a/sdk/dotnet/Generic/Endpoint.cs +++ b/sdk/dotnet/Generic/Endpoint.cs @@ -110,7 +110,7 @@ public partial class Endpoint : global::Pulumi.CustomResource public Output DataJson { get; private set; } = null!; /// - /// - (Optional) True/false. Set this to true if your + /// True/false. Set this to true if your /// vault authentication is not able to delete the data or if the endpoint /// does not support the `DELETE` method. Defaults to false. /// @@ -128,7 +128,7 @@ public partial class Endpoint : global::Pulumi.CustomResource public Output DisableRead { get; private set; } = null!; /// - /// - (Optional) True/false. If set to true, + /// True/false. If set to true, /// ignore any fields present when the endpoint is read but that were not /// in `data_json`. Also, if a field that was written is not returned when /// the endpoint is read, treat that field as being up to date. You should @@ -175,7 +175,7 @@ public partial class Endpoint : global::Pulumi.CustomResource public Output WriteDataJson { get; private set; } = null!; /// - /// - (Optional). A list of fields that should be returned + /// . A list of fields that should be returned /// in `write_data_json` and `write_data`. If omitted, data returned by /// the write operation is not available to the resource or included in /// state. This helps to avoid accidental storage of sensitive values in @@ -254,7 +254,7 @@ public Input? DataJson } /// - /// - (Optional) True/false. Set this to true if your + /// True/false. Set this to true if your /// vault authentication is not able to delete the data or if the endpoint /// does not support the `DELETE` method. Defaults to false. /// @@ -272,7 +272,7 @@ public Input? DataJson public Input? DisableRead { get; set; } /// - /// - (Optional) True/false. If set to true, + /// True/false. If set to true, /// ignore any fields present when the endpoint is read but that were not /// in `data_json`. Also, if a field that was written is not returned when /// the endpoint is read, treat that field as being up to date. You should @@ -305,7 +305,7 @@ public Input? DataJson private InputList? _writeFields; /// - /// - (Optional). A list of fields that should be returned + /// . A list of fields that should be returned /// in `write_data_json` and `write_data`. If omitted, data returned by /// the write operation is not available to the resource or included in /// state. This helps to avoid accidental storage of sensitive values in @@ -345,7 +345,7 @@ public Input? DataJson } /// - /// - (Optional) True/false. Set this to true if your + /// True/false. Set this to true if your /// vault authentication is not able to delete the data or if the endpoint /// does not support the `DELETE` method. Defaults to false. /// @@ -363,7 +363,7 @@ public Input? DataJson public Input? DisableRead { get; set; } /// - /// - (Optional) True/false. If set to true, + /// True/false. If set to true, /// ignore any fields present when the endpoint is read but that were not /// in `data_json`. Also, if a field that was written is not returned when /// the endpoint is read, treat that field as being up to date. You should @@ -419,7 +419,7 @@ public InputMap WriteData private InputList? _writeFields; /// - /// - (Optional). A list of fields that should be returned + /// . A list of fields that should be returned /// in `write_data_json` and `write_data`. If omitted, data returned by /// the write operation is not available to the resource or included in /// state. This helps to avoid accidental storage of sensitive values in diff --git a/sdk/dotnet/Identity/GroupMemberGroupIds.cs b/sdk/dotnet/Identity/GroupMemberGroupIds.cs index 96195efd1..dea6e94a3 100644 --- a/sdk/dotnet/Identity/GroupMemberGroupIds.cs +++ b/sdk/dotnet/Identity/GroupMemberGroupIds.cs @@ -105,7 +105,7 @@ public partial class GroupMemberGroupIds : global::Pulumi.CustomResource /// If `true`, this resource will take exclusive control of the member groups that belong to the group and will set /// it equal to what is specified in the resource. /// - /// If set to `false`, this resource will simply ensure that the member groups specified in the resource are present + /// If set to `false`, this resource will simply ensure that the member groups specified in the resource are present /// in the group. When destroying the resource, the resource will ensure that the member groups specified in the resource /// are removed. /// @@ -185,7 +185,7 @@ public sealed class GroupMemberGroupIdsArgs : global::Pulumi.ResourceArgs /// If `true`, this resource will take exclusive control of the member groups that belong to the group and will set /// it equal to what is specified in the resource. /// - /// If set to `false`, this resource will simply ensure that the member groups specified in the resource are present + /// If set to `false`, this resource will simply ensure that the member groups specified in the resource are present /// in the group. When destroying the resource, the resource will ensure that the member groups specified in the resource /// are removed. /// @@ -233,7 +233,7 @@ public sealed class GroupMemberGroupIdsState : global::Pulumi.ResourceArgs /// If `true`, this resource will take exclusive control of the member groups that belong to the group and will set /// it equal to what is specified in the resource. /// - /// If set to `false`, this resource will simply ensure that the member groups specified in the resource are present + /// If set to `false`, this resource will simply ensure that the member groups specified in the resource are present /// in the group. When destroying the resource, the resource will ensure that the member groups specified in the resource /// are removed. /// diff --git a/sdk/dotnet/Jwt/AuthBackend.cs b/sdk/dotnet/Jwt/AuthBackend.cs index 0ae83746d..a72a3b363 100644 --- a/sdk/dotnet/Jwt/AuthBackend.cs +++ b/sdk/dotnet/Jwt/AuthBackend.cs @@ -181,6 +181,7 @@ public partial class AuthBackend : global::Pulumi.CustomResource /// /// Pass namespace in the OIDC state parameter instead of as a separate query parameter. With this setting, the allowed redirect URL(s) in Vault and on the provider side should not contain a namespace query parameter. This means only one redirect URL entry needs to be maintained on the OIDC provider side for all vault namespaces that will be authenticating against it. Defaults to true for new configs /// + /// /// * tune - (Optional) Extra configuration block. Structure is documented below. /// /// The `tune` block is used to tune the auth backend: @@ -374,6 +375,7 @@ public InputList JwtValidationPubkeys /// /// Pass namespace in the OIDC state parameter instead of as a separate query parameter. With this setting, the allowed redirect URL(s) in Vault and on the provider side should not contain a namespace query parameter. This means only one redirect URL entry needs to be maintained on the OIDC provider side for all vault namespaces that will be authenticating against it. Defaults to true for new configs /// + /// /// * tune - (Optional) Extra configuration block. Structure is documented below. /// /// The `tune` block is used to tune the auth backend: @@ -553,6 +555,7 @@ public InputList JwtValidationPubkeys /// /// Pass namespace in the OIDC state parameter instead of as a separate query parameter. With this setting, the allowed redirect URL(s) in Vault and on the provider side should not contain a namespace query parameter. This means only one redirect URL entry needs to be maintained on the OIDC provider side for all vault namespaces that will be authenticating against it. Defaults to true for new configs /// + /// /// * tune - (Optional) Extra configuration block. Structure is documented below. /// /// The `tune` block is used to tune the auth backend: diff --git a/sdk/dotnet/Jwt/AuthBackendRole.cs b/sdk/dotnet/Jwt/AuthBackendRole.cs index 468c9da73..5086017a0 100644 --- a/sdk/dotnet/Jwt/AuthBackendRole.cs +++ b/sdk/dotnet/Jwt/AuthBackendRole.cs @@ -311,7 +311,7 @@ public partial class AuthBackendRole : global::Pulumi.CustomResource /// /// Specifies if the `user_claim` value uses - /// [JSON pointer](https://www.vaultproject.io/docs/auth/jwt#claim-specifications-and-json-pointer) + /// [JSON pointer](https://www.vaultproject.io/docs/auth/jwt#claim-specifications-and-json-pointer) /// syntax for referencing claims. By default, the `user_claim` value will not use JSON pointer. /// Requires Vault 1.11+. /// @@ -621,7 +621,7 @@ public InputList TokenPolicies /// /// Specifies if the `user_claim` value uses - /// [JSON pointer](https://www.vaultproject.io/docs/auth/jwt#claim-specifications-and-json-pointer) + /// [JSON pointer](https://www.vaultproject.io/docs/auth/jwt#claim-specifications-and-json-pointer) /// syntax for referencing claims. By default, the `user_claim` value will not use JSON pointer. /// Requires Vault 1.11+. /// @@ -893,7 +893,7 @@ public InputList TokenPolicies /// /// Specifies if the `user_claim` value uses - /// [JSON pointer](https://www.vaultproject.io/docs/auth/jwt#claim-specifications-and-json-pointer) + /// [JSON pointer](https://www.vaultproject.io/docs/auth/jwt#claim-specifications-and-json-pointer) /// syntax for referencing claims. By default, the `user_claim` value will not use JSON pointer. /// Requires Vault 1.11+. /// diff --git a/sdk/dotnet/Kubernetes/SecretBackend.cs b/sdk/dotnet/Kubernetes/SecretBackend.cs index b50d39cbc..afb4e5c59 100644 --- a/sdk/dotnet/Kubernetes/SecretBackend.cs +++ b/sdk/dotnet/Kubernetes/SecretBackend.cs @@ -98,7 +98,7 @@ public partial class SecretBackend : global::Pulumi.CustomResource /// /// A PEM-encoded CA certificate used by the - /// secrets engine to verify the Kubernetes API server certificate. Defaults to the local + /// secrets engine to verify the Kubernetes API server certificate. Defaults to the local /// pod’s CA if Vault is running in Kubernetes. Otherwise, defaults to the root CA set where /// Vault is running. /// @@ -107,7 +107,7 @@ public partial class SecretBackend : global::Pulumi.CustomResource /// /// The Kubernetes API URL to connect to. Required if the - /// standard pod environment variables `KUBERNETES_SERVICE_HOST` or `KUBERNETES_SERVICE_PORT` + /// standard pod environment variables `KUBERNETES_SERVICE_HOST` or `KUBERNETES_SERVICE_PORT` /// are not set on the host that Vault is running on. /// [Output("kubernetesHost")] @@ -154,7 +154,7 @@ public partial class SecretBackend : global::Pulumi.CustomResource /// /// The JSON web token of the service account used by the - /// secrets engine to manage Kubernetes credentials. Defaults to the local pod’s JWT if Vault + /// secrets engine to manage Kubernetes credentials. Defaults to the local pod’s JWT if Vault /// is running in Kubernetes. /// [Output("serviceAccountJwt")] @@ -273,7 +273,7 @@ public InputList AuditNonHmacResponseKeys /// /// A PEM-encoded CA certificate used by the - /// secrets engine to verify the Kubernetes API server certificate. Defaults to the local + /// secrets engine to verify the Kubernetes API server certificate. Defaults to the local /// pod’s CA if Vault is running in Kubernetes. Otherwise, defaults to the root CA set where /// Vault is running. /// @@ -282,7 +282,7 @@ public InputList AuditNonHmacResponseKeys /// /// The Kubernetes API URL to connect to. Required if the - /// standard pod environment variables `KUBERNETES_SERVICE_HOST` or `KUBERNETES_SERVICE_PORT` + /// standard pod environment variables `KUBERNETES_SERVICE_HOST` or `KUBERNETES_SERVICE_PORT` /// are not set on the host that Vault is running on. /// [Input("kubernetesHost")] @@ -338,7 +338,7 @@ public InputMap Options /// /// The JSON web token of the service account used by the - /// secrets engine to manage Kubernetes credentials. Defaults to the local pod’s JWT if Vault + /// secrets engine to manage Kubernetes credentials. Defaults to the local pod’s JWT if Vault /// is running in Kubernetes. /// public Input? ServiceAccountJwt @@ -428,7 +428,7 @@ public InputList AuditNonHmacResponseKeys /// /// A PEM-encoded CA certificate used by the - /// secrets engine to verify the Kubernetes API server certificate. Defaults to the local + /// secrets engine to verify the Kubernetes API server certificate. Defaults to the local /// pod’s CA if Vault is running in Kubernetes. Otherwise, defaults to the root CA set where /// Vault is running. /// @@ -437,7 +437,7 @@ public InputList AuditNonHmacResponseKeys /// /// The Kubernetes API URL to connect to. Required if the - /// standard pod environment variables `KUBERNETES_SERVICE_HOST` or `KUBERNETES_SERVICE_PORT` + /// standard pod environment variables `KUBERNETES_SERVICE_HOST` or `KUBERNETES_SERVICE_PORT` /// are not set on the host that Vault is running on. /// [Input("kubernetesHost")] @@ -493,7 +493,7 @@ public InputMap Options /// /// The JSON web token of the service account used by the - /// secrets engine to manage Kubernetes credentials. Defaults to the local pod’s JWT if Vault + /// secrets engine to manage Kubernetes credentials. Defaults to the local pod’s JWT if Vault /// is running in Kubernetes. /// public Input? ServiceAccountJwt diff --git a/sdk/dotnet/Kubernetes/SecretBackendRole.cs b/sdk/dotnet/Kubernetes/SecretBackendRole.cs index 203fdb6e3..7cd42d875 100644 --- a/sdk/dotnet/Kubernetes/SecretBackendRole.cs +++ b/sdk/dotnet/Kubernetes/SecretBackendRole.cs @@ -198,8 +198,8 @@ public partial class SecretBackendRole : global::Pulumi.CustomResource /// /// The Role or ClusterRole rules to use when generating - /// a role. Accepts either JSON or YAML formatted rules. Mutually exclusive with `service_account_name` - /// and `kubernetes_role_name`. If set, the entire chain of Kubernetes objects will be generated + /// a role. Accepts either JSON or YAML formatted rules. Mutually exclusive with `service_account_name` + /// and `kubernetes_role_name`. If set, the entire chain of Kubernetes objects will be generated /// when credentials are requested. /// [Output("generatedRoleRules")] @@ -207,8 +207,8 @@ public partial class SecretBackendRole : global::Pulumi.CustomResource /// /// The pre-existing Role or ClusterRole to bind a - /// generated service account to. Mutually exclusive with `service_account_name` and - /// `generated_role_rules`. If set, Kubernetes token, service account, and role + /// generated service account to. Mutually exclusive with `service_account_name` and + /// `generated_role_rules`. If set, Kubernetes token, service account, and role /// binding objects will be created when credentials are requested. /// [Output("kubernetesRoleName")] @@ -359,8 +359,8 @@ public InputMap ExtraLabels /// /// The Role or ClusterRole rules to use when generating - /// a role. Accepts either JSON or YAML formatted rules. Mutually exclusive with `service_account_name` - /// and `kubernetes_role_name`. If set, the entire chain of Kubernetes objects will be generated + /// a role. Accepts either JSON or YAML formatted rules. Mutually exclusive with `service_account_name` + /// and `kubernetes_role_name`. If set, the entire chain of Kubernetes objects will be generated /// when credentials are requested. /// [Input("generatedRoleRules")] @@ -368,8 +368,8 @@ public InputMap ExtraLabels /// /// The pre-existing Role or ClusterRole to bind a - /// generated service account to. Mutually exclusive with `service_account_name` and - /// `generated_role_rules`. If set, Kubernetes token, service account, and role + /// generated service account to. Mutually exclusive with `service_account_name` and + /// `generated_role_rules`. If set, Kubernetes token, service account, and role /// binding objects will be created when credentials are requested. /// [Input("kubernetesRoleName")] @@ -482,8 +482,8 @@ public InputMap ExtraLabels /// /// The Role or ClusterRole rules to use when generating - /// a role. Accepts either JSON or YAML formatted rules. Mutually exclusive with `service_account_name` - /// and `kubernetes_role_name`. If set, the entire chain of Kubernetes objects will be generated + /// a role. Accepts either JSON or YAML formatted rules. Mutually exclusive with `service_account_name` + /// and `kubernetes_role_name`. If set, the entire chain of Kubernetes objects will be generated /// when credentials are requested. /// [Input("generatedRoleRules")] @@ -491,8 +491,8 @@ public InputMap ExtraLabels /// /// The pre-existing Role or ClusterRole to bind a - /// generated service account to. Mutually exclusive with `service_account_name` and - /// `generated_role_rules`. If set, Kubernetes token, service account, and role + /// generated service account to. Mutually exclusive with `service_account_name` and + /// `generated_role_rules`. If set, Kubernetes token, service account, and role /// binding objects will be created when credentials are requested. /// [Input("kubernetesRoleName")] diff --git a/sdk/dotnet/MfaOkta.cs b/sdk/dotnet/MfaOkta.cs index 494d7a46a..95f27f3d8 100644 --- a/sdk/dotnet/MfaOkta.cs +++ b/sdk/dotnet/MfaOkta.cs @@ -102,7 +102,7 @@ public partial class MfaOkta : global::Pulumi.CustomResource /// /// `(string)` - A format string for mapping Identity names to MFA method names. - /// Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`. + /// Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`. /// If blank, the Alias's Name field will be used as-is. Currently-supported mappings: /// - alias.name: The name returned by the mount configured via the `mount_accessor` parameter /// - entity.name: The name configured for the Entity @@ -222,7 +222,7 @@ public Input? ApiToken /// /// `(string)` - A format string for mapping Identity names to MFA method names. - /// Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`. + /// Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`. /// If blank, the Alias's Name field will be used as-is. Currently-supported mappings: /// - alias.name: The name returned by the mount configured via the `mount_accessor` parameter /// - entity.name: The name configured for the Entity @@ -300,7 +300,7 @@ public Input? ApiToken /// /// `(string)` - A format string for mapping Identity names to MFA method names. - /// Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`. + /// Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`. /// If blank, the Alias's Name field will be used as-is. Currently-supported mappings: /// - alias.name: The name returned by the mount configured via the `mount_accessor` parameter /// - entity.name: The name configured for the Entity diff --git a/sdk/dotnet/MfaPingid.cs b/sdk/dotnet/MfaPingid.cs index c3f065a51..79bd26c87 100644 --- a/sdk/dotnet/MfaPingid.cs +++ b/sdk/dotnet/MfaPingid.cs @@ -126,7 +126,7 @@ public partial class MfaPingid : global::Pulumi.CustomResource /// /// `(string)` - A format string for mapping Identity names to MFA method names. - /// Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`. + /// Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`. /// If blank, the Alias's Name field will be used as-is. Currently-supported mappings: /// - alias.name: The name returned by the mount configured via the `mount_accessor` parameter /// - entity.name: The name configured for the Entity @@ -213,7 +213,7 @@ public sealed class MfaPingidArgs : global::Pulumi.ResourceArgs /// /// `(string)` - A format string for mapping Identity names to MFA method names. - /// Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`. + /// Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`. /// If blank, the Alias's Name field will be used as-is. Currently-supported mappings: /// - alias.name: The name returned by the mount configured via the `mount_accessor` parameter /// - entity.name: The name configured for the Entity @@ -304,7 +304,7 @@ public sealed class MfaPingidState : global::Pulumi.ResourceArgs /// /// `(string)` - A format string for mapping Identity names to MFA method names. - /// Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`. + /// Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`. /// If blank, the Alias's Name field will be used as-is. Currently-supported mappings: /// - alias.name: The name returned by the mount configured via the `mount_accessor` parameter /// - entity.name: The name configured for the Entity diff --git a/sdk/dotnet/PkiSecret/SecretBackendKey.cs b/sdk/dotnet/PkiSecret/SecretBackendKey.cs index 0bd642709..f483dae53 100644 --- a/sdk/dotnet/PkiSecret/SecretBackendKey.cs +++ b/sdk/dotnet/PkiSecret/SecretBackendKey.cs @@ -32,7 +32,7 @@ public partial class SecretBackendKey : global::Pulumi.CustomResource /// /// Specifies the number of bits to use for the generated keys. /// Allowed values are 0 (universal default); with `key_type=rsa`, allowed values are: - /// 2048 (default), 3072, or 4096; with `key_type=ec`, allowed values are: 224, 256 (default), + /// 2048 (default), 3072, or 4096; with `key_type=ec`, allowed values are: 224, 256 (default), /// 384, or 521; ignored with `key_type=ed25519`. /// [Output("keyBits")] @@ -139,7 +139,7 @@ public sealed class SecretBackendKeyArgs : global::Pulumi.ResourceArgs /// /// Specifies the number of bits to use for the generated keys. /// Allowed values are 0 (universal default); with `key_type=rsa`, allowed values are: - /// 2048 (default), 3072, or 4096; with `key_type=ec`, allowed values are: 224, 256 (default), + /// 2048 (default), 3072, or 4096; with `key_type=ec`, allowed values are: 224, 256 (default), /// 384, or 521; ignored with `key_type=ed25519`. /// [Input("keyBits")] @@ -202,7 +202,7 @@ public sealed class SecretBackendKeyState : global::Pulumi.ResourceArgs /// /// Specifies the number of bits to use for the generated keys. /// Allowed values are 0 (universal default); with `key_type=rsa`, allowed values are: - /// 2048 (default), 3072, or 4096; with `key_type=ec`, allowed values are: 224, 256 (default), + /// 2048 (default), 3072, or 4096; with `key_type=ec`, allowed values are: 224, 256 (default), /// 384, or 521; ignored with `key_type=ed25519`. /// [Input("keyBits")] diff --git a/sdk/dotnet/Saml/AuthBackend.cs b/sdk/dotnet/Saml/AuthBackend.cs index 89e90dcd4..2743f82ef 100644 --- a/sdk/dotnet/Saml/AuthBackend.cs +++ b/sdk/dotnet/Saml/AuthBackend.cs @@ -121,7 +121,7 @@ public partial class AuthBackend : global::Pulumi.CustomResource /// /// If set to `true`, logs additional, potentially sensitive - /// information during the SAML exchange according to the current logging level. Not + /// information during the SAML exchange according to the current logging level. Not /// recommended for production. /// [Output("verboseLogging")] @@ -250,7 +250,7 @@ public InputList AcsUrls /// /// If set to `true`, logs additional, potentially sensitive - /// information during the SAML exchange according to the current logging level. Not + /// information during the SAML exchange according to the current logging level. Not /// recommended for production. /// [Input("verboseLogging")] @@ -341,7 +341,7 @@ public InputList AcsUrls /// /// If set to `true`, logs additional, potentially sensitive - /// information during the SAML exchange according to the current logging level. Not + /// information during the SAML exchange according to the current logging level. Not /// recommended for production. /// [Input("verboseLogging")] diff --git a/sdk/dotnet/Ssh/Inputs/SecretBackendRoleAllowedUserKeyConfigArgs.cs b/sdk/dotnet/Ssh/Inputs/SecretBackendRoleAllowedUserKeyConfigArgs.cs index fade21b16..85f2fa37f 100644 --- a/sdk/dotnet/Ssh/Inputs/SecretBackendRoleAllowedUserKeyConfigArgs.cs +++ b/sdk/dotnet/Ssh/Inputs/SecretBackendRoleAllowedUserKeyConfigArgs.cs @@ -41,7 +41,7 @@ public InputList Lengths /// /// The SSH public key type. - /// *Supported key types are:* + /// *Supported key types are:* /// `rsa`, `ecdsa`, `ec`, `dsa`, `ed25519`, `ssh-rsa`, `ssh-dss`, `ssh-ed25519`, /// `ecdsa-sha2-nistp256`, `ecdsa-sha2-nistp384`, `ecdsa-sha2-nistp521` /// diff --git a/sdk/dotnet/Ssh/Inputs/SecretBackendRoleAllowedUserKeyConfigGetArgs.cs b/sdk/dotnet/Ssh/Inputs/SecretBackendRoleAllowedUserKeyConfigGetArgs.cs index d50400946..5b5617726 100644 --- a/sdk/dotnet/Ssh/Inputs/SecretBackendRoleAllowedUserKeyConfigGetArgs.cs +++ b/sdk/dotnet/Ssh/Inputs/SecretBackendRoleAllowedUserKeyConfigGetArgs.cs @@ -41,7 +41,7 @@ public InputList Lengths /// /// The SSH public key type. - /// *Supported key types are:* + /// *Supported key types are:* /// `rsa`, `ecdsa`, `ec`, `dsa`, `ed25519`, `ssh-rsa`, `ssh-dss`, `ssh-ed25519`, /// `ecdsa-sha2-nistp256`, `ecdsa-sha2-nistp384`, `ecdsa-sha2-nistp521` /// diff --git a/sdk/dotnet/Ssh/Outputs/SecretBackendRoleAllowedUserKeyConfig.cs b/sdk/dotnet/Ssh/Outputs/SecretBackendRoleAllowedUserKeyConfig.cs index f7949f476..f969d73a1 100644 --- a/sdk/dotnet/Ssh/Outputs/SecretBackendRoleAllowedUserKeyConfig.cs +++ b/sdk/dotnet/Ssh/Outputs/SecretBackendRoleAllowedUserKeyConfig.cs @@ -34,7 +34,7 @@ public sealed class SecretBackendRoleAllowedUserKeyConfig public readonly ImmutableArray Lengths; /// /// The SSH public key type. - /// *Supported key types are:* + /// *Supported key types are:* /// `rsa`, `ecdsa`, `ec`, `dsa`, `ed25519`, `ssh-rsa`, `ssh-dss`, `ssh-ed25519`, /// `ecdsa-sha2-nistp256`, `ecdsa-sha2-nistp384`, `ecdsa-sha2-nistp521` /// diff --git a/sdk/dotnet/Ssh/SecretBackendRole.cs b/sdk/dotnet/Ssh/SecretBackendRole.cs index 2a354ac50..3663ec753 100644 --- a/sdk/dotnet/Ssh/SecretBackendRole.cs +++ b/sdk/dotnet/Ssh/SecretBackendRole.cs @@ -121,7 +121,7 @@ public partial class SecretBackendRole : global::Pulumi.CustomResource /// /// Set of configuration blocks to define allowed - /// user key configuration, like key type and their lengths. Can be specified multiple times. + /// user key configuration, like key type and their lengths. Can be specified multiple times. /// *See Configuration-Options for more info* /// [Output("allowedUserKeyConfigs")] @@ -129,7 +129,7 @@ public partial class SecretBackendRole : global::Pulumi.CustomResource /// /// Specifies a map of ssh key types and their expected sizes which - /// are allowed to be signed by the CA type. + /// are allowed to be signed by the CA type. /// *Deprecated: use* allowed_user_key_config *instead* /// [Output("allowedUserKeyLengths")] @@ -341,7 +341,7 @@ public sealed class SecretBackendRoleArgs : global::Pulumi.ResourceArgs /// /// Set of configuration blocks to define allowed - /// user key configuration, like key type and their lengths. Can be specified multiple times. + /// user key configuration, like key type and their lengths. Can be specified multiple times. /// *See Configuration-Options for more info* /// public InputList AllowedUserKeyConfigs @@ -355,7 +355,7 @@ public InputList AllowedUserKe /// /// Specifies a map of ssh key types and their expected sizes which - /// are allowed to be signed by the CA type. + /// are allowed to be signed by the CA type. /// *Deprecated: use* allowed_user_key_config *instead* /// [Obsolete(@"Set in allowed_user_key_config")] @@ -545,7 +545,7 @@ public sealed class SecretBackendRoleState : global::Pulumi.ResourceArgs /// /// Set of configuration blocks to define allowed - /// user key configuration, like key type and their lengths. Can be specified multiple times. + /// user key configuration, like key type and their lengths. Can be specified multiple times. /// *See Configuration-Options for more info* /// public InputList AllowedUserKeyConfigs @@ -559,7 +559,7 @@ public InputList AllowedUse /// /// Specifies a map of ssh key types and their expected sizes which - /// are allowed to be signed by the CA type. + /// are allowed to be signed by the CA type. /// *Deprecated: use* allowed_user_key_config *instead* /// [Obsolete(@"Set in allowed_user_key_config")] diff --git a/sdk/go/vault/azure/backend.go b/sdk/go/vault/azure/backend.go index 807b156db..d0b5d502c 100644 --- a/sdk/go/vault/azure/backend.go +++ b/sdk/go/vault/azure/backend.go @@ -76,29 +76,29 @@ import ( type Backend struct { pulumi.CustomResourceState - // The OAuth2 client id to connect to Azure. + // (`string:""`) - The OAuth2 client id to connect to Azure. ClientId pulumi.StringPtrOutput `pulumi:"clientId"` - // The OAuth2 client secret to connect to Azure. + // (`string:""`) - The OAuth2 client secret to connect to Azure. ClientSecret pulumi.StringPtrOutput `pulumi:"clientSecret"` // Human-friendly description of the mount for the backend. Description pulumi.StringPtrOutput `pulumi:"description"` // If set, opts out of mount migration on path updates. // See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration) DisableRemount pulumi.BoolPtrOutput `pulumi:"disableRemount"` - // The Azure environment. + // (`string:""`) - The Azure environment. Environment pulumi.StringPtrOutput `pulumi:"environment"` // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrOutput `pulumi:"namespace"` - // The unique path this backend should be mounted at. Defaults to `azure`. + // (`string: `) - The unique path this backend should be mounted at. Defaults to `azure`. Path pulumi.StringPtrOutput `pulumi:"path"` - // The subscription id for the Azure Active Directory. + // (`string: `) - The subscription id for the Azure Active Directory. SubscriptionId pulumi.StringOutput `pulumi:"subscriptionId"` - // The tenant id for the Azure Active Directory. + // (`string: `) - The tenant id for the Azure Active Directory. TenantId pulumi.StringOutput `pulumi:"tenantId"` - // Indicates whether the secrets engine should use + // (`bool: `) - Indicates whether the secrets engine should use // the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. // For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api) UseMicrosoftGraphApi pulumi.BoolOutput `pulumi:"useMicrosoftGraphApi"` @@ -159,58 +159,58 @@ func GetBackend(ctx *pulumi.Context, // Input properties used for looking up and filtering Backend resources. type backendState struct { - // The OAuth2 client id to connect to Azure. + // (`string:""`) - The OAuth2 client id to connect to Azure. ClientId *string `pulumi:"clientId"` - // The OAuth2 client secret to connect to Azure. + // (`string:""`) - The OAuth2 client secret to connect to Azure. ClientSecret *string `pulumi:"clientSecret"` // Human-friendly description of the mount for the backend. Description *string `pulumi:"description"` // If set, opts out of mount migration on path updates. // See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration) DisableRemount *bool `pulumi:"disableRemount"` - // The Azure environment. + // (`string:""`) - The Azure environment. Environment *string `pulumi:"environment"` // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). // *Available only for Vault Enterprise*. Namespace *string `pulumi:"namespace"` - // The unique path this backend should be mounted at. Defaults to `azure`. + // (`string: `) - The unique path this backend should be mounted at. Defaults to `azure`. Path *string `pulumi:"path"` - // The subscription id for the Azure Active Directory. + // (`string: `) - The subscription id for the Azure Active Directory. SubscriptionId *string `pulumi:"subscriptionId"` - // The tenant id for the Azure Active Directory. + // (`string: `) - The tenant id for the Azure Active Directory. TenantId *string `pulumi:"tenantId"` - // Indicates whether the secrets engine should use + // (`bool: `) - Indicates whether the secrets engine should use // the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. // For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api) UseMicrosoftGraphApi *bool `pulumi:"useMicrosoftGraphApi"` } type BackendState struct { - // The OAuth2 client id to connect to Azure. + // (`string:""`) - The OAuth2 client id to connect to Azure. ClientId pulumi.StringPtrInput - // The OAuth2 client secret to connect to Azure. + // (`string:""`) - The OAuth2 client secret to connect to Azure. ClientSecret pulumi.StringPtrInput // Human-friendly description of the mount for the backend. Description pulumi.StringPtrInput // If set, opts out of mount migration on path updates. // See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration) DisableRemount pulumi.BoolPtrInput - // The Azure environment. + // (`string:""`) - The Azure environment. Environment pulumi.StringPtrInput // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrInput - // The unique path this backend should be mounted at. Defaults to `azure`. + // (`string: `) - The unique path this backend should be mounted at. Defaults to `azure`. Path pulumi.StringPtrInput - // The subscription id for the Azure Active Directory. + // (`string: `) - The subscription id for the Azure Active Directory. SubscriptionId pulumi.StringPtrInput - // The tenant id for the Azure Active Directory. + // (`string: `) - The tenant id for the Azure Active Directory. TenantId pulumi.StringPtrInput - // Indicates whether the secrets engine should use + // (`bool: `) - Indicates whether the secrets engine should use // the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. // For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api) UseMicrosoftGraphApi pulumi.BoolPtrInput @@ -221,29 +221,29 @@ func (BackendState) ElementType() reflect.Type { } type backendArgs struct { - // The OAuth2 client id to connect to Azure. + // (`string:""`) - The OAuth2 client id to connect to Azure. ClientId *string `pulumi:"clientId"` - // The OAuth2 client secret to connect to Azure. + // (`string:""`) - The OAuth2 client secret to connect to Azure. ClientSecret *string `pulumi:"clientSecret"` // Human-friendly description of the mount for the backend. Description *string `pulumi:"description"` // If set, opts out of mount migration on path updates. // See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration) DisableRemount *bool `pulumi:"disableRemount"` - // The Azure environment. + // (`string:""`) - The Azure environment. Environment *string `pulumi:"environment"` // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). // *Available only for Vault Enterprise*. Namespace *string `pulumi:"namespace"` - // The unique path this backend should be mounted at. Defaults to `azure`. + // (`string: `) - The unique path this backend should be mounted at. Defaults to `azure`. Path *string `pulumi:"path"` - // The subscription id for the Azure Active Directory. + // (`string: `) - The subscription id for the Azure Active Directory. SubscriptionId string `pulumi:"subscriptionId"` - // The tenant id for the Azure Active Directory. + // (`string: `) - The tenant id for the Azure Active Directory. TenantId string `pulumi:"tenantId"` - // Indicates whether the secrets engine should use + // (`bool: `) - Indicates whether the secrets engine should use // the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. // For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api) UseMicrosoftGraphApi *bool `pulumi:"useMicrosoftGraphApi"` @@ -251,29 +251,29 @@ type backendArgs struct { // The set of arguments for constructing a Backend resource. type BackendArgs struct { - // The OAuth2 client id to connect to Azure. + // (`string:""`) - The OAuth2 client id to connect to Azure. ClientId pulumi.StringPtrInput - // The OAuth2 client secret to connect to Azure. + // (`string:""`) - The OAuth2 client secret to connect to Azure. ClientSecret pulumi.StringPtrInput // Human-friendly description of the mount for the backend. Description pulumi.StringPtrInput // If set, opts out of mount migration on path updates. // See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration) DisableRemount pulumi.BoolPtrInput - // The Azure environment. + // (`string:""`) - The Azure environment. Environment pulumi.StringPtrInput // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrInput - // The unique path this backend should be mounted at. Defaults to `azure`. + // (`string: `) - The unique path this backend should be mounted at. Defaults to `azure`. Path pulumi.StringPtrInput - // The subscription id for the Azure Active Directory. + // (`string: `) - The subscription id for the Azure Active Directory. SubscriptionId pulumi.StringInput - // The tenant id for the Azure Active Directory. + // (`string: `) - The tenant id for the Azure Active Directory. TenantId pulumi.StringInput - // Indicates whether the secrets engine should use + // (`bool: `) - Indicates whether the secrets engine should use // the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. // For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api) UseMicrosoftGraphApi pulumi.BoolPtrInput @@ -366,12 +366,12 @@ func (o BackendOutput) ToBackendOutputWithContext(ctx context.Context) BackendOu return o } -// The OAuth2 client id to connect to Azure. +// (`string:""`) - The OAuth2 client id to connect to Azure. func (o BackendOutput) ClientId() pulumi.StringPtrOutput { return o.ApplyT(func(v *Backend) pulumi.StringPtrOutput { return v.ClientId }).(pulumi.StringPtrOutput) } -// The OAuth2 client secret to connect to Azure. +// (`string:""`) - The OAuth2 client secret to connect to Azure. func (o BackendOutput) ClientSecret() pulumi.StringPtrOutput { return o.ApplyT(func(v *Backend) pulumi.StringPtrOutput { return v.ClientSecret }).(pulumi.StringPtrOutput) } @@ -387,7 +387,7 @@ func (o BackendOutput) DisableRemount() pulumi.BoolPtrOutput { return o.ApplyT(func(v *Backend) pulumi.BoolPtrOutput { return v.DisableRemount }).(pulumi.BoolPtrOutput) } -// The Azure environment. +// (`string:""`) - The Azure environment. func (o BackendOutput) Environment() pulumi.StringPtrOutput { return o.ApplyT(func(v *Backend) pulumi.StringPtrOutput { return v.Environment }).(pulumi.StringPtrOutput) } @@ -400,22 +400,22 @@ func (o BackendOutput) Namespace() pulumi.StringPtrOutput { return o.ApplyT(func(v *Backend) pulumi.StringPtrOutput { return v.Namespace }).(pulumi.StringPtrOutput) } -// The unique path this backend should be mounted at. Defaults to `azure`. +// (`string: `) - The unique path this backend should be mounted at. Defaults to `azure`. func (o BackendOutput) Path() pulumi.StringPtrOutput { return o.ApplyT(func(v *Backend) pulumi.StringPtrOutput { return v.Path }).(pulumi.StringPtrOutput) } -// The subscription id for the Azure Active Directory. +// (`string: `) - The subscription id for the Azure Active Directory. func (o BackendOutput) SubscriptionId() pulumi.StringOutput { return o.ApplyT(func(v *Backend) pulumi.StringOutput { return v.SubscriptionId }).(pulumi.StringOutput) } -// The tenant id for the Azure Active Directory. +// (`string: `) - The tenant id for the Azure Active Directory. func (o BackendOutput) TenantId() pulumi.StringOutput { return o.ApplyT(func(v *Backend) pulumi.StringOutput { return v.TenantId }).(pulumi.StringOutput) } -// Indicates whether the secrets engine should use +// (`bool: `) - Indicates whether the secrets engine should use // the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. // For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api) func (o BackendOutput) UseMicrosoftGraphApi() pulumi.BoolOutput { diff --git a/sdk/go/vault/azure/getAccessCredentials.go b/sdk/go/vault/azure/getAccessCredentials.go index 999406f69..a4a58b6d5 100644 --- a/sdk/go/vault/azure/getAccessCredentials.go +++ b/sdk/go/vault/azure/getAccessCredentials.go @@ -62,7 +62,7 @@ type GetAccessCredentialsArgs struct { Backend string `pulumi:"backend"` // The Azure environment to use during credential validation. // Defaults to the environment configured in the Vault backend. - // Some possible values: `AzurePublicCloud`, `AzureGovernmentCloud` + // Some possible values: `AzurePublicCloud`, `AzureGovernmentCloud`\ // *See the caveats section for more information on this field.* Environment *string `pulumi:"environment"` // If 'validate_creds' is true, @@ -86,11 +86,11 @@ type GetAccessCredentialsArgs struct { // credentials from, with no leading or trailing `/`s. Role string `pulumi:"role"` // The subscription ID to use during credential - // validation. Defaults to the subscription ID configured in the Vault `backend`. + // validation. Defaults to the subscription ID configured in the Vault `backend`.\ // *See the caveats section for more information on this field.* SubscriptionId *string `pulumi:"subscriptionId"` // The tenant ID to use during credential validation. - // Defaults to the tenant ID configured in the Vault `backend`. + // Defaults to the tenant ID configured in the Vault `backend`.\ // *See the caveats section for more information on this field.* TenantId *string `pulumi:"tenantId"` // Whether generated credentials should be @@ -148,7 +148,7 @@ type GetAccessCredentialsOutputArgs struct { Backend pulumi.StringInput `pulumi:"backend"` // The Azure environment to use during credential validation. // Defaults to the environment configured in the Vault backend. - // Some possible values: `AzurePublicCloud`, `AzureGovernmentCloud` + // Some possible values: `AzurePublicCloud`, `AzureGovernmentCloud`\ // *See the caveats section for more information on this field.* Environment pulumi.StringPtrInput `pulumi:"environment"` // If 'validate_creds' is true, @@ -172,11 +172,11 @@ type GetAccessCredentialsOutputArgs struct { // credentials from, with no leading or trailing `/`s. Role pulumi.StringInput `pulumi:"role"` // The subscription ID to use during credential - // validation. Defaults to the subscription ID configured in the Vault `backend`. + // validation. Defaults to the subscription ID configured in the Vault `backend`.\ // *See the caveats section for more information on this field.* SubscriptionId pulumi.StringPtrInput `pulumi:"subscriptionId"` // The tenant ID to use during credential validation. - // Defaults to the tenant ID configured in the Vault `backend`. + // Defaults to the tenant ID configured in the Vault `backend`.\ // *See the caveats section for more information on this field.* TenantId pulumi.StringPtrInput `pulumi:"tenantId"` // Whether generated credentials should be diff --git a/sdk/go/vault/certAuthBackendRole.go b/sdk/go/vault/certAuthBackendRole.go index 48df7704d..54ccd3591 100644 --- a/sdk/go/vault/certAuthBackendRole.go +++ b/sdk/go/vault/certAuthBackendRole.go @@ -114,7 +114,7 @@ type CertAuthBackendRole struct { // the certificate valid only if all servers agree. // Requires Vault version 1.13+. OcspQueryAllServers pulumi.BoolOutput `pulumi:"ocspQueryAllServers"` - // : A comma-separated list of OCSP + // A comma-separated list of OCSP // server addresses. If unset, the OCSP server is determined from the // AuthorityInformationAccess extension on the certificate being inspected. // Requires Vault version 1.13+. @@ -239,7 +239,7 @@ type certAuthBackendRoleState struct { // the certificate valid only if all servers agree. // Requires Vault version 1.13+. OcspQueryAllServers *bool `pulumi:"ocspQueryAllServers"` - // : A comma-separated list of OCSP + // A comma-separated list of OCSP // server addresses. If unset, the OCSP server is determined from the // AuthorityInformationAccess extension on the certificate being inspected. // Requires Vault version 1.13+. @@ -332,7 +332,7 @@ type CertAuthBackendRoleState struct { // the certificate valid only if all servers agree. // Requires Vault version 1.13+. OcspQueryAllServers pulumi.BoolPtrInput - // : A comma-separated list of OCSP + // A comma-separated list of OCSP // server addresses. If unset, the OCSP server is determined from the // AuthorityInformationAccess extension on the certificate being inspected. // Requires Vault version 1.13+. @@ -429,7 +429,7 @@ type certAuthBackendRoleArgs struct { // the certificate valid only if all servers agree. // Requires Vault version 1.13+. OcspQueryAllServers *bool `pulumi:"ocspQueryAllServers"` - // : A comma-separated list of OCSP + // A comma-separated list of OCSP // server addresses. If unset, the OCSP server is determined from the // AuthorityInformationAccess extension on the certificate being inspected. // Requires Vault version 1.13+. @@ -523,7 +523,7 @@ type CertAuthBackendRoleArgs struct { // the certificate valid only if all servers agree. // Requires Vault version 1.13+. OcspQueryAllServers pulumi.BoolPtrInput - // : A comma-separated list of OCSP + // A comma-separated list of OCSP // server addresses. If unset, the OCSP server is determined from the // AuthorityInformationAccess extension on the certificate being inspected. // Requires Vault version 1.13+. @@ -750,7 +750,7 @@ func (o CertAuthBackendRoleOutput) OcspQueryAllServers() pulumi.BoolOutput { return o.ApplyT(func(v *CertAuthBackendRole) pulumi.BoolOutput { return v.OcspQueryAllServers }).(pulumi.BoolOutput) } -// : A comma-separated list of OCSP +// A comma-separated list of OCSP // server addresses. If unset, the OCSP server is determined from the // AuthorityInformationAccess extension on the certificate being inspected. // Requires Vault version 1.13+. diff --git a/sdk/go/vault/database/pulumiTypes.go b/sdk/go/vault/database/pulumiTypes.go index 7f256b9e0..3b723f7bc 100644 --- a/sdk/go/vault/database/pulumiTypes.go +++ b/sdk/go/vault/database/pulumiTypes.go @@ -6714,7 +6714,7 @@ type SecretsMountMssql struct { // See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) ConnectionUrl *string `pulumi:"connectionUrl"` // For Vault v1.9+. Set to true when the target is a - // Contained Database, e.g. AzureSQL. + // Contained Database, e.g. AzureSQL.\ // See [Vault docs](https://www.vaultproject.io/api/secret/databases/mssql#contained_db) ContainedDb *bool `pulumi:"containedDb"` // A map of sensitive data to pass to the endpoint. Useful for templated connection strings. @@ -6766,7 +6766,7 @@ type SecretsMountMssqlArgs struct { // See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) ConnectionUrl pulumi.StringPtrInput `pulumi:"connectionUrl"` // For Vault v1.9+. Set to true when the target is a - // Contained Database, e.g. AzureSQL. + // Contained Database, e.g. AzureSQL.\ // See [Vault docs](https://www.vaultproject.io/api/secret/databases/mssql#contained_db) ContainedDb pulumi.BoolPtrInput `pulumi:"containedDb"` // A map of sensitive data to pass to the endpoint. Useful for templated connection strings. @@ -6863,7 +6863,7 @@ func (o SecretsMountMssqlOutput) ConnectionUrl() pulumi.StringPtrOutput { } // For Vault v1.9+. Set to true when the target is a -// Contained Database, e.g. AzureSQL. +// Contained Database, e.g. AzureSQL.\ // See [Vault docs](https://www.vaultproject.io/api/secret/databases/mssql#contained_db) func (o SecretsMountMssqlOutput) ContainedDb() pulumi.BoolPtrOutput { return o.ApplyT(func(v SecretsMountMssql) *bool { return v.ContainedDb }).(pulumi.BoolPtrOutput) diff --git a/sdk/go/vault/generic/endpoint.go b/sdk/go/vault/generic/endpoint.go index 55d132a57..d8698b126 100644 --- a/sdk/go/vault/generic/endpoint.go +++ b/sdk/go/vault/generic/endpoint.go @@ -93,9 +93,9 @@ type Endpoint struct { // String containing a JSON-encoded object that will be // written to the given path as the secret data. DataJson pulumi.StringOutput `pulumi:"dataJson"` - // - (Optional) True/false. Set this to true if your - // vault authentication is not able to delete the data or if the endpoint - // does not support the `DELETE` method. Defaults to false. + // True/false. Set this to true if your + // vault authentication is not able to delete the data or if the endpoint + // does not support the `DELETE` method. Defaults to false. DisableDelete pulumi.BoolPtrOutput `pulumi:"disableDelete"` // True/false. Set this to true if your vault // authentication is not able to read the data or if the endpoint does @@ -103,13 +103,13 @@ type Endpoint struct { // detection. You should set this to `true` for endpoints that are // write-only. Defaults to false. DisableRead pulumi.BoolPtrOutput `pulumi:"disableRead"` - // - (Optional) True/false. If set to true, - // ignore any fields present when the endpoint is read but that were not - // in `dataJson`. Also, if a field that was written is not returned when - // the endpoint is read, treat that field as being up to date. You should - // set this to `true` when writing to endpoint that, when read, returns a - // different set of fields from the ones you wrote, as is common with - // many configuration endpoints. Defaults to false. + // True/false. If set to true, + // ignore any fields present when the endpoint is read but that were not + // in `dataJson`. Also, if a field that was written is not returned when + // the endpoint is read, treat that field as being up to date. You should + // set this to `true` when writing to endpoint that, when read, returns a + // different set of fields from the ones you wrote, as is common with + // many configuration endpoints. Defaults to false. IgnoreAbsentFields pulumi.BoolPtrOutput `pulumi:"ignoreAbsentFields"` // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. @@ -130,13 +130,13 @@ type Endpoint struct { // - The JSON data returned by the write operation. // Only fields set in `writeFields` are present in the JSON data. WriteDataJson pulumi.StringOutput `pulumi:"writeDataJson"` - // - (Optional). A list of fields that should be returned - // in `writeDataJson` and `writeData`. If omitted, data returned by - // the write operation is not available to the resource or included in - // state. This helps to avoid accidental storage of sensitive values in - // state. Some endpoints, such as many dynamic secrets endpoints, return - // data from writing to an endpoint rather than reading it. You should - // use `writeFields` if you need information returned in this way. + // . A list of fields that should be returned + // in `writeDataJson` and `writeData`. If omitted, data returned by + // the write operation is not available to the resource or included in + // state. This helps to avoid accidental storage of sensitive values in + // state. Some endpoints, such as many dynamic secrets endpoints, return + // data from writing to an endpoint rather than reading it. You should + // use `writeFields` if you need information returned in this way. WriteFields pulumi.StringArrayOutput `pulumi:"writeFields"` } @@ -186,9 +186,9 @@ type endpointState struct { // String containing a JSON-encoded object that will be // written to the given path as the secret data. DataJson *string `pulumi:"dataJson"` - // - (Optional) True/false. Set this to true if your - // vault authentication is not able to delete the data or if the endpoint - // does not support the `DELETE` method. Defaults to false. + // True/false. Set this to true if your + // vault authentication is not able to delete the data or if the endpoint + // does not support the `DELETE` method. Defaults to false. DisableDelete *bool `pulumi:"disableDelete"` // True/false. Set this to true if your vault // authentication is not able to read the data or if the endpoint does @@ -196,13 +196,13 @@ type endpointState struct { // detection. You should set this to `true` for endpoints that are // write-only. Defaults to false. DisableRead *bool `pulumi:"disableRead"` - // - (Optional) True/false. If set to true, - // ignore any fields present when the endpoint is read but that were not - // in `dataJson`. Also, if a field that was written is not returned when - // the endpoint is read, treat that field as being up to date. You should - // set this to `true` when writing to endpoint that, when read, returns a - // different set of fields from the ones you wrote, as is common with - // many configuration endpoints. Defaults to false. + // True/false. If set to true, + // ignore any fields present when the endpoint is read but that were not + // in `dataJson`. Also, if a field that was written is not returned when + // the endpoint is read, treat that field as being up to date. You should + // set this to `true` when writing to endpoint that, when read, returns a + // different set of fields from the ones you wrote, as is common with + // many configuration endpoints. Defaults to false. IgnoreAbsentFields *bool `pulumi:"ignoreAbsentFields"` // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. @@ -223,13 +223,13 @@ type endpointState struct { // - The JSON data returned by the write operation. // Only fields set in `writeFields` are present in the JSON data. WriteDataJson *string `pulumi:"writeDataJson"` - // - (Optional). A list of fields that should be returned - // in `writeDataJson` and `writeData`. If omitted, data returned by - // the write operation is not available to the resource or included in - // state. This helps to avoid accidental storage of sensitive values in - // state. Some endpoints, such as many dynamic secrets endpoints, return - // data from writing to an endpoint rather than reading it. You should - // use `writeFields` if you need information returned in this way. + // . A list of fields that should be returned + // in `writeDataJson` and `writeData`. If omitted, data returned by + // the write operation is not available to the resource or included in + // state. This helps to avoid accidental storage of sensitive values in + // state. Some endpoints, such as many dynamic secrets endpoints, return + // data from writing to an endpoint rather than reading it. You should + // use `writeFields` if you need information returned in this way. WriteFields []string `pulumi:"writeFields"` } @@ -237,9 +237,9 @@ type EndpointState struct { // String containing a JSON-encoded object that will be // written to the given path as the secret data. DataJson pulumi.StringPtrInput - // - (Optional) True/false. Set this to true if your - // vault authentication is not able to delete the data or if the endpoint - // does not support the `DELETE` method. Defaults to false. + // True/false. Set this to true if your + // vault authentication is not able to delete the data or if the endpoint + // does not support the `DELETE` method. Defaults to false. DisableDelete pulumi.BoolPtrInput // True/false. Set this to true if your vault // authentication is not able to read the data or if the endpoint does @@ -247,13 +247,13 @@ type EndpointState struct { // detection. You should set this to `true` for endpoints that are // write-only. Defaults to false. DisableRead pulumi.BoolPtrInput - // - (Optional) True/false. If set to true, - // ignore any fields present when the endpoint is read but that were not - // in `dataJson`. Also, if a field that was written is not returned when - // the endpoint is read, treat that field as being up to date. You should - // set this to `true` when writing to endpoint that, when read, returns a - // different set of fields from the ones you wrote, as is common with - // many configuration endpoints. Defaults to false. + // True/false. If set to true, + // ignore any fields present when the endpoint is read but that were not + // in `dataJson`. Also, if a field that was written is not returned when + // the endpoint is read, treat that field as being up to date. You should + // set this to `true` when writing to endpoint that, when read, returns a + // different set of fields from the ones you wrote, as is common with + // many configuration endpoints. Defaults to false. IgnoreAbsentFields pulumi.BoolPtrInput // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. @@ -274,13 +274,13 @@ type EndpointState struct { // - The JSON data returned by the write operation. // Only fields set in `writeFields` are present in the JSON data. WriteDataJson pulumi.StringPtrInput - // - (Optional). A list of fields that should be returned - // in `writeDataJson` and `writeData`. If omitted, data returned by - // the write operation is not available to the resource or included in - // state. This helps to avoid accidental storage of sensitive values in - // state. Some endpoints, such as many dynamic secrets endpoints, return - // data from writing to an endpoint rather than reading it. You should - // use `writeFields` if you need information returned in this way. + // . A list of fields that should be returned + // in `writeDataJson` and `writeData`. If omitted, data returned by + // the write operation is not available to the resource or included in + // state. This helps to avoid accidental storage of sensitive values in + // state. Some endpoints, such as many dynamic secrets endpoints, return + // data from writing to an endpoint rather than reading it. You should + // use `writeFields` if you need information returned in this way. WriteFields pulumi.StringArrayInput } @@ -292,9 +292,9 @@ type endpointArgs struct { // String containing a JSON-encoded object that will be // written to the given path as the secret data. DataJson string `pulumi:"dataJson"` - // - (Optional) True/false. Set this to true if your - // vault authentication is not able to delete the data or if the endpoint - // does not support the `DELETE` method. Defaults to false. + // True/false. Set this to true if your + // vault authentication is not able to delete the data or if the endpoint + // does not support the `DELETE` method. Defaults to false. DisableDelete *bool `pulumi:"disableDelete"` // True/false. Set this to true if your vault // authentication is not able to read the data or if the endpoint does @@ -302,13 +302,13 @@ type endpointArgs struct { // detection. You should set this to `true` for endpoints that are // write-only. Defaults to false. DisableRead *bool `pulumi:"disableRead"` - // - (Optional) True/false. If set to true, - // ignore any fields present when the endpoint is read but that were not - // in `dataJson`. Also, if a field that was written is not returned when - // the endpoint is read, treat that field as being up to date. You should - // set this to `true` when writing to endpoint that, when read, returns a - // different set of fields from the ones you wrote, as is common with - // many configuration endpoints. Defaults to false. + // True/false. If set to true, + // ignore any fields present when the endpoint is read but that were not + // in `dataJson`. Also, if a field that was written is not returned when + // the endpoint is read, treat that field as being up to date. You should + // set this to `true` when writing to endpoint that, when read, returns a + // different set of fields from the ones you wrote, as is common with + // many configuration endpoints. Defaults to false. IgnoreAbsentFields *bool `pulumi:"ignoreAbsentFields"` // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. @@ -320,13 +320,13 @@ type endpointArgs struct { // support the `PUT` methods and to determine whether they also support // `DELETE` and `GET`. Path string `pulumi:"path"` - // - (Optional). A list of fields that should be returned - // in `writeDataJson` and `writeData`. If omitted, data returned by - // the write operation is not available to the resource or included in - // state. This helps to avoid accidental storage of sensitive values in - // state. Some endpoints, such as many dynamic secrets endpoints, return - // data from writing to an endpoint rather than reading it. You should - // use `writeFields` if you need information returned in this way. + // . A list of fields that should be returned + // in `writeDataJson` and `writeData`. If omitted, data returned by + // the write operation is not available to the resource or included in + // state. This helps to avoid accidental storage of sensitive values in + // state. Some endpoints, such as many dynamic secrets endpoints, return + // data from writing to an endpoint rather than reading it. You should + // use `writeFields` if you need information returned in this way. WriteFields []string `pulumi:"writeFields"` } @@ -335,9 +335,9 @@ type EndpointArgs struct { // String containing a JSON-encoded object that will be // written to the given path as the secret data. DataJson pulumi.StringInput - // - (Optional) True/false. Set this to true if your - // vault authentication is not able to delete the data or if the endpoint - // does not support the `DELETE` method. Defaults to false. + // True/false. Set this to true if your + // vault authentication is not able to delete the data or if the endpoint + // does not support the `DELETE` method. Defaults to false. DisableDelete pulumi.BoolPtrInput // True/false. Set this to true if your vault // authentication is not able to read the data or if the endpoint does @@ -345,13 +345,13 @@ type EndpointArgs struct { // detection. You should set this to `true` for endpoints that are // write-only. Defaults to false. DisableRead pulumi.BoolPtrInput - // - (Optional) True/false. If set to true, - // ignore any fields present when the endpoint is read but that were not - // in `dataJson`. Also, if a field that was written is not returned when - // the endpoint is read, treat that field as being up to date. You should - // set this to `true` when writing to endpoint that, when read, returns a - // different set of fields from the ones you wrote, as is common with - // many configuration endpoints. Defaults to false. + // True/false. If set to true, + // ignore any fields present when the endpoint is read but that were not + // in `dataJson`. Also, if a field that was written is not returned when + // the endpoint is read, treat that field as being up to date. You should + // set this to `true` when writing to endpoint that, when read, returns a + // different set of fields from the ones you wrote, as is common with + // many configuration endpoints. Defaults to false. IgnoreAbsentFields pulumi.BoolPtrInput // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. @@ -363,13 +363,13 @@ type EndpointArgs struct { // support the `PUT` methods and to determine whether they also support // `DELETE` and `GET`. Path pulumi.StringInput - // - (Optional). A list of fields that should be returned - // in `writeDataJson` and `writeData`. If omitted, data returned by - // the write operation is not available to the resource or included in - // state. This helps to avoid accidental storage of sensitive values in - // state. Some endpoints, such as many dynamic secrets endpoints, return - // data from writing to an endpoint rather than reading it. You should - // use `writeFields` if you need information returned in this way. + // . A list of fields that should be returned + // in `writeDataJson` and `writeData`. If omitted, data returned by + // the write operation is not available to the resource or included in + // state. This helps to avoid accidental storage of sensitive values in + // state. Some endpoints, such as many dynamic secrets endpoints, return + // data from writing to an endpoint rather than reading it. You should + // use `writeFields` if you need information returned in this way. WriteFields pulumi.StringArrayInput } @@ -466,9 +466,9 @@ func (o EndpointOutput) DataJson() pulumi.StringOutput { return o.ApplyT(func(v *Endpoint) pulumi.StringOutput { return v.DataJson }).(pulumi.StringOutput) } -// - (Optional) True/false. Set this to true if your -// vault authentication is not able to delete the data or if the endpoint -// does not support the `DELETE` method. Defaults to false. +// True/false. Set this to true if your +// vault authentication is not able to delete the data or if the endpoint +// does not support the `DELETE` method. Defaults to false. func (o EndpointOutput) DisableDelete() pulumi.BoolPtrOutput { return o.ApplyT(func(v *Endpoint) pulumi.BoolPtrOutput { return v.DisableDelete }).(pulumi.BoolPtrOutput) } @@ -482,13 +482,13 @@ func (o EndpointOutput) DisableRead() pulumi.BoolPtrOutput { return o.ApplyT(func(v *Endpoint) pulumi.BoolPtrOutput { return v.DisableRead }).(pulumi.BoolPtrOutput) } -// - (Optional) True/false. If set to true, -// ignore any fields present when the endpoint is read but that were not -// in `dataJson`. Also, if a field that was written is not returned when -// the endpoint is read, treat that field as being up to date. You should -// set this to `true` when writing to endpoint that, when read, returns a -// different set of fields from the ones you wrote, as is common with -// many configuration endpoints. Defaults to false. +// True/false. If set to true, +// ignore any fields present when the endpoint is read but that were not +// in `dataJson`. Also, if a field that was written is not returned when +// the endpoint is read, treat that field as being up to date. You should +// set this to `true` when writing to endpoint that, when read, returns a +// different set of fields from the ones you wrote, as is common with +// many configuration endpoints. Defaults to false. func (o EndpointOutput) IgnoreAbsentFields() pulumi.BoolPtrOutput { return o.ApplyT(func(v *Endpoint) pulumi.BoolPtrOutput { return v.IgnoreAbsentFields }).(pulumi.BoolPtrOutput) } @@ -524,13 +524,13 @@ func (o EndpointOutput) WriteDataJson() pulumi.StringOutput { return o.ApplyT(func(v *Endpoint) pulumi.StringOutput { return v.WriteDataJson }).(pulumi.StringOutput) } -// - (Optional). A list of fields that should be returned -// in `writeDataJson` and `writeData`. If omitted, data returned by -// the write operation is not available to the resource or included in -// state. This helps to avoid accidental storage of sensitive values in -// state. Some endpoints, such as many dynamic secrets endpoints, return -// data from writing to an endpoint rather than reading it. You should -// use `writeFields` if you need information returned in this way. +// . A list of fields that should be returned +// in `writeDataJson` and `writeData`. If omitted, data returned by +// the write operation is not available to the resource or included in +// state. This helps to avoid accidental storage of sensitive values in +// state. Some endpoints, such as many dynamic secrets endpoints, return +// data from writing to an endpoint rather than reading it. You should +// use `writeFields` if you need information returned in this way. func (o EndpointOutput) WriteFields() pulumi.StringArrayOutput { return o.ApplyT(func(v *Endpoint) pulumi.StringArrayOutput { return v.WriteFields }).(pulumi.StringArrayOutput) } diff --git a/sdk/go/vault/ssh/pulumiTypes.go b/sdk/go/vault/ssh/pulumiTypes.go index 3dfe8caed..4539a26b6 100644 --- a/sdk/go/vault/ssh/pulumiTypes.go +++ b/sdk/go/vault/ssh/pulumiTypes.go @@ -36,7 +36,7 @@ type SecretBackendRoleAllowedUserKeyConfig struct { // ``` Lengths []int `pulumi:"lengths"` // The SSH public key type.\ - // *Supported key types are:* + // *Supported key types are:*\ // `rsa`, `ecdsa`, `ec`, `dsa`, `ed25519`, `ssh-rsa`, `ssh-dss`, `ssh-ed25519`, // `ecdsa-sha2-nistp256`, `ecdsa-sha2-nistp384`, `ecdsa-sha2-nistp521` Type string `pulumi:"type"` @@ -76,7 +76,7 @@ type SecretBackendRoleAllowedUserKeyConfigArgs struct { // ``` Lengths pulumi.IntArrayInput `pulumi:"lengths"` // The SSH public key type.\ - // *Supported key types are:* + // *Supported key types are:*\ // `rsa`, `ecdsa`, `ec`, `dsa`, `ed25519`, `ssh-rsa`, `ssh-dss`, `ssh-ed25519`, // `ecdsa-sha2-nistp256`, `ecdsa-sha2-nistp384`, `ecdsa-sha2-nistp521` Type pulumi.StringInput `pulumi:"type"` @@ -161,7 +161,7 @@ func (o SecretBackendRoleAllowedUserKeyConfigOutput) Lengths() pulumi.IntArrayOu } // The SSH public key type.\ -// *Supported key types are:* +// *Supported key types are:*\ // `rsa`, `ecdsa`, `ec`, `dsa`, `ed25519`, `ssh-rsa`, `ssh-dss`, `ssh-ed25519`, // `ecdsa-sha2-nistp256`, `ecdsa-sha2-nistp384`, `ecdsa-sha2-nistp521` func (o SecretBackendRoleAllowedUserKeyConfigOutput) Type() pulumi.StringOutput { diff --git a/sdk/go/vault/ssh/secretBackendRole.go b/sdk/go/vault/ssh/secretBackendRole.go index eda365e0c..8fed011e4 100644 --- a/sdk/go/vault/ssh/secretBackendRole.go +++ b/sdk/go/vault/ssh/secretBackendRole.go @@ -94,11 +94,11 @@ type SecretBackendRole struct { // Specifies a comma-separated list of extensions that certificates can have when signed. AllowedExtensions pulumi.StringPtrOutput `pulumi:"allowedExtensions"` // Set of configuration blocks to define allowed\ - // user key configuration, like key type and their lengths. Can be specified multiple times. + // user key configuration, like key type and their lengths. Can be specified multiple times.\ // *See Configuration-Options for more info* AllowedUserKeyConfigs SecretBackendRoleAllowedUserKeyConfigArrayOutput `pulumi:"allowedUserKeyConfigs"` // Specifies a map of ssh key types and their expected sizes which - // are allowed to be signed by the CA type. + // are allowed to be signed by the CA type.\ // *Deprecated: use* allowedUserKeyConfig *instead* // // Deprecated: Set in allowed_user_key_config @@ -197,11 +197,11 @@ type secretBackendRoleState struct { // Specifies a comma-separated list of extensions that certificates can have when signed. AllowedExtensions *string `pulumi:"allowedExtensions"` // Set of configuration blocks to define allowed\ - // user key configuration, like key type and their lengths. Can be specified multiple times. + // user key configuration, like key type and their lengths. Can be specified multiple times.\ // *See Configuration-Options for more info* AllowedUserKeyConfigs []SecretBackendRoleAllowedUserKeyConfig `pulumi:"allowedUserKeyConfigs"` // Specifies a map of ssh key types and their expected sizes which - // are allowed to be signed by the CA type. + // are allowed to be signed by the CA type.\ // *Deprecated: use* allowedUserKeyConfig *instead* // // Deprecated: Set in allowed_user_key_config @@ -265,11 +265,11 @@ type SecretBackendRoleState struct { // Specifies a comma-separated list of extensions that certificates can have when signed. AllowedExtensions pulumi.StringPtrInput // Set of configuration blocks to define allowed\ - // user key configuration, like key type and their lengths. Can be specified multiple times. + // user key configuration, like key type and their lengths. Can be specified multiple times.\ // *See Configuration-Options for more info* AllowedUserKeyConfigs SecretBackendRoleAllowedUserKeyConfigArrayInput // Specifies a map of ssh key types and their expected sizes which - // are allowed to be signed by the CA type. + // are allowed to be signed by the CA type.\ // *Deprecated: use* allowedUserKeyConfig *instead* // // Deprecated: Set in allowed_user_key_config @@ -337,11 +337,11 @@ type secretBackendRoleArgs struct { // Specifies a comma-separated list of extensions that certificates can have when signed. AllowedExtensions *string `pulumi:"allowedExtensions"` // Set of configuration blocks to define allowed\ - // user key configuration, like key type and their lengths. Can be specified multiple times. + // user key configuration, like key type and their lengths. Can be specified multiple times.\ // *See Configuration-Options for more info* AllowedUserKeyConfigs []SecretBackendRoleAllowedUserKeyConfig `pulumi:"allowedUserKeyConfigs"` // Specifies a map of ssh key types and their expected sizes which - // are allowed to be signed by the CA type. + // are allowed to be signed by the CA type.\ // *Deprecated: use* allowedUserKeyConfig *instead* // // Deprecated: Set in allowed_user_key_config @@ -406,11 +406,11 @@ type SecretBackendRoleArgs struct { // Specifies a comma-separated list of extensions that certificates can have when signed. AllowedExtensions pulumi.StringPtrInput // Set of configuration blocks to define allowed\ - // user key configuration, like key type and their lengths. Can be specified multiple times. + // user key configuration, like key type and their lengths. Can be specified multiple times.\ // *See Configuration-Options for more info* AllowedUserKeyConfigs SecretBackendRoleAllowedUserKeyConfigArrayInput // Specifies a map of ssh key types and their expected sizes which - // are allowed to be signed by the CA type. + // are allowed to be signed by the CA type.\ // *Deprecated: use* allowedUserKeyConfig *instead* // // Deprecated: Set in allowed_user_key_config @@ -590,7 +590,7 @@ func (o SecretBackendRoleOutput) AllowedExtensions() pulumi.StringPtrOutput { } // Set of configuration blocks to define allowed\ -// user key configuration, like key type and their lengths. Can be specified multiple times. +// user key configuration, like key type and their lengths. Can be specified multiple times.\ // *See Configuration-Options for more info* func (o SecretBackendRoleOutput) AllowedUserKeyConfigs() SecretBackendRoleAllowedUserKeyConfigArrayOutput { return o.ApplyT(func(v *SecretBackendRole) SecretBackendRoleAllowedUserKeyConfigArrayOutput { @@ -599,7 +599,7 @@ func (o SecretBackendRoleOutput) AllowedUserKeyConfigs() SecretBackendRoleAllowe } // Specifies a map of ssh key types and their expected sizes which -// are allowed to be signed by the CA type. +// are allowed to be signed by the CA type.\ // *Deprecated: use* allowedUserKeyConfig *instead* // // Deprecated: Set in allowed_user_key_config diff --git a/sdk/java/src/main/java/com/pulumi/vault/CertAuthBackendRole.java b/sdk/java/src/main/java/com/pulumi/vault/CertAuthBackendRole.java index 1a6283862..7055a3f2c 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/CertAuthBackendRole.java +++ b/sdk/java/src/main/java/com/pulumi/vault/CertAuthBackendRole.java @@ -316,7 +316,7 @@ public Output ocspQueryAllServers() { return this.ocspQueryAllServers; } /** - * : A comma-separated list of OCSP + * A comma-separated list of OCSP * server addresses. If unset, the OCSP server is determined from the * AuthorityInformationAccess extension on the certificate being inspected. * Requires Vault version 1.13+. @@ -326,7 +326,7 @@ public Output ocspQueryAllServers() { private Output> ocspServersOverrides; /** - * @return : A comma-separated list of OCSP + * @return A comma-separated list of OCSP * server addresses. If unset, the OCSP server is determined from the * AuthorityInformationAccess extension on the certificate being inspected. * Requires Vault version 1.13+. diff --git a/sdk/java/src/main/java/com/pulumi/vault/CertAuthBackendRoleArgs.java b/sdk/java/src/main/java/com/pulumi/vault/CertAuthBackendRoleArgs.java index add6813b1..7f1ead648 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/CertAuthBackendRoleArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/CertAuthBackendRoleArgs.java @@ -289,7 +289,7 @@ public Optional> ocspQueryAllServers() { } /** - * : A comma-separated list of OCSP + * A comma-separated list of OCSP * server addresses. If unset, the OCSP server is determined from the * AuthorityInformationAccess extension on the certificate being inspected. * Requires Vault version 1.13+. @@ -299,7 +299,7 @@ public Optional> ocspQueryAllServers() { private @Nullable Output> ocspServersOverrides; /** - * @return : A comma-separated list of OCSP + * @return A comma-separated list of OCSP * server addresses. If unset, the OCSP server is determined from the * AuthorityInformationAccess extension on the certificate being inspected. * Requires Vault version 1.13+. @@ -989,7 +989,7 @@ public Builder ocspQueryAllServers(Boolean ocspQueryAllServers) { } /** - * @param ocspServersOverrides : A comma-separated list of OCSP + * @param ocspServersOverrides A comma-separated list of OCSP * server addresses. If unset, the OCSP server is determined from the * AuthorityInformationAccess extension on the certificate being inspected. * Requires Vault version 1.13+. @@ -1003,7 +1003,7 @@ public Builder ocspServersOverrides(@Nullable Output> ocspServersOv } /** - * @param ocspServersOverrides : A comma-separated list of OCSP + * @param ocspServersOverrides A comma-separated list of OCSP * server addresses. If unset, the OCSP server is determined from the * AuthorityInformationAccess extension on the certificate being inspected. * Requires Vault version 1.13+. @@ -1016,7 +1016,7 @@ public Builder ocspServersOverrides(List ocspServersOverrides) { } /** - * @param ocspServersOverrides : A comma-separated list of OCSP + * @param ocspServersOverrides A comma-separated list of OCSP * server addresses. If unset, the OCSP server is determined from the * AuthorityInformationAccess extension on the certificate being inspected. * Requires Vault version 1.13+. diff --git a/sdk/java/src/main/java/com/pulumi/vault/azure/Backend.java b/sdk/java/src/main/java/com/pulumi/vault/azure/Backend.java index c25687389..258d7a7f0 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/azure/Backend.java +++ b/sdk/java/src/main/java/com/pulumi/vault/azure/Backend.java @@ -91,28 +91,28 @@ @ResourceType(type="vault:azure/backend:Backend") public class Backend extends com.pulumi.resources.CustomResource { /** - * The OAuth2 client id to connect to Azure. + * (`string:""`) - The OAuth2 client id to connect to Azure. * */ @Export(name="clientId", refs={String.class}, tree="[0]") private Output clientId; /** - * @return The OAuth2 client id to connect to Azure. + * @return (`string:""`) - The OAuth2 client id to connect to Azure. * */ public Output> clientId() { return Codegen.optional(this.clientId); } /** - * The OAuth2 client secret to connect to Azure. + * (`string:""`) - The OAuth2 client secret to connect to Azure. * */ @Export(name="clientSecret", refs={String.class}, tree="[0]") private Output clientSecret; /** - * @return The OAuth2 client secret to connect to Azure. + * @return (`string:""`) - The OAuth2 client secret to connect to Azure. * */ public Output> clientSecret() { @@ -149,14 +149,14 @@ public Output> disableRemount() { return Codegen.optional(this.disableRemount); } /** - * The Azure environment. + * (`string:""`) - The Azure environment. * */ @Export(name="environment", refs={String.class}, tree="[0]") private Output environment; /** - * @return The Azure environment. + * @return (`string:""`) - The Azure environment. * */ public Output> environment() { @@ -183,49 +183,49 @@ public Output> namespace() { return Codegen.optional(this.namespace); } /** - * The unique path this backend should be mounted at. Defaults to `azure`. + * (`string: <optional>`) - The unique path this backend should be mounted at. Defaults to `azure`. * */ @Export(name="path", refs={String.class}, tree="[0]") private Output path; /** - * @return The unique path this backend should be mounted at. Defaults to `azure`. + * @return (`string: <optional>`) - The unique path this backend should be mounted at. Defaults to `azure`. * */ public Output> path() { return Codegen.optional(this.path); } /** - * The subscription id for the Azure Active Directory. + * (`string: <required>`) - The subscription id for the Azure Active Directory. * */ @Export(name="subscriptionId", refs={String.class}, tree="[0]") private Output subscriptionId; /** - * @return The subscription id for the Azure Active Directory. + * @return (`string: <required>`) - The subscription id for the Azure Active Directory. * */ public Output subscriptionId() { return this.subscriptionId; } /** - * The tenant id for the Azure Active Directory. + * (`string: <required>`) - The tenant id for the Azure Active Directory. * */ @Export(name="tenantId", refs={String.class}, tree="[0]") private Output tenantId; /** - * @return The tenant id for the Azure Active Directory. + * @return (`string: <required>`) - The tenant id for the Azure Active Directory. * */ public Output tenantId() { return this.tenantId; } /** - * Indicates whether the secrets engine should use + * (`bool: <optional>`) - Indicates whether the secrets engine should use * the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. * For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api) * @@ -234,7 +234,7 @@ public Output tenantId() { private Output useMicrosoftGraphApi; /** - * @return Indicates whether the secrets engine should use + * @return (`bool: <optional>`) - Indicates whether the secrets engine should use * the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. * For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api) * diff --git a/sdk/java/src/main/java/com/pulumi/vault/azure/BackendArgs.java b/sdk/java/src/main/java/com/pulumi/vault/azure/BackendArgs.java index 31e90dbbc..7c1752286 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/azure/BackendArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/azure/BackendArgs.java @@ -17,14 +17,14 @@ public final class BackendArgs extends com.pulumi.resources.ResourceArgs { public static final BackendArgs Empty = new BackendArgs(); /** - * The OAuth2 client id to connect to Azure. + * (`string:""`) - The OAuth2 client id to connect to Azure. * */ @Import(name="clientId") private @Nullable Output clientId; /** - * @return The OAuth2 client id to connect to Azure. + * @return (`string:""`) - The OAuth2 client id to connect to Azure. * */ public Optional> clientId() { @@ -32,14 +32,14 @@ public Optional> clientId() { } /** - * The OAuth2 client secret to connect to Azure. + * (`string:""`) - The OAuth2 client secret to connect to Azure. * */ @Import(name="clientSecret") private @Nullable Output clientSecret; /** - * @return The OAuth2 client secret to connect to Azure. + * @return (`string:""`) - The OAuth2 client secret to connect to Azure. * */ public Optional> clientSecret() { @@ -79,14 +79,14 @@ public Optional> disableRemount() { } /** - * The Azure environment. + * (`string:""`) - The Azure environment. * */ @Import(name="environment") private @Nullable Output environment; /** - * @return The Azure environment. + * @return (`string:""`) - The Azure environment. * */ public Optional> environment() { @@ -115,14 +115,14 @@ public Optional> namespace() { } /** - * The unique path this backend should be mounted at. Defaults to `azure`. + * (`string: <optional>`) - The unique path this backend should be mounted at. Defaults to `azure`. * */ @Import(name="path") private @Nullable Output path; /** - * @return The unique path this backend should be mounted at. Defaults to `azure`. + * @return (`string: <optional>`) - The unique path this backend should be mounted at. Defaults to `azure`. * */ public Optional> path() { @@ -130,14 +130,14 @@ public Optional> path() { } /** - * The subscription id for the Azure Active Directory. + * (`string: <required>`) - The subscription id for the Azure Active Directory. * */ @Import(name="subscriptionId", required=true) private Output subscriptionId; /** - * @return The subscription id for the Azure Active Directory. + * @return (`string: <required>`) - The subscription id for the Azure Active Directory. * */ public Output subscriptionId() { @@ -145,14 +145,14 @@ public Output subscriptionId() { } /** - * The tenant id for the Azure Active Directory. + * (`string: <required>`) - The tenant id for the Azure Active Directory. * */ @Import(name="tenantId", required=true) private Output tenantId; /** - * @return The tenant id for the Azure Active Directory. + * @return (`string: <required>`) - The tenant id for the Azure Active Directory. * */ public Output tenantId() { @@ -160,7 +160,7 @@ public Output tenantId() { } /** - * Indicates whether the secrets engine should use + * (`bool: <optional>`) - Indicates whether the secrets engine should use * the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. * For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api) * @@ -169,7 +169,7 @@ public Output tenantId() { private @Nullable Output useMicrosoftGraphApi; /** - * @return Indicates whether the secrets engine should use + * @return (`bool: <optional>`) - Indicates whether the secrets engine should use * the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. * For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api) * @@ -212,7 +212,7 @@ public Builder(BackendArgs defaults) { } /** - * @param clientId The OAuth2 client id to connect to Azure. + * @param clientId (`string:""`) - The OAuth2 client id to connect to Azure. * * @return builder * @@ -223,7 +223,7 @@ public Builder clientId(@Nullable Output clientId) { } /** - * @param clientId The OAuth2 client id to connect to Azure. + * @param clientId (`string:""`) - The OAuth2 client id to connect to Azure. * * @return builder * @@ -233,7 +233,7 @@ public Builder clientId(String clientId) { } /** - * @param clientSecret The OAuth2 client secret to connect to Azure. + * @param clientSecret (`string:""`) - The OAuth2 client secret to connect to Azure. * * @return builder * @@ -244,7 +244,7 @@ public Builder clientSecret(@Nullable Output clientSecret) { } /** - * @param clientSecret The OAuth2 client secret to connect to Azure. + * @param clientSecret (`string:""`) - The OAuth2 client secret to connect to Azure. * * @return builder * @@ -298,7 +298,7 @@ public Builder disableRemount(Boolean disableRemount) { } /** - * @param environment The Azure environment. + * @param environment (`string:""`) - The Azure environment. * * @return builder * @@ -309,7 +309,7 @@ public Builder environment(@Nullable Output environment) { } /** - * @param environment The Azure environment. + * @param environment (`string:""`) - The Azure environment. * * @return builder * @@ -346,7 +346,7 @@ public Builder namespace(String namespace) { } /** - * @param path The unique path this backend should be mounted at. Defaults to `azure`. + * @param path (`string: <optional>`) - The unique path this backend should be mounted at. Defaults to `azure`. * * @return builder * @@ -357,7 +357,7 @@ public Builder path(@Nullable Output path) { } /** - * @param path The unique path this backend should be mounted at. Defaults to `azure`. + * @param path (`string: <optional>`) - The unique path this backend should be mounted at. Defaults to `azure`. * * @return builder * @@ -367,7 +367,7 @@ public Builder path(String path) { } /** - * @param subscriptionId The subscription id for the Azure Active Directory. + * @param subscriptionId (`string: <required>`) - The subscription id for the Azure Active Directory. * * @return builder * @@ -378,7 +378,7 @@ public Builder subscriptionId(Output subscriptionId) { } /** - * @param subscriptionId The subscription id for the Azure Active Directory. + * @param subscriptionId (`string: <required>`) - The subscription id for the Azure Active Directory. * * @return builder * @@ -388,7 +388,7 @@ public Builder subscriptionId(String subscriptionId) { } /** - * @param tenantId The tenant id for the Azure Active Directory. + * @param tenantId (`string: <required>`) - The tenant id for the Azure Active Directory. * * @return builder * @@ -399,7 +399,7 @@ public Builder tenantId(Output tenantId) { } /** - * @param tenantId The tenant id for the Azure Active Directory. + * @param tenantId (`string: <required>`) - The tenant id for the Azure Active Directory. * * @return builder * @@ -409,7 +409,7 @@ public Builder tenantId(String tenantId) { } /** - * @param useMicrosoftGraphApi Indicates whether the secrets engine should use + * @param useMicrosoftGraphApi (`bool: <optional>`) - Indicates whether the secrets engine should use * the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. * For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api) * @@ -422,7 +422,7 @@ public Builder useMicrosoftGraphApi(@Nullable Output useMicrosoftGraphA } /** - * @param useMicrosoftGraphApi Indicates whether the secrets engine should use + * @param useMicrosoftGraphApi (`bool: <optional>`) - Indicates whether the secrets engine should use * the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. * For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api) * diff --git a/sdk/java/src/main/java/com/pulumi/vault/azure/inputs/BackendState.java b/sdk/java/src/main/java/com/pulumi/vault/azure/inputs/BackendState.java index 67e8ed8b8..aeb38f3d0 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/azure/inputs/BackendState.java +++ b/sdk/java/src/main/java/com/pulumi/vault/azure/inputs/BackendState.java @@ -17,14 +17,14 @@ public final class BackendState extends com.pulumi.resources.ResourceArgs { public static final BackendState Empty = new BackendState(); /** - * The OAuth2 client id to connect to Azure. + * (`string:""`) - The OAuth2 client id to connect to Azure. * */ @Import(name="clientId") private @Nullable Output clientId; /** - * @return The OAuth2 client id to connect to Azure. + * @return (`string:""`) - The OAuth2 client id to connect to Azure. * */ public Optional> clientId() { @@ -32,14 +32,14 @@ public Optional> clientId() { } /** - * The OAuth2 client secret to connect to Azure. + * (`string:""`) - The OAuth2 client secret to connect to Azure. * */ @Import(name="clientSecret") private @Nullable Output clientSecret; /** - * @return The OAuth2 client secret to connect to Azure. + * @return (`string:""`) - The OAuth2 client secret to connect to Azure. * */ public Optional> clientSecret() { @@ -79,14 +79,14 @@ public Optional> disableRemount() { } /** - * The Azure environment. + * (`string:""`) - The Azure environment. * */ @Import(name="environment") private @Nullable Output environment; /** - * @return The Azure environment. + * @return (`string:""`) - The Azure environment. * */ public Optional> environment() { @@ -115,14 +115,14 @@ public Optional> namespace() { } /** - * The unique path this backend should be mounted at. Defaults to `azure`. + * (`string: <optional>`) - The unique path this backend should be mounted at. Defaults to `azure`. * */ @Import(name="path") private @Nullable Output path; /** - * @return The unique path this backend should be mounted at. Defaults to `azure`. + * @return (`string: <optional>`) - The unique path this backend should be mounted at. Defaults to `azure`. * */ public Optional> path() { @@ -130,14 +130,14 @@ public Optional> path() { } /** - * The subscription id for the Azure Active Directory. + * (`string: <required>`) - The subscription id for the Azure Active Directory. * */ @Import(name="subscriptionId") private @Nullable Output subscriptionId; /** - * @return The subscription id for the Azure Active Directory. + * @return (`string: <required>`) - The subscription id for the Azure Active Directory. * */ public Optional> subscriptionId() { @@ -145,14 +145,14 @@ public Optional> subscriptionId() { } /** - * The tenant id for the Azure Active Directory. + * (`string: <required>`) - The tenant id for the Azure Active Directory. * */ @Import(name="tenantId") private @Nullable Output tenantId; /** - * @return The tenant id for the Azure Active Directory. + * @return (`string: <required>`) - The tenant id for the Azure Active Directory. * */ public Optional> tenantId() { @@ -160,7 +160,7 @@ public Optional> tenantId() { } /** - * Indicates whether the secrets engine should use + * (`bool: <optional>`) - Indicates whether the secrets engine should use * the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. * For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api) * @@ -169,7 +169,7 @@ public Optional> tenantId() { private @Nullable Output useMicrosoftGraphApi; /** - * @return Indicates whether the secrets engine should use + * @return (`bool: <optional>`) - Indicates whether the secrets engine should use * the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. * For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api) * @@ -212,7 +212,7 @@ public Builder(BackendState defaults) { } /** - * @param clientId The OAuth2 client id to connect to Azure. + * @param clientId (`string:""`) - The OAuth2 client id to connect to Azure. * * @return builder * @@ -223,7 +223,7 @@ public Builder clientId(@Nullable Output clientId) { } /** - * @param clientId The OAuth2 client id to connect to Azure. + * @param clientId (`string:""`) - The OAuth2 client id to connect to Azure. * * @return builder * @@ -233,7 +233,7 @@ public Builder clientId(String clientId) { } /** - * @param clientSecret The OAuth2 client secret to connect to Azure. + * @param clientSecret (`string:""`) - The OAuth2 client secret to connect to Azure. * * @return builder * @@ -244,7 +244,7 @@ public Builder clientSecret(@Nullable Output clientSecret) { } /** - * @param clientSecret The OAuth2 client secret to connect to Azure. + * @param clientSecret (`string:""`) - The OAuth2 client secret to connect to Azure. * * @return builder * @@ -298,7 +298,7 @@ public Builder disableRemount(Boolean disableRemount) { } /** - * @param environment The Azure environment. + * @param environment (`string:""`) - The Azure environment. * * @return builder * @@ -309,7 +309,7 @@ public Builder environment(@Nullable Output environment) { } /** - * @param environment The Azure environment. + * @param environment (`string:""`) - The Azure environment. * * @return builder * @@ -346,7 +346,7 @@ public Builder namespace(String namespace) { } /** - * @param path The unique path this backend should be mounted at. Defaults to `azure`. + * @param path (`string: <optional>`) - The unique path this backend should be mounted at. Defaults to `azure`. * * @return builder * @@ -357,7 +357,7 @@ public Builder path(@Nullable Output path) { } /** - * @param path The unique path this backend should be mounted at. Defaults to `azure`. + * @param path (`string: <optional>`) - The unique path this backend should be mounted at. Defaults to `azure`. * * @return builder * @@ -367,7 +367,7 @@ public Builder path(String path) { } /** - * @param subscriptionId The subscription id for the Azure Active Directory. + * @param subscriptionId (`string: <required>`) - The subscription id for the Azure Active Directory. * * @return builder * @@ -378,7 +378,7 @@ public Builder subscriptionId(@Nullable Output subscriptionId) { } /** - * @param subscriptionId The subscription id for the Azure Active Directory. + * @param subscriptionId (`string: <required>`) - The subscription id for the Azure Active Directory. * * @return builder * @@ -388,7 +388,7 @@ public Builder subscriptionId(String subscriptionId) { } /** - * @param tenantId The tenant id for the Azure Active Directory. + * @param tenantId (`string: <required>`) - The tenant id for the Azure Active Directory. * * @return builder * @@ -399,7 +399,7 @@ public Builder tenantId(@Nullable Output tenantId) { } /** - * @param tenantId The tenant id for the Azure Active Directory. + * @param tenantId (`string: <required>`) - The tenant id for the Azure Active Directory. * * @return builder * @@ -409,7 +409,7 @@ public Builder tenantId(String tenantId) { } /** - * @param useMicrosoftGraphApi Indicates whether the secrets engine should use + * @param useMicrosoftGraphApi (`bool: <optional>`) - Indicates whether the secrets engine should use * the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. * For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api) * @@ -422,7 +422,7 @@ public Builder useMicrosoftGraphApi(@Nullable Output useMicrosoftGraphA } /** - * @param useMicrosoftGraphApi Indicates whether the secrets engine should use + * @param useMicrosoftGraphApi (`bool: <optional>`) - Indicates whether the secrets engine should use * the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. * For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api) * diff --git a/sdk/java/src/main/java/com/pulumi/vault/azure/inputs/GetAccessCredentialsArgs.java b/sdk/java/src/main/java/com/pulumi/vault/azure/inputs/GetAccessCredentialsArgs.java index 0e446c631..7076780dd 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/azure/inputs/GetAccessCredentialsArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/azure/inputs/GetAccessCredentialsArgs.java @@ -37,7 +37,7 @@ public Output backend() { /** * The Azure environment to use during credential validation. * Defaults to the environment configured in the Vault backend. - * Some possible values: `AzurePublicCloud`, `AzureGovernmentCloud` + * Some possible values: `AzurePublicCloud`, `AzureGovernmentCloud`\ * *See the caveats section for more information on this field.* * */ @@ -47,7 +47,7 @@ public Output backend() { /** * @return The Azure environment to use during credential validation. * Defaults to the environment configured in the Vault backend. - * Some possible values: `AzurePublicCloud`, `AzureGovernmentCloud` + * Some possible values: `AzurePublicCloud`, `AzureGovernmentCloud`\ * *See the caveats section for more information on this field.* * */ @@ -152,7 +152,7 @@ public Output role() { /** * The subscription ID to use during credential - * validation. Defaults to the subscription ID configured in the Vault `backend`. + * validation. Defaults to the subscription ID configured in the Vault `backend`.\ * *See the caveats section for more information on this field.* * */ @@ -161,7 +161,7 @@ public Output role() { /** * @return The subscription ID to use during credential - * validation. Defaults to the subscription ID configured in the Vault `backend`. + * validation. Defaults to the subscription ID configured in the Vault `backend`.\ * *See the caveats section for more information on this field.* * */ @@ -171,7 +171,7 @@ public Optional> subscriptionId() { /** * The tenant ID to use during credential validation. - * Defaults to the tenant ID configured in the Vault `backend`. + * Defaults to the tenant ID configured in the Vault `backend`.\ * *See the caveats section for more information on this field.* * */ @@ -180,7 +180,7 @@ public Optional> subscriptionId() { /** * @return The tenant ID to use during credential validation. - * Defaults to the tenant ID configured in the Vault `backend`. + * Defaults to the tenant ID configured in the Vault `backend`.\ * *See the caveats section for more information on this field.* * */ @@ -268,7 +268,7 @@ public Builder backend(String backend) { /** * @param environment The Azure environment to use during credential validation. * Defaults to the environment configured in the Vault backend. - * Some possible values: `AzurePublicCloud`, `AzureGovernmentCloud` + * Some possible values: `AzurePublicCloud`, `AzureGovernmentCloud`\ * *See the caveats section for more information on this field.* * * @return builder @@ -282,7 +282,7 @@ public Builder environment(@Nullable Output environment) { /** * @param environment The Azure environment to use during credential validation. * Defaults to the environment configured in the Vault backend. - * Some possible values: `AzurePublicCloud`, `AzureGovernmentCloud` + * Some possible values: `AzurePublicCloud`, `AzureGovernmentCloud`\ * *See the caveats section for more information on this field.* * * @return builder @@ -419,7 +419,7 @@ public Builder role(String role) { /** * @param subscriptionId The subscription ID to use during credential - * validation. Defaults to the subscription ID configured in the Vault `backend`. + * validation. Defaults to the subscription ID configured in the Vault `backend`.\ * *See the caveats section for more information on this field.* * * @return builder @@ -432,7 +432,7 @@ public Builder subscriptionId(@Nullable Output subscriptionId) { /** * @param subscriptionId The subscription ID to use during credential - * validation. Defaults to the subscription ID configured in the Vault `backend`. + * validation. Defaults to the subscription ID configured in the Vault `backend`.\ * *See the caveats section for more information on this field.* * * @return builder @@ -444,7 +444,7 @@ public Builder subscriptionId(String subscriptionId) { /** * @param tenantId The tenant ID to use during credential validation. - * Defaults to the tenant ID configured in the Vault `backend`. + * Defaults to the tenant ID configured in the Vault `backend`.\ * *See the caveats section for more information on this field.* * * @return builder @@ -457,7 +457,7 @@ public Builder tenantId(@Nullable Output tenantId) { /** * @param tenantId The tenant ID to use during credential validation. - * Defaults to the tenant ID configured in the Vault `backend`. + * Defaults to the tenant ID configured in the Vault `backend`.\ * *See the caveats section for more information on this field.* * * @return builder diff --git a/sdk/java/src/main/java/com/pulumi/vault/azure/inputs/GetAccessCredentialsPlainArgs.java b/sdk/java/src/main/java/com/pulumi/vault/azure/inputs/GetAccessCredentialsPlainArgs.java index 5290e9575..e9cc523bf 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/azure/inputs/GetAccessCredentialsPlainArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/azure/inputs/GetAccessCredentialsPlainArgs.java @@ -36,7 +36,7 @@ public String backend() { /** * The Azure environment to use during credential validation. * Defaults to the environment configured in the Vault backend. - * Some possible values: `AzurePublicCloud`, `AzureGovernmentCloud` + * Some possible values: `AzurePublicCloud`, `AzureGovernmentCloud`\ * *See the caveats section for more information on this field.* * */ @@ -46,7 +46,7 @@ public String backend() { /** * @return The Azure environment to use during credential validation. * Defaults to the environment configured in the Vault backend. - * Some possible values: `AzurePublicCloud`, `AzureGovernmentCloud` + * Some possible values: `AzurePublicCloud`, `AzureGovernmentCloud`\ * *See the caveats section for more information on this field.* * */ @@ -151,7 +151,7 @@ public String role() { /** * The subscription ID to use during credential - * validation. Defaults to the subscription ID configured in the Vault `backend`. + * validation. Defaults to the subscription ID configured in the Vault `backend`.\ * *See the caveats section for more information on this field.* * */ @@ -160,7 +160,7 @@ public String role() { /** * @return The subscription ID to use during credential - * validation. Defaults to the subscription ID configured in the Vault `backend`. + * validation. Defaults to the subscription ID configured in the Vault `backend`.\ * *See the caveats section for more information on this field.* * */ @@ -170,7 +170,7 @@ public Optional subscriptionId() { /** * The tenant ID to use during credential validation. - * Defaults to the tenant ID configured in the Vault `backend`. + * Defaults to the tenant ID configured in the Vault `backend`.\ * *See the caveats section for more information on this field.* * */ @@ -179,7 +179,7 @@ public Optional subscriptionId() { /** * @return The tenant ID to use during credential validation. - * Defaults to the tenant ID configured in the Vault `backend`. + * Defaults to the tenant ID configured in the Vault `backend`.\ * *See the caveats section for more information on this field.* * */ @@ -256,7 +256,7 @@ public Builder backend(String backend) { /** * @param environment The Azure environment to use during credential validation. * Defaults to the environment configured in the Vault backend. - * Some possible values: `AzurePublicCloud`, `AzureGovernmentCloud` + * Some possible values: `AzurePublicCloud`, `AzureGovernmentCloud`\ * *See the caveats section for more information on this field.* * * @return builder @@ -334,7 +334,7 @@ public Builder role(String role) { /** * @param subscriptionId The subscription ID to use during credential - * validation. Defaults to the subscription ID configured in the Vault `backend`. + * validation. Defaults to the subscription ID configured in the Vault `backend`.\ * *See the caveats section for more information on this field.* * * @return builder @@ -347,7 +347,7 @@ public Builder subscriptionId(@Nullable String subscriptionId) { /** * @param tenantId The tenant ID to use during credential validation. - * Defaults to the tenant ID configured in the Vault `backend`. + * Defaults to the tenant ID configured in the Vault `backend`.\ * *See the caveats section for more information on this field.* * * @return builder diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountMssqlArgs.java b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountMssqlArgs.java index f7e0b1df4..c90bcaf4b 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountMssqlArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountMssqlArgs.java @@ -56,7 +56,7 @@ public Optional> connectionUrl() { /** * For Vault v1.9+. Set to true when the target is a - * Contained Database, e.g. AzureSQL. + * Contained Database, e.g. AzureSQL.\ * See [Vault docs](https://www.vaultproject.io/api/secret/databases/mssql#contained_db) * */ @@ -65,7 +65,7 @@ public Optional> connectionUrl() { /** * @return For Vault v1.9+. Set to true when the target is a - * Contained Database, e.g. AzureSQL. + * Contained Database, e.g. AzureSQL.\ * See [Vault docs](https://www.vaultproject.io/api/secret/databases/mssql#contained_db) * */ @@ -352,7 +352,7 @@ public Builder connectionUrl(String connectionUrl) { /** * @param containedDb For Vault v1.9+. Set to true when the target is a - * Contained Database, e.g. AzureSQL. + * Contained Database, e.g. AzureSQL.\ * See [Vault docs](https://www.vaultproject.io/api/secret/databases/mssql#contained_db) * * @return builder @@ -365,7 +365,7 @@ public Builder containedDb(@Nullable Output containedDb) { /** * @param containedDb For Vault v1.9+. Set to true when the target is a - * Contained Database, e.g. AzureSQL. + * Contained Database, e.g. AzureSQL.\ * See [Vault docs](https://www.vaultproject.io/api/secret/databases/mssql#contained_db) * * @return builder diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountMssql.java b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountMssql.java index 7ee0864e2..3c1ef6baf 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountMssql.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountMssql.java @@ -30,7 +30,7 @@ public final class SecretsMountMssql { private @Nullable String connectionUrl; /** * @return For Vault v1.9+. Set to true when the target is a - * Contained Database, e.g. AzureSQL. + * Contained Database, e.g. AzureSQL.\ * See [Vault docs](https://www.vaultproject.io/api/secret/databases/mssql#contained_db) * */ @@ -116,7 +116,7 @@ public Optional connectionUrl() { } /** * @return For Vault v1.9+. Set to true when the target is a - * Contained Database, e.g. AzureSQL. + * Contained Database, e.g. AzureSQL.\ * See [Vault docs](https://www.vaultproject.io/api/secret/databases/mssql#contained_db) * */ diff --git a/sdk/java/src/main/java/com/pulumi/vault/generic/Endpoint.java b/sdk/java/src/main/java/com/pulumi/vault/generic/Endpoint.java index 627e4ef27..eecf3540e 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/generic/Endpoint.java +++ b/sdk/java/src/main/java/com/pulumi/vault/generic/Endpoint.java @@ -124,16 +124,16 @@ public Output dataJson() { return this.dataJson; } /** - * - (Optional) True/false. Set this to true if your - * vault authentication is not able to delete the data or if the endpoint - * does not support the `DELETE` method. Defaults to false. + * True/false. Set this to true if your + * vault authentication is not able to delete the data or if the endpoint + * does not support the `DELETE` method. Defaults to false. * */ @Export(name="disableDelete", refs={Boolean.class}, tree="[0]") private Output disableDelete; /** - * @return - (Optional) True/false. Set this to true if your + * @return True/false. Set this to true if your * vault authentication is not able to delete the data or if the endpoint * does not support the `DELETE` method. Defaults to false. * @@ -164,20 +164,20 @@ public Output> disableRead() { return Codegen.optional(this.disableRead); } /** - * - (Optional) True/false. If set to true, - * ignore any fields present when the endpoint is read but that were not - * in `data_json`. Also, if a field that was written is not returned when - * the endpoint is read, treat that field as being up to date. You should - * set this to `true` when writing to endpoint that, when read, returns a - * different set of fields from the ones you wrote, as is common with - * many configuration endpoints. Defaults to false. + * True/false. If set to true, + * ignore any fields present when the endpoint is read but that were not + * in `data_json`. Also, if a field that was written is not returned when + * the endpoint is read, treat that field as being up to date. You should + * set this to `true` when writing to endpoint that, when read, returns a + * different set of fields from the ones you wrote, as is common with + * many configuration endpoints. Defaults to false. * */ @Export(name="ignoreAbsentFields", refs={Boolean.class}, tree="[0]") private Output ignoreAbsentFields; /** - * @return - (Optional) True/false. If set to true, + * @return True/false. If set to true, * ignore any fields present when the endpoint is read but that were not * in `data_json`. Also, if a field that was written is not returned when * the endpoint is read, treat that field as being up to date. You should @@ -268,20 +268,20 @@ public Output writeDataJson() { return this.writeDataJson; } /** - * - (Optional). A list of fields that should be returned - * in `write_data_json` and `write_data`. If omitted, data returned by - * the write operation is not available to the resource or included in - * state. This helps to avoid accidental storage of sensitive values in - * state. Some endpoints, such as many dynamic secrets endpoints, return - * data from writing to an endpoint rather than reading it. You should - * use `write_fields` if you need information returned in this way. + * . A list of fields that should be returned + * in `write_data_json` and `write_data`. If omitted, data returned by + * the write operation is not available to the resource or included in + * state. This helps to avoid accidental storage of sensitive values in + * state. Some endpoints, such as many dynamic secrets endpoints, return + * data from writing to an endpoint rather than reading it. You should + * use `write_fields` if you need information returned in this way. * */ @Export(name="writeFields", refs={List.class,String.class}, tree="[0,1]") private Output> writeFields; /** - * @return - (Optional). A list of fields that should be returned + * @return . A list of fields that should be returned * in `write_data_json` and `write_data`. If omitted, data returned by * the write operation is not available to the resource or included in * state. This helps to avoid accidental storage of sensitive values in diff --git a/sdk/java/src/main/java/com/pulumi/vault/generic/EndpointArgs.java b/sdk/java/src/main/java/com/pulumi/vault/generic/EndpointArgs.java index 749ba93d3..3b0b8acb1 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/generic/EndpointArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/generic/EndpointArgs.java @@ -35,16 +35,16 @@ public Output dataJson() { } /** - * - (Optional) True/false. Set this to true if your - * vault authentication is not able to delete the data or if the endpoint - * does not support the `DELETE` method. Defaults to false. + * True/false. Set this to true if your + * vault authentication is not able to delete the data or if the endpoint + * does not support the `DELETE` method. Defaults to false. * */ @Import(name="disableDelete") private @Nullable Output disableDelete; /** - * @return - (Optional) True/false. Set this to true if your + * @return True/false. Set this to true if your * vault authentication is not able to delete the data or if the endpoint * does not support the `DELETE` method. Defaults to false. * @@ -77,20 +77,20 @@ public Optional> disableRead() { } /** - * - (Optional) True/false. If set to true, - * ignore any fields present when the endpoint is read but that were not - * in `data_json`. Also, if a field that was written is not returned when - * the endpoint is read, treat that field as being up to date. You should - * set this to `true` when writing to endpoint that, when read, returns a - * different set of fields from the ones you wrote, as is common with - * many configuration endpoints. Defaults to false. + * True/false. If set to true, + * ignore any fields present when the endpoint is read but that were not + * in `data_json`. Also, if a field that was written is not returned when + * the endpoint is read, treat that field as being up to date. You should + * set this to `true` when writing to endpoint that, when read, returns a + * different set of fields from the ones you wrote, as is common with + * many configuration endpoints. Defaults to false. * */ @Import(name="ignoreAbsentFields") private @Nullable Output ignoreAbsentFields; /** - * @return - (Optional) True/false. If set to true, + * @return True/false. If set to true, * ignore any fields present when the endpoint is read but that were not * in `data_json`. Also, if a field that was written is not returned when * the endpoint is read, treat that field as being up to date. You should @@ -146,20 +146,20 @@ public Output path() { } /** - * - (Optional). A list of fields that should be returned - * in `write_data_json` and `write_data`. If omitted, data returned by - * the write operation is not available to the resource or included in - * state. This helps to avoid accidental storage of sensitive values in - * state. Some endpoints, such as many dynamic secrets endpoints, return - * data from writing to an endpoint rather than reading it. You should - * use `write_fields` if you need information returned in this way. + * . A list of fields that should be returned + * in `write_data_json` and `write_data`. If omitted, data returned by + * the write operation is not available to the resource or included in + * state. This helps to avoid accidental storage of sensitive values in + * state. Some endpoints, such as many dynamic secrets endpoints, return + * data from writing to an endpoint rather than reading it. You should + * use `write_fields` if you need information returned in this way. * */ @Import(name="writeFields") private @Nullable Output> writeFields; /** - * @return - (Optional). A list of fields that should be returned + * @return . A list of fields that should be returned * in `write_data_json` and `write_data`. If omitted, data returned by * the write operation is not available to the resource or included in * state. This helps to avoid accidental storage of sensitive values in @@ -226,7 +226,7 @@ public Builder dataJson(String dataJson) { } /** - * @param disableDelete - (Optional) True/false. Set this to true if your + * @param disableDelete True/false. Set this to true if your * vault authentication is not able to delete the data or if the endpoint * does not support the `DELETE` method. Defaults to false. * @@ -239,7 +239,7 @@ public Builder disableDelete(@Nullable Output disableDelete) { } /** - * @param disableDelete - (Optional) True/false. Set this to true if your + * @param disableDelete True/false. Set this to true if your * vault authentication is not able to delete the data or if the endpoint * does not support the `DELETE` method. Defaults to false. * @@ -280,7 +280,7 @@ public Builder disableRead(Boolean disableRead) { } /** - * @param ignoreAbsentFields - (Optional) True/false. If set to true, + * @param ignoreAbsentFields True/false. If set to true, * ignore any fields present when the endpoint is read but that were not * in `data_json`. Also, if a field that was written is not returned when * the endpoint is read, treat that field as being up to date. You should @@ -297,7 +297,7 @@ public Builder ignoreAbsentFields(@Nullable Output ignoreAbsentFields) } /** - * @param ignoreAbsentFields - (Optional) True/false. If set to true, + * @param ignoreAbsentFields True/false. If set to true, * ignore any fields present when the endpoint is read but that were not * in `data_json`. Also, if a field that was written is not returned when * the endpoint is read, treat that field as being up to date. You should @@ -367,7 +367,7 @@ public Builder path(String path) { } /** - * @param writeFields - (Optional). A list of fields that should be returned + * @param writeFields . A list of fields that should be returned * in `write_data_json` and `write_data`. If omitted, data returned by * the write operation is not available to the resource or included in * state. This helps to avoid accidental storage of sensitive values in @@ -384,7 +384,7 @@ public Builder writeFields(@Nullable Output> writeFields) { } /** - * @param writeFields - (Optional). A list of fields that should be returned + * @param writeFields . A list of fields that should be returned * in `write_data_json` and `write_data`. If omitted, data returned by * the write operation is not available to the resource or included in * state. This helps to avoid accidental storage of sensitive values in @@ -400,7 +400,7 @@ public Builder writeFields(List writeFields) { } /** - * @param writeFields - (Optional). A list of fields that should be returned + * @param writeFields . A list of fields that should be returned * in `write_data_json` and `write_data`. If omitted, data returned by * the write operation is not available to the resource or included in * state. This helps to avoid accidental storage of sensitive values in diff --git a/sdk/java/src/main/java/com/pulumi/vault/generic/inputs/EndpointState.java b/sdk/java/src/main/java/com/pulumi/vault/generic/inputs/EndpointState.java index c92052eca..9c417aa8a 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/generic/inputs/EndpointState.java +++ b/sdk/java/src/main/java/com/pulumi/vault/generic/inputs/EndpointState.java @@ -36,16 +36,16 @@ public Optional> dataJson() { } /** - * - (Optional) True/false. Set this to true if your - * vault authentication is not able to delete the data or if the endpoint - * does not support the `DELETE` method. Defaults to false. + * True/false. Set this to true if your + * vault authentication is not able to delete the data or if the endpoint + * does not support the `DELETE` method. Defaults to false. * */ @Import(name="disableDelete") private @Nullable Output disableDelete; /** - * @return - (Optional) True/false. Set this to true if your + * @return True/false. Set this to true if your * vault authentication is not able to delete the data or if the endpoint * does not support the `DELETE` method. Defaults to false. * @@ -78,20 +78,20 @@ public Optional> disableRead() { } /** - * - (Optional) True/false. If set to true, - * ignore any fields present when the endpoint is read but that were not - * in `data_json`. Also, if a field that was written is not returned when - * the endpoint is read, treat that field as being up to date. You should - * set this to `true` when writing to endpoint that, when read, returns a - * different set of fields from the ones you wrote, as is common with - * many configuration endpoints. Defaults to false. + * True/false. If set to true, + * ignore any fields present when the endpoint is read but that were not + * in `data_json`. Also, if a field that was written is not returned when + * the endpoint is read, treat that field as being up to date. You should + * set this to `true` when writing to endpoint that, when read, returns a + * different set of fields from the ones you wrote, as is common with + * many configuration endpoints. Defaults to false. * */ @Import(name="ignoreAbsentFields") private @Nullable Output ignoreAbsentFields; /** - * @return - (Optional) True/false. If set to true, + * @return True/false. If set to true, * ignore any fields present when the endpoint is read but that were not * in `data_json`. Also, if a field that was written is not returned when * the endpoint is read, treat that field as being up to date. You should @@ -187,20 +187,20 @@ public Optional> writeDataJson() { } /** - * - (Optional). A list of fields that should be returned - * in `write_data_json` and `write_data`. If omitted, data returned by - * the write operation is not available to the resource or included in - * state. This helps to avoid accidental storage of sensitive values in - * state. Some endpoints, such as many dynamic secrets endpoints, return - * data from writing to an endpoint rather than reading it. You should - * use `write_fields` if you need information returned in this way. + * . A list of fields that should be returned + * in `write_data_json` and `write_data`. If omitted, data returned by + * the write operation is not available to the resource or included in + * state. This helps to avoid accidental storage of sensitive values in + * state. Some endpoints, such as many dynamic secrets endpoints, return + * data from writing to an endpoint rather than reading it. You should + * use `write_fields` if you need information returned in this way. * */ @Import(name="writeFields") private @Nullable Output> writeFields; /** - * @return - (Optional). A list of fields that should be returned + * @return . A list of fields that should be returned * in `write_data_json` and `write_data`. If omitted, data returned by * the write operation is not available to the resource or included in * state. This helps to avoid accidental storage of sensitive values in @@ -269,7 +269,7 @@ public Builder dataJson(String dataJson) { } /** - * @param disableDelete - (Optional) True/false. Set this to true if your + * @param disableDelete True/false. Set this to true if your * vault authentication is not able to delete the data or if the endpoint * does not support the `DELETE` method. Defaults to false. * @@ -282,7 +282,7 @@ public Builder disableDelete(@Nullable Output disableDelete) { } /** - * @param disableDelete - (Optional) True/false. Set this to true if your + * @param disableDelete True/false. Set this to true if your * vault authentication is not able to delete the data or if the endpoint * does not support the `DELETE` method. Defaults to false. * @@ -323,7 +323,7 @@ public Builder disableRead(Boolean disableRead) { } /** - * @param ignoreAbsentFields - (Optional) True/false. If set to true, + * @param ignoreAbsentFields True/false. If set to true, * ignore any fields present when the endpoint is read but that were not * in `data_json`. Also, if a field that was written is not returned when * the endpoint is read, treat that field as being up to date. You should @@ -340,7 +340,7 @@ public Builder ignoreAbsentFields(@Nullable Output ignoreAbsentFields) } /** - * @param ignoreAbsentFields - (Optional) True/false. If set to true, + * @param ignoreAbsentFields True/false. If set to true, * ignore any fields present when the endpoint is read but that were not * in `data_json`. Also, if a field that was written is not returned when * the endpoint is read, treat that field as being up to date. You should @@ -462,7 +462,7 @@ public Builder writeDataJson(String writeDataJson) { } /** - * @param writeFields - (Optional). A list of fields that should be returned + * @param writeFields . A list of fields that should be returned * in `write_data_json` and `write_data`. If omitted, data returned by * the write operation is not available to the resource or included in * state. This helps to avoid accidental storage of sensitive values in @@ -479,7 +479,7 @@ public Builder writeFields(@Nullable Output> writeFields) { } /** - * @param writeFields - (Optional). A list of fields that should be returned + * @param writeFields . A list of fields that should be returned * in `write_data_json` and `write_data`. If omitted, data returned by * the write operation is not available to the resource or included in * state. This helps to avoid accidental storage of sensitive values in @@ -495,7 +495,7 @@ public Builder writeFields(List writeFields) { } /** - * @param writeFields - (Optional). A list of fields that should be returned + * @param writeFields . A list of fields that should be returned * in `write_data_json` and `write_data`. If omitted, data returned by * the write operation is not available to the resource or included in * state. This helps to avoid accidental storage of sensitive values in diff --git a/sdk/java/src/main/java/com/pulumi/vault/inputs/CertAuthBackendRoleState.java b/sdk/java/src/main/java/com/pulumi/vault/inputs/CertAuthBackendRoleState.java index 6f9774ba2..41c075c62 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/inputs/CertAuthBackendRoleState.java +++ b/sdk/java/src/main/java/com/pulumi/vault/inputs/CertAuthBackendRoleState.java @@ -289,7 +289,7 @@ public Optional> ocspQueryAllServers() { } /** - * : A comma-separated list of OCSP + * A comma-separated list of OCSP * server addresses. If unset, the OCSP server is determined from the * AuthorityInformationAccess extension on the certificate being inspected. * Requires Vault version 1.13+. @@ -299,7 +299,7 @@ public Optional> ocspQueryAllServers() { private @Nullable Output> ocspServersOverrides; /** - * @return : A comma-separated list of OCSP + * @return A comma-separated list of OCSP * server addresses. If unset, the OCSP server is determined from the * AuthorityInformationAccess extension on the certificate being inspected. * Requires Vault version 1.13+. @@ -989,7 +989,7 @@ public Builder ocspQueryAllServers(Boolean ocspQueryAllServers) { } /** - * @param ocspServersOverrides : A comma-separated list of OCSP + * @param ocspServersOverrides A comma-separated list of OCSP * server addresses. If unset, the OCSP server is determined from the * AuthorityInformationAccess extension on the certificate being inspected. * Requires Vault version 1.13+. @@ -1003,7 +1003,7 @@ public Builder ocspServersOverrides(@Nullable Output> ocspServersOv } /** - * @param ocspServersOverrides : A comma-separated list of OCSP + * @param ocspServersOverrides A comma-separated list of OCSP * server addresses. If unset, the OCSP server is determined from the * AuthorityInformationAccess extension on the certificate being inspected. * Requires Vault version 1.13+. @@ -1016,7 +1016,7 @@ public Builder ocspServersOverrides(List ocspServersOverrides) { } /** - * @param ocspServersOverrides : A comma-separated list of OCSP + * @param ocspServersOverrides A comma-separated list of OCSP * server addresses. If unset, the OCSP server is determined from the * AuthorityInformationAccess extension on the certificate being inspected. * Requires Vault version 1.13+. diff --git a/sdk/java/src/main/java/com/pulumi/vault/pkiSecret/inputs/SecretBackendRolePolicyIdentifierArgs.java b/sdk/java/src/main/java/com/pulumi/vault/pkiSecret/inputs/SecretBackendRolePolicyIdentifierArgs.java index 93bc35c78..0356ba2a8 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/pkiSecret/inputs/SecretBackendRolePolicyIdentifierArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/pkiSecret/inputs/SecretBackendRolePolicyIdentifierArgs.java @@ -19,6 +19,7 @@ public final class SecretBackendRolePolicyIdentifierArgs extends com.pulumi.reso * The URL of the CPS for the policy identifier * * Example usage: + * * ```java * package generated_program; * @@ -82,6 +83,7 @@ public final class SecretBackendRolePolicyIdentifierArgs extends com.pulumi.reso * @return The URL of the CPS for the policy identifier * * Example usage: + * * ```java * package generated_program; * @@ -202,6 +204,7 @@ public Builder(SecretBackendRolePolicyIdentifierArgs defaults) { * @param cps The URL of the CPS for the policy identifier * * Example usage: + * * ```java * package generated_program; * @@ -269,6 +272,7 @@ public Builder cps(@Nullable Output cps) { * @param cps The URL of the CPS for the policy identifier * * Example usage: + * * ```java * package generated_program; * diff --git a/sdk/java/src/main/java/com/pulumi/vault/pkiSecret/outputs/SecretBackendRolePolicyIdentifier.java b/sdk/java/src/main/java/com/pulumi/vault/pkiSecret/outputs/SecretBackendRolePolicyIdentifier.java index 07f4dfe7c..0f3f980a9 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/pkiSecret/outputs/SecretBackendRolePolicyIdentifier.java +++ b/sdk/java/src/main/java/com/pulumi/vault/pkiSecret/outputs/SecretBackendRolePolicyIdentifier.java @@ -15,6 +15,7 @@ public final class SecretBackendRolePolicyIdentifier { * @return The URL of the CPS for the policy identifier * * Example usage: + * * ```java * package generated_program; * @@ -88,6 +89,7 @@ private SecretBackendRolePolicyIdentifier() {} * @return The URL of the CPS for the policy identifier * * Example usage: + * * ```java * package generated_program; * diff --git a/sdk/java/src/main/java/com/pulumi/vault/ssh/SecretBackendRole.java b/sdk/java/src/main/java/com/pulumi/vault/ssh/SecretBackendRole.java index fc92f2ce6..9330077a1 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/ssh/SecretBackendRole.java +++ b/sdk/java/src/main/java/com/pulumi/vault/ssh/SecretBackendRole.java @@ -225,7 +225,7 @@ public Output> allowedExtensions() { } /** * Set of configuration blocks to define allowed\ - * user key configuration, like key type and their lengths. Can be specified multiple times. + * user key configuration, like key type and their lengths. Can be specified multiple times.\ * *See Configuration-Options for more info* * */ @@ -234,7 +234,7 @@ public Output> allowedExtensions() { /** * @return Set of configuration blocks to define allowed\ - * user key configuration, like key type and their lengths. Can be specified multiple times. + * user key configuration, like key type and their lengths. Can be specified multiple times.\ * *See Configuration-Options for more info* * */ @@ -243,7 +243,7 @@ public Output>> allowedUser } /** * Specifies a map of ssh key types and their expected sizes which - * are allowed to be signed by the CA type. + * are allowed to be signed by the CA type.\ * *Deprecated: use* allowed_user_key_config *instead* * * @deprecated @@ -256,7 +256,7 @@ public Output>> allowedUser /** * @return Specifies a map of ssh key types and their expected sizes which - * are allowed to be signed by the CA type. + * are allowed to be signed by the CA type.\ * *Deprecated: use* allowed_user_key_config *instead* * */ diff --git a/sdk/java/src/main/java/com/pulumi/vault/ssh/SecretBackendRoleArgs.java b/sdk/java/src/main/java/com/pulumi/vault/ssh/SecretBackendRoleArgs.java index b4bd2dc2f..e01b388c8 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/ssh/SecretBackendRoleArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/ssh/SecretBackendRoleArgs.java @@ -175,7 +175,7 @@ public Optional> allowedExtensions() { /** * Set of configuration blocks to define allowed\ - * user key configuration, like key type and their lengths. Can be specified multiple times. + * user key configuration, like key type and their lengths. Can be specified multiple times.\ * *See Configuration-Options for more info* * */ @@ -184,7 +184,7 @@ public Optional> allowedExtensions() { /** * @return Set of configuration blocks to define allowed\ - * user key configuration, like key type and their lengths. Can be specified multiple times. + * user key configuration, like key type and their lengths. Can be specified multiple times.\ * *See Configuration-Options for more info* * */ @@ -194,7 +194,7 @@ public Optional>> allowed /** * Specifies a map of ssh key types and their expected sizes which - * are allowed to be signed by the CA type. + * are allowed to be signed by the CA type.\ * *Deprecated: use* allowed_user_key_config *instead* * * @deprecated @@ -207,7 +207,7 @@ public Optional>> allowed /** * @return Specifies a map of ssh key types and their expected sizes which - * are allowed to be signed by the CA type. + * are allowed to be signed by the CA type.\ * *Deprecated: use* allowed_user_key_config *instead* * * @deprecated @@ -716,7 +716,7 @@ public Builder allowedExtensions(String allowedExtensions) { /** * @param allowedUserKeyConfigs Set of configuration blocks to define allowed\ - * user key configuration, like key type and their lengths. Can be specified multiple times. + * user key configuration, like key type and their lengths. Can be specified multiple times.\ * *See Configuration-Options for more info* * * @return builder @@ -729,7 +729,7 @@ public Builder allowedUserKeyConfigs(@Nullable Output> allow /** * @param allowedUserKeyLengths Specifies a map of ssh key types and their expected sizes which - * are allowed to be signed by the CA type. + * are allowed to be signed by the CA type.\ * *Deprecated: use* allowed_user_key_config *instead* * * @return builder diff --git a/sdk/java/src/main/java/com/pulumi/vault/ssh/inputs/SecretBackendRoleAllowedUserKeyConfigArgs.java b/sdk/java/src/main/java/com/pulumi/vault/ssh/inputs/SecretBackendRoleAllowedUserKeyConfigArgs.java index 254862ba6..30fc6f625 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/ssh/inputs/SecretBackendRoleAllowedUserKeyConfigArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/ssh/inputs/SecretBackendRoleAllowedUserKeyConfigArgs.java @@ -86,7 +86,7 @@ public Output> lengths() { /** * The SSH public key type.\ - * *Supported key types are:* + * *Supported key types are:*\ * `rsa`, `ecdsa`, `ec`, `dsa`, `ed25519`, `ssh-rsa`, `ssh-dss`, `ssh-ed25519`, * `ecdsa-sha2-nistp256`, `ecdsa-sha2-nistp384`, `ecdsa-sha2-nistp521` * @@ -96,7 +96,7 @@ public Output> lengths() { /** * @return The SSH public key type.\ - * *Supported key types are:* + * *Supported key types are:*\ * `rsa`, `ecdsa`, `ec`, `dsa`, `ed25519`, `ssh-rsa`, `ssh-dss`, `ssh-ed25519`, * `ecdsa-sha2-nistp256`, `ecdsa-sha2-nistp384`, `ecdsa-sha2-nistp521` * @@ -244,7 +244,7 @@ public Builder lengths(Integer... lengths) { /** * @param type The SSH public key type.\ - * *Supported key types are:* + * *Supported key types are:*\ * `rsa`, `ecdsa`, `ec`, `dsa`, `ed25519`, `ssh-rsa`, `ssh-dss`, `ssh-ed25519`, * `ecdsa-sha2-nistp256`, `ecdsa-sha2-nistp384`, `ecdsa-sha2-nistp521` * @@ -258,7 +258,7 @@ public Builder type(Output type) { /** * @param type The SSH public key type.\ - * *Supported key types are:* + * *Supported key types are:*\ * `rsa`, `ecdsa`, `ec`, `dsa`, `ed25519`, `ssh-rsa`, `ssh-dss`, `ssh-ed25519`, * `ecdsa-sha2-nistp256`, `ecdsa-sha2-nistp384`, `ecdsa-sha2-nistp521` * diff --git a/sdk/java/src/main/java/com/pulumi/vault/ssh/inputs/SecretBackendRoleState.java b/sdk/java/src/main/java/com/pulumi/vault/ssh/inputs/SecretBackendRoleState.java index b8af3e932..10d5b6e85 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/ssh/inputs/SecretBackendRoleState.java +++ b/sdk/java/src/main/java/com/pulumi/vault/ssh/inputs/SecretBackendRoleState.java @@ -175,7 +175,7 @@ public Optional> allowedExtensions() { /** * Set of configuration blocks to define allowed\ - * user key configuration, like key type and their lengths. Can be specified multiple times. + * user key configuration, like key type and their lengths. Can be specified multiple times.\ * *See Configuration-Options for more info* * */ @@ -184,7 +184,7 @@ public Optional> allowedExtensions() { /** * @return Set of configuration blocks to define allowed\ - * user key configuration, like key type and their lengths. Can be specified multiple times. + * user key configuration, like key type and their lengths. Can be specified multiple times.\ * *See Configuration-Options for more info* * */ @@ -194,7 +194,7 @@ public Optional>> allowed /** * Specifies a map of ssh key types and their expected sizes which - * are allowed to be signed by the CA type. + * are allowed to be signed by the CA type.\ * *Deprecated: use* allowed_user_key_config *instead* * * @deprecated @@ -207,7 +207,7 @@ public Optional>> allowed /** * @return Specifies a map of ssh key types and their expected sizes which - * are allowed to be signed by the CA type. + * are allowed to be signed by the CA type.\ * *Deprecated: use* allowed_user_key_config *instead* * * @deprecated @@ -716,7 +716,7 @@ public Builder allowedExtensions(String allowedExtensions) { /** * @param allowedUserKeyConfigs Set of configuration blocks to define allowed\ - * user key configuration, like key type and their lengths. Can be specified multiple times. + * user key configuration, like key type and their lengths. Can be specified multiple times.\ * *See Configuration-Options for more info* * * @return builder @@ -729,7 +729,7 @@ public Builder allowedUserKeyConfigs(@Nullable Output> allow /** * @param allowedUserKeyLengths Specifies a map of ssh key types and their expected sizes which - * are allowed to be signed by the CA type. + * are allowed to be signed by the CA type.\ * *Deprecated: use* allowed_user_key_config *instead* * * @return builder diff --git a/sdk/java/src/main/java/com/pulumi/vault/ssh/outputs/SecretBackendRoleAllowedUserKeyConfig.java b/sdk/java/src/main/java/com/pulumi/vault/ssh/outputs/SecretBackendRoleAllowedUserKeyConfig.java index c33149c60..1272d2dae 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/ssh/outputs/SecretBackendRoleAllowedUserKeyConfig.java +++ b/sdk/java/src/main/java/com/pulumi/vault/ssh/outputs/SecretBackendRoleAllowedUserKeyConfig.java @@ -45,7 +45,7 @@ public final class SecretBackendRoleAllowedUserKeyConfig { private List lengths; /** * @return The SSH public key type.\ - * *Supported key types are:* + * *Supported key types are:*\ * `rsa`, `ecdsa`, `ec`, `dsa`, `ed25519`, `ssh-rsa`, `ssh-dss`, `ssh-ed25519`, * `ecdsa-sha2-nistp256`, `ecdsa-sha2-nistp384`, `ecdsa-sha2-nistp521` * @@ -89,7 +89,7 @@ public List lengths() { } /** * @return The SSH public key type.\ - * *Supported key types are:* + * *Supported key types are:*\ * `rsa`, `ecdsa`, `ec`, `dsa`, `ed25519`, `ssh-rsa`, `ssh-dss`, `ssh-ed25519`, * `ecdsa-sha2-nistp256`, `ecdsa-sha2-nistp384`, `ecdsa-sha2-nistp521` * diff --git a/sdk/nodejs/aws/authBackendClient.ts b/sdk/nodejs/aws/authBackendClient.ts index 62c33c89a..d24537730 100644 --- a/sdk/nodejs/aws/authBackendClient.ts +++ b/sdk/nodejs/aws/authBackendClient.ts @@ -107,7 +107,7 @@ export class AuthBackendClient extends pulumi.CustomResource { * Available in Vault v1.15+. If set, * overrides both `stsEndpoint` and `stsRegion` to instead use the region * specified in the client request headers for IAM-based authentication. - * This can be useful when you have client requests coming from different + * This can be useful when you have client requests coming from different * regions and want flexibility in which regional STS API is used. */ public readonly useStsRegionFromClient!: pulumi.Output; @@ -211,7 +211,7 @@ export interface AuthBackendClientState { * Available in Vault v1.15+. If set, * overrides both `stsEndpoint` and `stsRegion` to instead use the region * specified in the client request headers for IAM-based authentication. - * This can be useful when you have client requests coming from different + * This can be useful when you have client requests coming from different * regions and want flexibility in which regional STS API is used. */ useStsRegionFromClient?: pulumi.Input; @@ -273,7 +273,7 @@ export interface AuthBackendClientArgs { * Available in Vault v1.15+. If set, * overrides both `stsEndpoint` and `stsRegion` to instead use the region * specified in the client request headers for IAM-based authentication. - * This can be useful when you have client requests coming from different + * This can be useful when you have client requests coming from different * regions and want flexibility in which regional STS API is used. */ useStsRegionFromClient?: pulumi.Input; diff --git a/sdk/nodejs/aws/secretBackendRole.ts b/sdk/nodejs/aws/secretBackendRole.ts index 7df69fc5e..4049d2044 100644 --- a/sdk/nodejs/aws/secretBackendRole.ts +++ b/sdk/nodejs/aws/secretBackendRole.ts @@ -116,8 +116,8 @@ export class SecretBackendRole extends pulumi.CustomResource { public readonly namespace!: pulumi.Output; /** * The ARN of the AWS Permissions - * Boundary to attach to IAM users created in the role. Valid only when - * `credentialType` is `iamUser`. If not specified, then no permissions boundary + * Boundary to attach to IAM users created in the role. Valid only when + * `credentialType` is `iamUser`. If not specified, then no permissions boundary * policy will be attached. */ public readonly permissionsBoundaryArn!: pulumi.Output; @@ -254,8 +254,8 @@ export interface SecretBackendRoleState { namespace?: pulumi.Input; /** * The ARN of the AWS Permissions - * Boundary to attach to IAM users created in the role. Valid only when - * `credentialType` is `iamUser`. If not specified, then no permissions boundary + * Boundary to attach to IAM users created in the role. Valid only when + * `credentialType` is `iamUser`. If not specified, then no permissions boundary * policy will be attached. */ permissionsBoundaryArn?: pulumi.Input; @@ -342,8 +342,8 @@ export interface SecretBackendRoleArgs { namespace?: pulumi.Input; /** * The ARN of the AWS Permissions - * Boundary to attach to IAM users created in the role. Valid only when - * `credentialType` is `iamUser`. If not specified, then no permissions boundary + * Boundary to attach to IAM users created in the role. Valid only when + * `credentialType` is `iamUser`. If not specified, then no permissions boundary * policy will be attached. */ permissionsBoundaryArn?: pulumi.Input; diff --git a/sdk/nodejs/azure/backend.ts b/sdk/nodejs/azure/backend.ts index f2ab64324..a19a1108b 100644 --- a/sdk/nodejs/azure/backend.ts +++ b/sdk/nodejs/azure/backend.ts @@ -66,11 +66,11 @@ export class Backend extends pulumi.CustomResource { } /** - * The OAuth2 client id to connect to Azure. + * (`string:""`) - The OAuth2 client id to connect to Azure. */ public readonly clientId!: pulumi.Output; /** - * The OAuth2 client secret to connect to Azure. + * (`string:""`) - The OAuth2 client secret to connect to Azure. */ public readonly clientSecret!: pulumi.Output; /** @@ -83,7 +83,7 @@ export class Backend extends pulumi.CustomResource { */ public readonly disableRemount!: pulumi.Output; /** - * The Azure environment. + * (`string:""`) - The Azure environment. */ public readonly environment!: pulumi.Output; /** @@ -94,20 +94,20 @@ export class Backend extends pulumi.CustomResource { */ public readonly namespace!: pulumi.Output; /** - * The unique path this backend should be mounted at. Defaults to `azure`. + * (`string: `) - The unique path this backend should be mounted at. Defaults to `azure`. */ public readonly path!: pulumi.Output; /** - * The subscription id for the Azure Active Directory. + * (`string: `) - The subscription id for the Azure Active Directory. */ public readonly subscriptionId!: pulumi.Output; /** - * The tenant id for the Azure Active Directory. + * (`string: `) - The tenant id for the Azure Active Directory. */ public readonly tenantId!: pulumi.Output; /** - * Indicates whether the secrets engine should use - * the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. + * (`bool: `) - Indicates whether the secrets engine should use + * the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. * For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api) */ public readonly useMicrosoftGraphApi!: pulumi.Output; @@ -166,11 +166,11 @@ export class Backend extends pulumi.CustomResource { */ export interface BackendState { /** - * The OAuth2 client id to connect to Azure. + * (`string:""`) - The OAuth2 client id to connect to Azure. */ clientId?: pulumi.Input; /** - * The OAuth2 client secret to connect to Azure. + * (`string:""`) - The OAuth2 client secret to connect to Azure. */ clientSecret?: pulumi.Input; /** @@ -183,7 +183,7 @@ export interface BackendState { */ disableRemount?: pulumi.Input; /** - * The Azure environment. + * (`string:""`) - The Azure environment. */ environment?: pulumi.Input; /** @@ -194,20 +194,20 @@ export interface BackendState { */ namespace?: pulumi.Input; /** - * The unique path this backend should be mounted at. Defaults to `azure`. + * (`string: `) - The unique path this backend should be mounted at. Defaults to `azure`. */ path?: pulumi.Input; /** - * The subscription id for the Azure Active Directory. + * (`string: `) - The subscription id for the Azure Active Directory. */ subscriptionId?: pulumi.Input; /** - * The tenant id for the Azure Active Directory. + * (`string: `) - The tenant id for the Azure Active Directory. */ tenantId?: pulumi.Input; /** - * Indicates whether the secrets engine should use - * the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. + * (`bool: `) - Indicates whether the secrets engine should use + * the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. * For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api) */ useMicrosoftGraphApi?: pulumi.Input; @@ -218,11 +218,11 @@ export interface BackendState { */ export interface BackendArgs { /** - * The OAuth2 client id to connect to Azure. + * (`string:""`) - The OAuth2 client id to connect to Azure. */ clientId?: pulumi.Input; /** - * The OAuth2 client secret to connect to Azure. + * (`string:""`) - The OAuth2 client secret to connect to Azure. */ clientSecret?: pulumi.Input; /** @@ -235,7 +235,7 @@ export interface BackendArgs { */ disableRemount?: pulumi.Input; /** - * The Azure environment. + * (`string:""`) - The Azure environment. */ environment?: pulumi.Input; /** @@ -246,20 +246,20 @@ export interface BackendArgs { */ namespace?: pulumi.Input; /** - * The unique path this backend should be mounted at. Defaults to `azure`. + * (`string: `) - The unique path this backend should be mounted at. Defaults to `azure`. */ path?: pulumi.Input; /** - * The subscription id for the Azure Active Directory. + * (`string: `) - The subscription id for the Azure Active Directory. */ subscriptionId: pulumi.Input; /** - * The tenant id for the Azure Active Directory. + * (`string: `) - The tenant id for the Azure Active Directory. */ tenantId: pulumi.Input; /** - * Indicates whether the secrets engine should use - * the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. + * (`bool: `) - Indicates whether the secrets engine should use + * the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. * For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api) */ useMicrosoftGraphApi?: pulumi.Input; diff --git a/sdk/nodejs/azure/getAccessCredentials.ts b/sdk/nodejs/azure/getAccessCredentials.ts index e38e760bd..b2eefc4e3 100644 --- a/sdk/nodejs/azure/getAccessCredentials.ts +++ b/sdk/nodejs/azure/getAccessCredentials.ts @@ -54,7 +54,7 @@ export interface GetAccessCredentialsArgs { /** * The Azure environment to use during credential validation. * Defaults to the environment configured in the Vault backend. - * Some possible values: `AzurePublicCloud`, `AzureGovernmentCloud` + * Some possible values: `AzurePublicCloud`, `AzureGovernmentCloud` * *See the caveats section for more information on this field.* */ environment?: string; @@ -79,7 +79,7 @@ export interface GetAccessCredentialsArgs { numSecondsBetweenTests?: number; /** * If 'validate_creds' is true, - * the number of sequential successes required to validate generated + * the number of sequential successes required to validate generated * credentials. Defaults to 8. */ numSequentialSuccesses?: number; @@ -90,19 +90,19 @@ export interface GetAccessCredentialsArgs { role: string; /** * The subscription ID to use during credential - * validation. Defaults to the subscription ID configured in the Vault `backend`. + * validation. Defaults to the subscription ID configured in the Vault `backend`. * *See the caveats section for more information on this field.* */ subscriptionId?: string; /** * The tenant ID to use during credential validation. - * Defaults to the tenant ID configured in the Vault `backend`. + * Defaults to the tenant ID configured in the Vault `backend`. * *See the caveats section for more information on this field.* */ tenantId?: string; /** * Whether generated credentials should be - * validated before being returned. Defaults to `false`, which returns + * validated before being returned. Defaults to `false`, which returns * credentials without checking whether they have fully propagated throughout * Azure Active Directory. Designating `true` activates testing. */ @@ -185,7 +185,7 @@ export interface GetAccessCredentialsOutputArgs { /** * The Azure environment to use during credential validation. * Defaults to the environment configured in the Vault backend. - * Some possible values: `AzurePublicCloud`, `AzureGovernmentCloud` + * Some possible values: `AzurePublicCloud`, `AzureGovernmentCloud` * *See the caveats section for more information on this field.* */ environment?: pulumi.Input; @@ -210,7 +210,7 @@ export interface GetAccessCredentialsOutputArgs { numSecondsBetweenTests?: pulumi.Input; /** * If 'validate_creds' is true, - * the number of sequential successes required to validate generated + * the number of sequential successes required to validate generated * credentials. Defaults to 8. */ numSequentialSuccesses?: pulumi.Input; @@ -221,19 +221,19 @@ export interface GetAccessCredentialsOutputArgs { role: pulumi.Input; /** * The subscription ID to use during credential - * validation. Defaults to the subscription ID configured in the Vault `backend`. + * validation. Defaults to the subscription ID configured in the Vault `backend`. * *See the caveats section for more information on this field.* */ subscriptionId?: pulumi.Input; /** * The tenant ID to use during credential validation. - * Defaults to the tenant ID configured in the Vault `backend`. + * Defaults to the tenant ID configured in the Vault `backend`. * *See the caveats section for more information on this field.* */ tenantId?: pulumi.Input; /** * Whether generated credentials should be - * validated before being returned. Defaults to `false`, which returns + * validated before being returned. Defaults to `false`, which returns * credentials without checking whether they have fully propagated throughout * Azure Active Directory. Designating `true` activates testing. */ diff --git a/sdk/nodejs/certAuthBackendRole.ts b/sdk/nodejs/certAuthBackendRole.ts index a68f0d2b6..f84601a22 100644 --- a/sdk/nodejs/certAuthBackendRole.ts +++ b/sdk/nodejs/certAuthBackendRole.ts @@ -137,7 +137,7 @@ export class CertAuthBackendRole extends pulumi.CustomResource { */ public readonly ocspQueryAllServers!: pulumi.Output; /** - * : A comma-separated list of OCSP + * A comma-separated list of OCSP * server addresses. If unset, the OCSP server is determined from the * AuthorityInformationAccess extension on the certificate being inspected. * Requires Vault version 1.13+. @@ -364,7 +364,7 @@ export interface CertAuthBackendRoleState { */ ocspQueryAllServers?: pulumi.Input; /** - * : A comma-separated list of OCSP + * A comma-separated list of OCSP * server addresses. If unset, the OCSP server is determined from the * AuthorityInformationAccess extension on the certificate being inspected. * Requires Vault version 1.13+. @@ -514,7 +514,7 @@ export interface CertAuthBackendRoleArgs { */ ocspQueryAllServers?: pulumi.Input; /** - * : A comma-separated list of OCSP + * A comma-separated list of OCSP * server addresses. If unset, the OCSP server is determined from the * AuthorityInformationAccess extension on the certificate being inspected. * Requires Vault version 1.13+. diff --git a/sdk/nodejs/generic/endpoint.ts b/sdk/nodejs/generic/endpoint.ts index 16ded45c2..4d36688d2 100644 --- a/sdk/nodejs/generic/endpoint.ts +++ b/sdk/nodejs/generic/endpoint.ts @@ -95,7 +95,7 @@ export class Endpoint extends pulumi.CustomResource { */ public readonly dataJson!: pulumi.Output; /** - * - (Optional) True/false. Set this to true if your + * True/false. Set this to true if your * vault authentication is not able to delete the data or if the endpoint * does not support the `DELETE` method. Defaults to false. */ @@ -109,7 +109,7 @@ export class Endpoint extends pulumi.CustomResource { */ public readonly disableRead!: pulumi.Output; /** - * - (Optional) True/false. If set to true, + * True/false. If set to true, * ignore any fields present when the endpoint is read but that were not * in `dataJson`. Also, if a field that was written is not returned when * the endpoint is read, treat that field as being up to date. You should @@ -146,7 +146,7 @@ export class Endpoint extends pulumi.CustomResource { */ public /*out*/ readonly writeDataJson!: pulumi.Output; /** - * - (Optional). A list of fields that should be returned + * . A list of fields that should be returned * in `writeDataJson` and `writeData`. If omitted, data returned by * the write operation is not available to the resource or included in * state. This helps to avoid accidental storage of sensitive values in @@ -213,7 +213,7 @@ export interface EndpointState { */ dataJson?: pulumi.Input; /** - * - (Optional) True/false. Set this to true if your + * True/false. Set this to true if your * vault authentication is not able to delete the data or if the endpoint * does not support the `DELETE` method. Defaults to false. */ @@ -227,7 +227,7 @@ export interface EndpointState { */ disableRead?: pulumi.Input; /** - * - (Optional) True/false. If set to true, + * True/false. If set to true, * ignore any fields present when the endpoint is read but that were not * in `dataJson`. Also, if a field that was written is not returned when * the endpoint is read, treat that field as being up to date. You should @@ -264,7 +264,7 @@ export interface EndpointState { */ writeDataJson?: pulumi.Input; /** - * - (Optional). A list of fields that should be returned + * . A list of fields that should be returned * in `writeDataJson` and `writeData`. If omitted, data returned by * the write operation is not available to the resource or included in * state. This helps to avoid accidental storage of sensitive values in @@ -285,7 +285,7 @@ export interface EndpointArgs { */ dataJson: pulumi.Input; /** - * - (Optional) True/false. Set this to true if your + * True/false. Set this to true if your * vault authentication is not able to delete the data or if the endpoint * does not support the `DELETE` method. Defaults to false. */ @@ -299,7 +299,7 @@ export interface EndpointArgs { */ disableRead?: pulumi.Input; /** - * - (Optional) True/false. If set to true, + * True/false. If set to true, * ignore any fields present when the endpoint is read but that were not * in `dataJson`. Also, if a field that was written is not returned when * the endpoint is read, treat that field as being up to date. You should @@ -323,7 +323,7 @@ export interface EndpointArgs { */ path: pulumi.Input; /** - * - (Optional). A list of fields that should be returned + * . A list of fields that should be returned * in `writeDataJson` and `writeData`. If omitted, data returned by * the write operation is not available to the resource or included in * state. This helps to avoid accidental storage of sensitive values in diff --git a/sdk/nodejs/identity/groupMemberGroupIds.ts b/sdk/nodejs/identity/groupMemberGroupIds.ts index 821454d83..4e0dae3f1 100644 --- a/sdk/nodejs/identity/groupMemberGroupIds.ts +++ b/sdk/nodejs/identity/groupMemberGroupIds.ts @@ -89,7 +89,7 @@ export class GroupMemberGroupIds extends pulumi.CustomResource { * If `true`, this resource will take exclusive control of the member groups that belong to the group and will set * it equal to what is specified in the resource. * - * If set to `false`, this resource will simply ensure that the member groups specified in the resource are present + * If set to `false`, this resource will simply ensure that the member groups specified in the resource are present * in the group. When destroying the resource, the resource will ensure that the member groups specified in the resource * are removed. */ @@ -152,7 +152,7 @@ export interface GroupMemberGroupIdsState { * If `true`, this resource will take exclusive control of the member groups that belong to the group and will set * it equal to what is specified in the resource. * - * If set to `false`, this resource will simply ensure that the member groups specified in the resource are present + * If set to `false`, this resource will simply ensure that the member groups specified in the resource are present * in the group. When destroying the resource, the resource will ensure that the member groups specified in the resource * are removed. */ @@ -184,7 +184,7 @@ export interface GroupMemberGroupIdsArgs { * If `true`, this resource will take exclusive control of the member groups that belong to the group and will set * it equal to what is specified in the resource. * - * If set to `false`, this resource will simply ensure that the member groups specified in the resource are present + * If set to `false`, this resource will simply ensure that the member groups specified in the resource are present * in the group. When destroying the resource, the resource will ensure that the member groups specified in the resource * are removed. */ diff --git a/sdk/nodejs/jwt/authBackend.ts b/sdk/nodejs/jwt/authBackend.ts index ef528cbaf..bfb083a0e 100644 --- a/sdk/nodejs/jwt/authBackend.ts +++ b/sdk/nodejs/jwt/authBackend.ts @@ -158,6 +158,7 @@ export class AuthBackend extends pulumi.CustomResource { /** * Pass namespace in the OIDC state parameter instead of as a separate query parameter. With this setting, the allowed redirect URL(s) in Vault and on the provider side should not contain a namespace query parameter. This means only one redirect URL entry needs to be maintained on the OIDC provider side for all vault namespaces that will be authenticating against it. Defaults to true for new configs * + * * * tune - (Optional) Extra configuration block. Structure is documented below. * * The `tune` block is used to tune the auth backend: @@ -323,6 +324,7 @@ export interface AuthBackendState { /** * Pass namespace in the OIDC state parameter instead of as a separate query parameter. With this setting, the allowed redirect URL(s) in Vault and on the provider side should not contain a namespace query parameter. This means only one redirect URL entry needs to be maintained on the OIDC provider side for all vault namespaces that will be authenticating against it. Defaults to true for new configs * + * * * tune - (Optional) Extra configuration block. Structure is documented below. * * The `tune` block is used to tune the auth backend: @@ -418,6 +420,7 @@ export interface AuthBackendArgs { /** * Pass namespace in the OIDC state parameter instead of as a separate query parameter. With this setting, the allowed redirect URL(s) in Vault and on the provider side should not contain a namespace query parameter. This means only one redirect URL entry needs to be maintained on the OIDC provider side for all vault namespaces that will be authenticating against it. Defaults to true for new configs * + * * * tune - (Optional) Extra configuration block. Structure is documented below. * * The `tune` block is used to tune the auth backend: diff --git a/sdk/nodejs/jwt/authBackendRole.ts b/sdk/nodejs/jwt/authBackendRole.ts index f514898d0..f2ed2ba64 100644 --- a/sdk/nodejs/jwt/authBackendRole.ts +++ b/sdk/nodejs/jwt/authBackendRole.ts @@ -248,7 +248,7 @@ export class AuthBackendRole extends pulumi.CustomResource { public readonly userClaim!: pulumi.Output; /** * Specifies if the `userClaim` value uses - * [JSON pointer](https://www.vaultproject.io/docs/auth/jwt#claim-specifications-and-json-pointer) + * [JSON pointer](https://www.vaultproject.io/docs/auth/jwt#claim-specifications-and-json-pointer) * syntax for referencing claims. By default, the `userClaim` value will not use JSON pointer. * Requires Vault 1.11+. */ @@ -502,7 +502,7 @@ export interface AuthBackendRoleState { userClaim?: pulumi.Input; /** * Specifies if the `userClaim` value uses - * [JSON pointer](https://www.vaultproject.io/docs/auth/jwt#claim-specifications-and-json-pointer) + * [JSON pointer](https://www.vaultproject.io/docs/auth/jwt#claim-specifications-and-json-pointer) * syntax for referencing claims. By default, the `userClaim` value will not use JSON pointer. * Requires Vault 1.11+. */ @@ -672,7 +672,7 @@ export interface AuthBackendRoleArgs { userClaim: pulumi.Input; /** * Specifies if the `userClaim` value uses - * [JSON pointer](https://www.vaultproject.io/docs/auth/jwt#claim-specifications-and-json-pointer) + * [JSON pointer](https://www.vaultproject.io/docs/auth/jwt#claim-specifications-and-json-pointer) * syntax for referencing claims. By default, the `userClaim` value will not use JSON pointer. * Requires Vault 1.11+. */ diff --git a/sdk/nodejs/kubernetes/secretBackend.ts b/sdk/nodejs/kubernetes/secretBackend.ts index 3f9713a1d..5fadba2b2 100644 --- a/sdk/nodejs/kubernetes/secretBackend.ts +++ b/sdk/nodejs/kubernetes/secretBackend.ts @@ -95,14 +95,14 @@ export class SecretBackend extends pulumi.CustomResource { public readonly externalEntropyAccess!: pulumi.Output; /** * A PEM-encoded CA certificate used by the - * secrets engine to verify the Kubernetes API server certificate. Defaults to the local + * secrets engine to verify the Kubernetes API server certificate. Defaults to the local * pod’s CA if Vault is running in Kubernetes. Otherwise, defaults to the root CA set where * Vault is running. */ public readonly kubernetesCaCert!: pulumi.Output; /** * The Kubernetes API URL to connect to. Required if the - * standard pod environment variables `KUBERNETES_SERVICE_HOST` or `KUBERNETES_SERVICE_PORT` + * standard pod environment variables `KUBERNETES_SERVICE_HOST` or `KUBERNETES_SERVICE_PORT` * are not set on the host that Vault is running on. */ public readonly kubernetesHost!: pulumi.Output; @@ -135,7 +135,7 @@ export class SecretBackend extends pulumi.CustomResource { public readonly sealWrap!: pulumi.Output; /** * The JSON web token of the service account used by the - * secrets engine to manage Kubernetes credentials. Defaults to the local pod’s JWT if Vault + * secrets engine to manage Kubernetes credentials. Defaults to the local pod’s JWT if Vault * is running in Kubernetes. */ public readonly serviceAccountJwt!: pulumi.Output; @@ -239,14 +239,14 @@ export interface SecretBackendState { externalEntropyAccess?: pulumi.Input; /** * A PEM-encoded CA certificate used by the - * secrets engine to verify the Kubernetes API server certificate. Defaults to the local + * secrets engine to verify the Kubernetes API server certificate. Defaults to the local * pod’s CA if Vault is running in Kubernetes. Otherwise, defaults to the root CA set where * Vault is running. */ kubernetesCaCert?: pulumi.Input; /** * The Kubernetes API URL to connect to. Required if the - * standard pod environment variables `KUBERNETES_SERVICE_HOST` or `KUBERNETES_SERVICE_PORT` + * standard pod environment variables `KUBERNETES_SERVICE_HOST` or `KUBERNETES_SERVICE_PORT` * are not set on the host that Vault is running on. */ kubernetesHost?: pulumi.Input; @@ -279,7 +279,7 @@ export interface SecretBackendState { sealWrap?: pulumi.Input; /** * The JSON web token of the service account used by the - * secrets engine to manage Kubernetes credentials. Defaults to the local pod’s JWT if Vault + * secrets engine to manage Kubernetes credentials. Defaults to the local pod’s JWT if Vault * is running in Kubernetes. */ serviceAccountJwt?: pulumi.Input; @@ -320,14 +320,14 @@ export interface SecretBackendArgs { externalEntropyAccess?: pulumi.Input; /** * A PEM-encoded CA certificate used by the - * secrets engine to verify the Kubernetes API server certificate. Defaults to the local + * secrets engine to verify the Kubernetes API server certificate. Defaults to the local * pod’s CA if Vault is running in Kubernetes. Otherwise, defaults to the root CA set where * Vault is running. */ kubernetesCaCert?: pulumi.Input; /** * The Kubernetes API URL to connect to. Required if the - * standard pod environment variables `KUBERNETES_SERVICE_HOST` or `KUBERNETES_SERVICE_PORT` + * standard pod environment variables `KUBERNETES_SERVICE_HOST` or `KUBERNETES_SERVICE_PORT` * are not set on the host that Vault is running on. */ kubernetesHost?: pulumi.Input; @@ -360,7 +360,7 @@ export interface SecretBackendArgs { sealWrap?: pulumi.Input; /** * The JSON web token of the service account used by the - * secrets engine to manage Kubernetes credentials. Defaults to the local pod’s JWT if Vault + * secrets engine to manage Kubernetes credentials. Defaults to the local pod’s JWT if Vault * is running in Kubernetes. */ serviceAccountJwt?: pulumi.Input; diff --git a/sdk/nodejs/kubernetes/secretBackendRole.ts b/sdk/nodejs/kubernetes/secretBackendRole.ts index 11e6ad35d..671c664c6 100644 --- a/sdk/nodejs/kubernetes/secretBackendRole.ts +++ b/sdk/nodejs/kubernetes/secretBackendRole.ts @@ -168,15 +168,15 @@ export class SecretBackendRole extends pulumi.CustomResource { public readonly extraLabels!: pulumi.Output<{[key: string]: string} | undefined>; /** * The Role or ClusterRole rules to use when generating - * a role. Accepts either JSON or YAML formatted rules. Mutually exclusive with `serviceAccountName` - * and `kubernetesRoleName`. If set, the entire chain of Kubernetes objects will be generated + * a role. Accepts either JSON or YAML formatted rules. Mutually exclusive with `serviceAccountName` + * and `kubernetesRoleName`. If set, the entire chain of Kubernetes objects will be generated * when credentials are requested. */ public readonly generatedRoleRules!: pulumi.Output; /** * The pre-existing Role or ClusterRole to bind a - * generated service account to. Mutually exclusive with `serviceAccountName` and - * `generatedRoleRules`. If set, Kubernetes token, service account, and role + * generated service account to. Mutually exclusive with `serviceAccountName` and + * `generatedRoleRules`. If set, Kubernetes token, service account, and role * binding objects will be created when credentials are requested. */ public readonly kubernetesRoleName!: pulumi.Output; @@ -297,15 +297,15 @@ export interface SecretBackendRoleState { extraLabels?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * The Role or ClusterRole rules to use when generating - * a role. Accepts either JSON or YAML formatted rules. Mutually exclusive with `serviceAccountName` - * and `kubernetesRoleName`. If set, the entire chain of Kubernetes objects will be generated + * a role. Accepts either JSON or YAML formatted rules. Mutually exclusive with `serviceAccountName` + * and `kubernetesRoleName`. If set, the entire chain of Kubernetes objects will be generated * when credentials are requested. */ generatedRoleRules?: pulumi.Input; /** * The pre-existing Role or ClusterRole to bind a - * generated service account to. Mutually exclusive with `serviceAccountName` and - * `generatedRoleRules`. If set, Kubernetes token, service account, and role + * generated service account to. Mutually exclusive with `serviceAccountName` and + * `generatedRoleRules`. If set, Kubernetes token, service account, and role * binding objects will be created when credentials are requested. */ kubernetesRoleName?: pulumi.Input; @@ -374,15 +374,15 @@ export interface SecretBackendRoleArgs { extraLabels?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * The Role or ClusterRole rules to use when generating - * a role. Accepts either JSON or YAML formatted rules. Mutually exclusive with `serviceAccountName` - * and `kubernetesRoleName`. If set, the entire chain of Kubernetes objects will be generated + * a role. Accepts either JSON or YAML formatted rules. Mutually exclusive with `serviceAccountName` + * and `kubernetesRoleName`. If set, the entire chain of Kubernetes objects will be generated * when credentials are requested. */ generatedRoleRules?: pulumi.Input; /** * The pre-existing Role or ClusterRole to bind a - * generated service account to. Mutually exclusive with `serviceAccountName` and - * `generatedRoleRules`. If set, Kubernetes token, service account, and role + * generated service account to. Mutually exclusive with `serviceAccountName` and + * `generatedRoleRules`. If set, Kubernetes token, service account, and role * binding objects will be created when credentials are requested. */ kubernetesRoleName?: pulumi.Input; diff --git a/sdk/nodejs/mfaOkta.ts b/sdk/nodejs/mfaOkta.ts index 1dd3ab587..ea72cd87d 100644 --- a/sdk/nodejs/mfaOkta.ts +++ b/sdk/nodejs/mfaOkta.ts @@ -99,7 +99,7 @@ export class MfaOkta extends pulumi.CustomResource { public readonly primaryEmail!: pulumi.Output; /** * `(string)` - A format string for mapping Identity names to MFA method names. - * Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`. + * Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`. * If blank, the Alias's Name field will be used as-is. Currently-supported mappings: * - alias.name: The name returned by the mount configured via the `mountAccessor` parameter * - entity.name: The name configured for the Entity @@ -196,7 +196,7 @@ export interface MfaOktaState { primaryEmail?: pulumi.Input; /** * `(string)` - A format string for mapping Identity names to MFA method names. - * Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`. + * Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`. * If blank, the Alias's Name field will be used as-is. Currently-supported mappings: * - alias.name: The name returned by the mount configured via the `mountAccessor` parameter * - entity.name: The name configured for the Entity @@ -246,7 +246,7 @@ export interface MfaOktaArgs { primaryEmail?: pulumi.Input; /** * `(string)` - A format string for mapping Identity names to MFA method names. - * Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`. + * Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`. * If blank, the Alias's Name field will be used as-is. Currently-supported mappings: * - alias.name: The name returned by the mount configured via the `mountAccessor` parameter * - entity.name: The name configured for the Entity diff --git a/sdk/nodejs/mfaPingid.ts b/sdk/nodejs/mfaPingid.ts index 20a455e96..f85d5d4b0 100644 --- a/sdk/nodejs/mfaPingid.ts +++ b/sdk/nodejs/mfaPingid.ts @@ -115,7 +115,7 @@ export class MfaPingid extends pulumi.CustomResource { public /*out*/ readonly useSignature!: pulumi.Output; /** * `(string)` - A format string for mapping Identity names to MFA method names. - * Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`. + * Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`. * If blank, the Alias's Name field will be used as-is. Currently-supported mappings: * - alias.name: The name returned by the mount configured via the `mountAccessor` parameter * - entity.name: The name configured for the Entity @@ -230,7 +230,7 @@ export interface MfaPingidState { useSignature?: pulumi.Input; /** * `(string)` - A format string for mapping Identity names to MFA method names. - * Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`. + * Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`. * If blank, the Alias's Name field will be used as-is. Currently-supported mappings: * - alias.name: The name returned by the mount configured via the `mountAccessor` parameter * - entity.name: The name configured for the Entity @@ -267,7 +267,7 @@ export interface MfaPingidArgs { settingsFileBase64: pulumi.Input; /** * `(string)` - A format string for mapping Identity names to MFA method names. - * Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`. + * Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`. * If blank, the Alias's Name field will be used as-is. Currently-supported mappings: * - alias.name: The name returned by the mount configured via the `mountAccessor` parameter * - entity.name: The name configured for the Entity diff --git a/sdk/nodejs/pkisecret/secretBackendKey.ts b/sdk/nodejs/pkisecret/secretBackendKey.ts index 022177522..b99b28676 100644 --- a/sdk/nodejs/pkisecret/secretBackendKey.ts +++ b/sdk/nodejs/pkisecret/secretBackendKey.ts @@ -50,7 +50,7 @@ export class SecretBackendKey extends pulumi.CustomResource { /** * Specifies the number of bits to use for the generated keys. * Allowed values are 0 (universal default); with `key_type=rsa`, allowed values are: - * 2048 (default), 3072, or 4096; with `key_type=ec`, allowed values are: 224, 256 (default), + * 2048 (default), 3072, or 4096; with `key_type=ec`, allowed values are: 224, 256 (default), * 384, or 521; ignored with `key_type=ed25519`. */ public readonly keyBits!: pulumi.Output; @@ -143,7 +143,7 @@ export interface SecretBackendKeyState { /** * Specifies the number of bits to use for the generated keys. * Allowed values are 0 (universal default); with `key_type=rsa`, allowed values are: - * 2048 (default), 3072, or 4096; with `key_type=ec`, allowed values are: 224, 256 (default), + * 2048 (default), 3072, or 4096; with `key_type=ec`, allowed values are: 224, 256 (default), * 384, or 521; ignored with `key_type=ed25519`. */ keyBits?: pulumi.Input; @@ -192,7 +192,7 @@ export interface SecretBackendKeyArgs { /** * Specifies the number of bits to use for the generated keys. * Allowed values are 0 (universal default); with `key_type=rsa`, allowed values are: - * 2048 (default), 3072, or 4096; with `key_type=ec`, allowed values are: 224, 256 (default), + * 2048 (default), 3072, or 4096; with `key_type=ec`, allowed values are: 224, 256 (default), * 384, or 521; ignored with `key_type=ed25519`. */ keyBits?: pulumi.Input; diff --git a/sdk/nodejs/saml/authBackend.ts b/sdk/nodejs/saml/authBackend.ts index bda331b03..fd570d4fd 100644 --- a/sdk/nodejs/saml/authBackend.ts +++ b/sdk/nodejs/saml/authBackend.ts @@ -111,7 +111,7 @@ export class AuthBackend extends pulumi.CustomResource { public readonly path!: pulumi.Output; /** * If set to `true`, logs additional, potentially sensitive - * information during the SAML exchange according to the current logging level. Not + * information during the SAML exchange according to the current logging level. Not * recommended for production. */ public readonly verboseLogging!: pulumi.Output; @@ -220,7 +220,7 @@ export interface AuthBackendState { path?: pulumi.Input; /** * If set to `true`, logs additional, potentially sensitive - * information during the SAML exchange according to the current logging level. Not + * information during the SAML exchange according to the current logging level. Not * recommended for production. */ verboseLogging?: pulumi.Input; @@ -281,7 +281,7 @@ export interface AuthBackendArgs { path?: pulumi.Input; /** * If set to `true`, logs additional, potentially sensitive - * information during the SAML exchange according to the current logging level. Not + * information during the SAML exchange according to the current logging level. Not * recommended for production. */ verboseLogging?: pulumi.Input; diff --git a/sdk/nodejs/ssh/secretBackendRole.ts b/sdk/nodejs/ssh/secretBackendRole.ts index 414df8de7..dd991e6be 100644 --- a/sdk/nodejs/ssh/secretBackendRole.ts +++ b/sdk/nodejs/ssh/secretBackendRole.ts @@ -110,13 +110,13 @@ export class SecretBackendRole extends pulumi.CustomResource { public readonly allowedExtensions!: pulumi.Output; /** * Set of configuration blocks to define allowed - * user key configuration, like key type and their lengths. Can be specified multiple times. + * user key configuration, like key type and their lengths. Can be specified multiple times. * *See Configuration-Options for more info* */ public readonly allowedUserKeyConfigs!: pulumi.Output; /** * Specifies a map of ssh key types and their expected sizes which - * are allowed to be signed by the CA type. + * are allowed to be signed by the CA type. * *Deprecated: use* allowedUserKeyConfig *instead* * * @deprecated Set in allowed_user_key_config @@ -315,13 +315,13 @@ export interface SecretBackendRoleState { allowedExtensions?: pulumi.Input; /** * Set of configuration blocks to define allowed - * user key configuration, like key type and their lengths. Can be specified multiple times. + * user key configuration, like key type and their lengths. Can be specified multiple times. * *See Configuration-Options for more info* */ allowedUserKeyConfigs?: pulumi.Input[]>; /** * Specifies a map of ssh key types and their expected sizes which - * are allowed to be signed by the CA type. + * are allowed to be signed by the CA type. * *Deprecated: use* allowedUserKeyConfig *instead* * * @deprecated Set in allowed_user_key_config @@ -440,13 +440,13 @@ export interface SecretBackendRoleArgs { allowedExtensions?: pulumi.Input; /** * Set of configuration blocks to define allowed - * user key configuration, like key type and their lengths. Can be specified multiple times. + * user key configuration, like key type and their lengths. Can be specified multiple times. * *See Configuration-Options for more info* */ allowedUserKeyConfigs?: pulumi.Input[]>; /** * Specifies a map of ssh key types and their expected sizes which - * are allowed to be signed by the CA type. + * are allowed to be signed by the CA type. * *Deprecated: use* allowedUserKeyConfig *instead* * * @deprecated Set in allowed_user_key_config diff --git a/sdk/nodejs/types/input.ts b/sdk/nodejs/types/input.ts index 5f1e185e7..969da446c 100644 --- a/sdk/nodejs/types/input.ts +++ b/sdk/nodejs/types/input.ts @@ -1450,7 +1450,7 @@ export namespace database { connectionUrl?: pulumi.Input; /** * For Vault v1.9+. Set to true when the target is a - * Contained Database, e.g. AzureSQL. + * Contained Database, e.g. AzureSQL. * See [Vault docs](https://www.vaultproject.io/api/secret/databases/mssql#contained_db) */ containedDb?: pulumi.Input; @@ -2556,7 +2556,7 @@ export namespace ssh { lengths: pulumi.Input[]>; /** * The SSH public key type. - * *Supported key types are:* + * *Supported key types are:* * `rsa`, `ecdsa`, `ec`, `dsa`, `ed25519`, `ssh-rsa`, `ssh-dss`, `ssh-ed25519`, * `ecdsa-sha2-nistp256`, `ecdsa-sha2-nistp384`, `ecdsa-sha2-nistp521` */ diff --git a/sdk/nodejs/types/output.ts b/sdk/nodejs/types/output.ts index 02191b4a6..1564331e3 100644 --- a/sdk/nodejs/types/output.ts +++ b/sdk/nodejs/types/output.ts @@ -1395,7 +1395,7 @@ export namespace database { connectionUrl?: string; /** * For Vault v1.9+. Set to true when the target is a - * Contained Database, e.g. AzureSQL. + * Contained Database, e.g. AzureSQL. * See [Vault docs](https://www.vaultproject.io/api/secret/databases/mssql#contained_db) */ containedDb?: boolean; @@ -2553,7 +2553,7 @@ export namespace ssh { lengths: number[]; /** * The SSH public key type. - * *Supported key types are:* + * *Supported key types are:* * `rsa`, `ecdsa`, `ec`, `dsa`, `ed25519`, `ssh-rsa`, `ssh-dss`, `ssh-ed25519`, * `ecdsa-sha2-nistp256`, `ecdsa-sha2-nistp384`, `ecdsa-sha2-nistp521` */ diff --git a/sdk/python/pulumi_vault/aws/auth_backend_client.py b/sdk/python/pulumi_vault/aws/auth_backend_client.py index 589d45ed4..94efc8c17 100644 --- a/sdk/python/pulumi_vault/aws/auth_backend_client.py +++ b/sdk/python/pulumi_vault/aws/auth_backend_client.py @@ -50,7 +50,7 @@ def __init__(__self__, *, :param pulumi.Input[bool] use_sts_region_from_client: Available in Vault v1.15+. If set, overrides both `sts_endpoint` and `sts_region` to instead use the region specified in the client request headers for IAM-based authentication. - This can be useful when you have client requests coming from different + This can be useful when you have client requests coming from different regions and want flexibility in which regional STS API is used. """ if access_key is not None: @@ -201,7 +201,7 @@ def use_sts_region_from_client(self) -> Optional[pulumi.Input[bool]]: Available in Vault v1.15+. If set, overrides both `sts_endpoint` and `sts_region` to instead use the region specified in the client request headers for IAM-based authentication. - This can be useful when you have client requests coming from different + This can be useful when you have client requests coming from different regions and want flexibility in which regional STS API is used. """ return pulumi.get(self, "use_sts_region_from_client") @@ -250,7 +250,7 @@ def __init__(__self__, *, :param pulumi.Input[bool] use_sts_region_from_client: Available in Vault v1.15+. If set, overrides both `sts_endpoint` and `sts_region` to instead use the region specified in the client request headers for IAM-based authentication. - This can be useful when you have client requests coming from different + This can be useful when you have client requests coming from different regions and want flexibility in which regional STS API is used. """ if access_key is not None: @@ -401,7 +401,7 @@ def use_sts_region_from_client(self) -> Optional[pulumi.Input[bool]]: Available in Vault v1.15+. If set, overrides both `sts_endpoint` and `sts_region` to instead use the region specified in the client request headers for IAM-based authentication. - This can be useful when you have client requests coming from different + This can be useful when you have client requests coming from different regions and want flexibility in which regional STS API is used. """ return pulumi.get(self, "use_sts_region_from_client") @@ -475,7 +475,7 @@ def __init__(__self__, :param pulumi.Input[bool] use_sts_region_from_client: Available in Vault v1.15+. If set, overrides both `sts_endpoint` and `sts_region` to instead use the region specified in the client request headers for IAM-based authentication. - This can be useful when you have client requests coming from different + This can be useful when you have client requests coming from different regions and want flexibility in which regional STS API is used. """ ... @@ -603,7 +603,7 @@ def get(resource_name: str, :param pulumi.Input[bool] use_sts_region_from_client: Available in Vault v1.15+. If set, overrides both `sts_endpoint` and `sts_region` to instead use the region specified in the client request headers for IAM-based authentication. - This can be useful when you have client requests coming from different + This can be useful when you have client requests coming from different regions and want flexibility in which regional STS API is used. """ opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id)) @@ -713,7 +713,7 @@ def use_sts_region_from_client(self) -> pulumi.Output[bool]: Available in Vault v1.15+. If set, overrides both `sts_endpoint` and `sts_region` to instead use the region specified in the client request headers for IAM-based authentication. - This can be useful when you have client requests coming from different + This can be useful when you have client requests coming from different regions and want flexibility in which regional STS API is used. """ return pulumi.get(self, "use_sts_region_from_client") diff --git a/sdk/python/pulumi_vault/aws/secret_backend_role.py b/sdk/python/pulumi_vault/aws/secret_backend_role.py index 5984ca483..2f67e33c9 100644 --- a/sdk/python/pulumi_vault/aws/secret_backend_role.py +++ b/sdk/python/pulumi_vault/aws/secret_backend_role.py @@ -54,8 +54,8 @@ def __init__(__self__, *, The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). *Available only for Vault Enterprise*. :param pulumi.Input[str] permissions_boundary_arn: The ARN of the AWS Permissions - Boundary to attach to IAM users created in the role. Valid only when - `credential_type` is `iam_user`. If not specified, then no permissions boundary + Boundary to attach to IAM users created in the role. Valid only when + `credential_type` is `iam_user`. If not specified, then no permissions boundary policy will be attached. :param pulumi.Input[Sequence[pulumi.Input[str]]] policy_arns: Specifies a list of AWS managed policy ARNs. The behavior depends on the credential type. With `iam_user`, the policies will be @@ -205,8 +205,8 @@ def namespace(self, value: Optional[pulumi.Input[str]]): def permissions_boundary_arn(self) -> Optional[pulumi.Input[str]]: """ The ARN of the AWS Permissions - Boundary to attach to IAM users created in the role. Valid only when - `credential_type` is `iam_user`. If not specified, then no permissions boundary + Boundary to attach to IAM users created in the role. Valid only when + `credential_type` is `iam_user`. If not specified, then no permissions boundary policy will be attached. """ return pulumi.get(self, "permissions_boundary_arn") @@ -320,8 +320,8 @@ def __init__(__self__, *, The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). *Available only for Vault Enterprise*. :param pulumi.Input[str] permissions_boundary_arn: The ARN of the AWS Permissions - Boundary to attach to IAM users created in the role. Valid only when - `credential_type` is `iam_user`. If not specified, then no permissions boundary + Boundary to attach to IAM users created in the role. Valid only when + `credential_type` is `iam_user`. If not specified, then no permissions boundary policy will be attached. :param pulumi.Input[Sequence[pulumi.Input[str]]] policy_arns: Specifies a list of AWS managed policy ARNs. The behavior depends on the credential type. With `iam_user`, the policies will be @@ -473,8 +473,8 @@ def namespace(self, value: Optional[pulumi.Input[str]]): def permissions_boundary_arn(self) -> Optional[pulumi.Input[str]]: """ The ARN of the AWS Permissions - Boundary to attach to IAM users created in the role. Valid only when - `credential_type` is `iam_user`. If not specified, then no permissions boundary + Boundary to attach to IAM users created in the role. Valid only when + `credential_type` is `iam_user`. If not specified, then no permissions boundary policy will be attached. """ return pulumi.get(self, "permissions_boundary_arn") @@ -625,8 +625,8 @@ def __init__(__self__, The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). *Available only for Vault Enterprise*. :param pulumi.Input[str] permissions_boundary_arn: The ARN of the AWS Permissions - Boundary to attach to IAM users created in the role. Valid only when - `credential_type` is `iam_user`. If not specified, then no permissions boundary + Boundary to attach to IAM users created in the role. Valid only when + `credential_type` is `iam_user`. If not specified, then no permissions boundary policy will be attached. :param pulumi.Input[Sequence[pulumi.Input[str]]] policy_arns: Specifies a list of AWS managed policy ARNs. The behavior depends on the credential type. With `iam_user`, the policies will be @@ -793,8 +793,8 @@ def get(resource_name: str, The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). *Available only for Vault Enterprise*. :param pulumi.Input[str] permissions_boundary_arn: The ARN of the AWS Permissions - Boundary to attach to IAM users created in the role. Valid only when - `credential_type` is `iam_user`. If not specified, then no permissions boundary + Boundary to attach to IAM users created in the role. Valid only when + `credential_type` is `iam_user`. If not specified, then no permissions boundary policy will be attached. :param pulumi.Input[Sequence[pulumi.Input[str]]] policy_arns: Specifies a list of AWS managed policy ARNs. The behavior depends on the credential type. With `iam_user`, the policies will be @@ -911,8 +911,8 @@ def namespace(self) -> pulumi.Output[Optional[str]]: def permissions_boundary_arn(self) -> pulumi.Output[Optional[str]]: """ The ARN of the AWS Permissions - Boundary to attach to IAM users created in the role. Valid only when - `credential_type` is `iam_user`. If not specified, then no permissions boundary + Boundary to attach to IAM users created in the role. Valid only when + `credential_type` is `iam_user`. If not specified, then no permissions boundary policy will be attached. """ return pulumi.get(self, "permissions_boundary_arn") diff --git a/sdk/python/pulumi_vault/azure/backend.py b/sdk/python/pulumi_vault/azure/backend.py index ea61dabec..3c548bbd0 100644 --- a/sdk/python/pulumi_vault/azure/backend.py +++ b/sdk/python/pulumi_vault/azure/backend.py @@ -26,21 +26,21 @@ def __init__(__self__, *, use_microsoft_graph_api: Optional[pulumi.Input[bool]] = None): """ The set of arguments for constructing a Backend resource. - :param pulumi.Input[str] subscription_id: The subscription id for the Azure Active Directory. - :param pulumi.Input[str] tenant_id: The tenant id for the Azure Active Directory. - :param pulumi.Input[str] client_id: The OAuth2 client id to connect to Azure. - :param pulumi.Input[str] client_secret: The OAuth2 client secret to connect to Azure. + :param pulumi.Input[str] subscription_id: (`string: `) - The subscription id for the Azure Active Directory. + :param pulumi.Input[str] tenant_id: (`string: `) - The tenant id for the Azure Active Directory. + :param pulumi.Input[str] client_id: (`string:""`) - The OAuth2 client id to connect to Azure. + :param pulumi.Input[str] client_secret: (`string:""`) - The OAuth2 client secret to connect to Azure. :param pulumi.Input[str] description: Human-friendly description of the mount for the backend. :param pulumi.Input[bool] disable_remount: If set, opts out of mount migration on path updates. See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration) - :param pulumi.Input[str] environment: The Azure environment. + :param pulumi.Input[str] environment: (`string:""`) - The Azure environment. :param pulumi.Input[str] namespace: The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). *Available only for Vault Enterprise*. - :param pulumi.Input[str] path: The unique path this backend should be mounted at. Defaults to `azure`. - :param pulumi.Input[bool] use_microsoft_graph_api: Indicates whether the secrets engine should use - the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. + :param pulumi.Input[str] path: (`string: `) - The unique path this backend should be mounted at. Defaults to `azure`. + :param pulumi.Input[bool] use_microsoft_graph_api: (`bool: `) - Indicates whether the secrets engine should use + the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api) """ pulumi.set(__self__, "subscription_id", subscription_id) @@ -66,7 +66,7 @@ def __init__(__self__, *, @pulumi.getter(name="subscriptionId") def subscription_id(self) -> pulumi.Input[str]: """ - The subscription id for the Azure Active Directory. + (`string: `) - The subscription id for the Azure Active Directory. """ return pulumi.get(self, "subscription_id") @@ -78,7 +78,7 @@ def subscription_id(self, value: pulumi.Input[str]): @pulumi.getter(name="tenantId") def tenant_id(self) -> pulumi.Input[str]: """ - The tenant id for the Azure Active Directory. + (`string: `) - The tenant id for the Azure Active Directory. """ return pulumi.get(self, "tenant_id") @@ -90,7 +90,7 @@ def tenant_id(self, value: pulumi.Input[str]): @pulumi.getter(name="clientId") def client_id(self) -> Optional[pulumi.Input[str]]: """ - The OAuth2 client id to connect to Azure. + (`string:""`) - The OAuth2 client id to connect to Azure. """ return pulumi.get(self, "client_id") @@ -102,7 +102,7 @@ def client_id(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="clientSecret") def client_secret(self) -> Optional[pulumi.Input[str]]: """ - The OAuth2 client secret to connect to Azure. + (`string:""`) - The OAuth2 client secret to connect to Azure. """ return pulumi.get(self, "client_secret") @@ -139,7 +139,7 @@ def disable_remount(self, value: Optional[pulumi.Input[bool]]): @pulumi.getter def environment(self) -> Optional[pulumi.Input[str]]: """ - The Azure environment. + (`string:""`) - The Azure environment. """ return pulumi.get(self, "environment") @@ -166,7 +166,7 @@ def namespace(self, value: Optional[pulumi.Input[str]]): @pulumi.getter def path(self) -> Optional[pulumi.Input[str]]: """ - The unique path this backend should be mounted at. Defaults to `azure`. + (`string: `) - The unique path this backend should be mounted at. Defaults to `azure`. """ return pulumi.get(self, "path") @@ -178,8 +178,8 @@ def path(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="useMicrosoftGraphApi") def use_microsoft_graph_api(self) -> Optional[pulumi.Input[bool]]: """ - Indicates whether the secrets engine should use - the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. + (`bool: `) - Indicates whether the secrets engine should use + the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api) """ return pulumi.get(self, "use_microsoft_graph_api") @@ -204,21 +204,21 @@ def __init__(__self__, *, use_microsoft_graph_api: Optional[pulumi.Input[bool]] = None): """ Input properties used for looking up and filtering Backend resources. - :param pulumi.Input[str] client_id: The OAuth2 client id to connect to Azure. - :param pulumi.Input[str] client_secret: The OAuth2 client secret to connect to Azure. + :param pulumi.Input[str] client_id: (`string:""`) - The OAuth2 client id to connect to Azure. + :param pulumi.Input[str] client_secret: (`string:""`) - The OAuth2 client secret to connect to Azure. :param pulumi.Input[str] description: Human-friendly description of the mount for the backend. :param pulumi.Input[bool] disable_remount: If set, opts out of mount migration on path updates. See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration) - :param pulumi.Input[str] environment: The Azure environment. + :param pulumi.Input[str] environment: (`string:""`) - The Azure environment. :param pulumi.Input[str] namespace: The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). *Available only for Vault Enterprise*. - :param pulumi.Input[str] path: The unique path this backend should be mounted at. Defaults to `azure`. - :param pulumi.Input[str] subscription_id: The subscription id for the Azure Active Directory. - :param pulumi.Input[str] tenant_id: The tenant id for the Azure Active Directory. - :param pulumi.Input[bool] use_microsoft_graph_api: Indicates whether the secrets engine should use - the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. + :param pulumi.Input[str] path: (`string: `) - The unique path this backend should be mounted at. Defaults to `azure`. + :param pulumi.Input[str] subscription_id: (`string: `) - The subscription id for the Azure Active Directory. + :param pulumi.Input[str] tenant_id: (`string: `) - The tenant id for the Azure Active Directory. + :param pulumi.Input[bool] use_microsoft_graph_api: (`bool: `) - Indicates whether the secrets engine should use + the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api) """ if client_id is not None: @@ -246,7 +246,7 @@ def __init__(__self__, *, @pulumi.getter(name="clientId") def client_id(self) -> Optional[pulumi.Input[str]]: """ - The OAuth2 client id to connect to Azure. + (`string:""`) - The OAuth2 client id to connect to Azure. """ return pulumi.get(self, "client_id") @@ -258,7 +258,7 @@ def client_id(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="clientSecret") def client_secret(self) -> Optional[pulumi.Input[str]]: """ - The OAuth2 client secret to connect to Azure. + (`string:""`) - The OAuth2 client secret to connect to Azure. """ return pulumi.get(self, "client_secret") @@ -295,7 +295,7 @@ def disable_remount(self, value: Optional[pulumi.Input[bool]]): @pulumi.getter def environment(self) -> Optional[pulumi.Input[str]]: """ - The Azure environment. + (`string:""`) - The Azure environment. """ return pulumi.get(self, "environment") @@ -322,7 +322,7 @@ def namespace(self, value: Optional[pulumi.Input[str]]): @pulumi.getter def path(self) -> Optional[pulumi.Input[str]]: """ - The unique path this backend should be mounted at. Defaults to `azure`. + (`string: `) - The unique path this backend should be mounted at. Defaults to `azure`. """ return pulumi.get(self, "path") @@ -334,7 +334,7 @@ def path(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="subscriptionId") def subscription_id(self) -> Optional[pulumi.Input[str]]: """ - The subscription id for the Azure Active Directory. + (`string: `) - The subscription id for the Azure Active Directory. """ return pulumi.get(self, "subscription_id") @@ -346,7 +346,7 @@ def subscription_id(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="tenantId") def tenant_id(self) -> Optional[pulumi.Input[str]]: """ - The tenant id for the Azure Active Directory. + (`string: `) - The tenant id for the Azure Active Directory. """ return pulumi.get(self, "tenant_id") @@ -358,8 +358,8 @@ def tenant_id(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="useMicrosoftGraphApi") def use_microsoft_graph_api(self) -> Optional[pulumi.Input[bool]]: """ - Indicates whether the secrets engine should use - the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. + (`bool: `) - Indicates whether the secrets engine should use + the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api) """ return pulumi.get(self, "use_microsoft_graph_api") @@ -418,21 +418,21 @@ def __init__(__self__, :param str resource_name: The name of the resource. :param pulumi.ResourceOptions opts: Options for the resource. - :param pulumi.Input[str] client_id: The OAuth2 client id to connect to Azure. - :param pulumi.Input[str] client_secret: The OAuth2 client secret to connect to Azure. + :param pulumi.Input[str] client_id: (`string:""`) - The OAuth2 client id to connect to Azure. + :param pulumi.Input[str] client_secret: (`string:""`) - The OAuth2 client secret to connect to Azure. :param pulumi.Input[str] description: Human-friendly description of the mount for the backend. :param pulumi.Input[bool] disable_remount: If set, opts out of mount migration on path updates. See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration) - :param pulumi.Input[str] environment: The Azure environment. + :param pulumi.Input[str] environment: (`string:""`) - The Azure environment. :param pulumi.Input[str] namespace: The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). *Available only for Vault Enterprise*. - :param pulumi.Input[str] path: The unique path this backend should be mounted at. Defaults to `azure`. - :param pulumi.Input[str] subscription_id: The subscription id for the Azure Active Directory. - :param pulumi.Input[str] tenant_id: The tenant id for the Azure Active Directory. - :param pulumi.Input[bool] use_microsoft_graph_api: Indicates whether the secrets engine should use - the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. + :param pulumi.Input[str] path: (`string: `) - The unique path this backend should be mounted at. Defaults to `azure`. + :param pulumi.Input[str] subscription_id: (`string: `) - The subscription id for the Azure Active Directory. + :param pulumi.Input[str] tenant_id: (`string: `) - The tenant id for the Azure Active Directory. + :param pulumi.Input[bool] use_microsoft_graph_api: (`bool: `) - Indicates whether the secrets engine should use + the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api) """ ... @@ -549,21 +549,21 @@ def get(resource_name: str, :param str resource_name: The unique name of the resulting resource. :param pulumi.Input[str] id: The unique provider ID of the resource to lookup. :param pulumi.ResourceOptions opts: Options for the resource. - :param pulumi.Input[str] client_id: The OAuth2 client id to connect to Azure. - :param pulumi.Input[str] client_secret: The OAuth2 client secret to connect to Azure. + :param pulumi.Input[str] client_id: (`string:""`) - The OAuth2 client id to connect to Azure. + :param pulumi.Input[str] client_secret: (`string:""`) - The OAuth2 client secret to connect to Azure. :param pulumi.Input[str] description: Human-friendly description of the mount for the backend. :param pulumi.Input[bool] disable_remount: If set, opts out of mount migration on path updates. See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration) - :param pulumi.Input[str] environment: The Azure environment. + :param pulumi.Input[str] environment: (`string:""`) - The Azure environment. :param pulumi.Input[str] namespace: The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). *Available only for Vault Enterprise*. - :param pulumi.Input[str] path: The unique path this backend should be mounted at. Defaults to `azure`. - :param pulumi.Input[str] subscription_id: The subscription id for the Azure Active Directory. - :param pulumi.Input[str] tenant_id: The tenant id for the Azure Active Directory. - :param pulumi.Input[bool] use_microsoft_graph_api: Indicates whether the secrets engine should use - the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. + :param pulumi.Input[str] path: (`string: `) - The unique path this backend should be mounted at. Defaults to `azure`. + :param pulumi.Input[str] subscription_id: (`string: `) - The subscription id for the Azure Active Directory. + :param pulumi.Input[str] tenant_id: (`string: `) - The tenant id for the Azure Active Directory. + :param pulumi.Input[bool] use_microsoft_graph_api: (`bool: `) - Indicates whether the secrets engine should use + the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api) """ opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id)) @@ -586,7 +586,7 @@ def get(resource_name: str, @pulumi.getter(name="clientId") def client_id(self) -> pulumi.Output[Optional[str]]: """ - The OAuth2 client id to connect to Azure. + (`string:""`) - The OAuth2 client id to connect to Azure. """ return pulumi.get(self, "client_id") @@ -594,7 +594,7 @@ def client_id(self) -> pulumi.Output[Optional[str]]: @pulumi.getter(name="clientSecret") def client_secret(self) -> pulumi.Output[Optional[str]]: """ - The OAuth2 client secret to connect to Azure. + (`string:""`) - The OAuth2 client secret to connect to Azure. """ return pulumi.get(self, "client_secret") @@ -619,7 +619,7 @@ def disable_remount(self) -> pulumi.Output[Optional[bool]]: @pulumi.getter def environment(self) -> pulumi.Output[Optional[str]]: """ - The Azure environment. + (`string:""`) - The Azure environment. """ return pulumi.get(self, "environment") @@ -638,7 +638,7 @@ def namespace(self) -> pulumi.Output[Optional[str]]: @pulumi.getter def path(self) -> pulumi.Output[Optional[str]]: """ - The unique path this backend should be mounted at. Defaults to `azure`. + (`string: `) - The unique path this backend should be mounted at. Defaults to `azure`. """ return pulumi.get(self, "path") @@ -646,7 +646,7 @@ def path(self) -> pulumi.Output[Optional[str]]: @pulumi.getter(name="subscriptionId") def subscription_id(self) -> pulumi.Output[str]: """ - The subscription id for the Azure Active Directory. + (`string: `) - The subscription id for the Azure Active Directory. """ return pulumi.get(self, "subscription_id") @@ -654,7 +654,7 @@ def subscription_id(self) -> pulumi.Output[str]: @pulumi.getter(name="tenantId") def tenant_id(self) -> pulumi.Output[str]: """ - The tenant id for the Azure Active Directory. + (`string: `) - The tenant id for the Azure Active Directory. """ return pulumi.get(self, "tenant_id") @@ -662,8 +662,8 @@ def tenant_id(self) -> pulumi.Output[str]: @pulumi.getter(name="useMicrosoftGraphApi") def use_microsoft_graph_api(self) -> pulumi.Output[bool]: """ - Indicates whether the secrets engine should use - the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. + (`bool: `) - Indicates whether the secrets engine should use + the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api) """ return pulumi.get(self, "use_microsoft_graph_api") diff --git a/sdk/python/pulumi_vault/azure/get_access_credentials.py b/sdk/python/pulumi_vault/azure/get_access_credentials.py index b88e0766b..5049765b6 100644 --- a/sdk/python/pulumi_vault/azure/get_access_credentials.py +++ b/sdk/python/pulumi_vault/azure/get_access_credentials.py @@ -237,7 +237,7 @@ def get_access_credentials(backend: Optional[str] = None, read credentials from, with no leading or trailing `/`s. :param str environment: The Azure environment to use during credential validation. Defaults to the environment configured in the Vault backend. - Some possible values: `AzurePublicCloud`, `AzureGovernmentCloud` + Some possible values: `AzurePublicCloud`, `AzureGovernmentCloud` *See the caveats section for more information on this field.* :param int max_cred_validation_seconds: If 'validate_creds' is true, the number of seconds after which to give up validating credentials. Defaults @@ -250,18 +250,18 @@ def get_access_credentials(backend: Optional[str] = None, the number of seconds to wait between each test of generated credentials. Defaults to 1. :param int num_sequential_successes: If 'validate_creds' is true, - the number of sequential successes required to validate generated + the number of sequential successes required to validate generated credentials. Defaults to 8. :param str role: The name of the Azure secret backend role to read credentials from, with no leading or trailing `/`s. :param str subscription_id: The subscription ID to use during credential - validation. Defaults to the subscription ID configured in the Vault `backend`. + validation. Defaults to the subscription ID configured in the Vault `backend`. *See the caveats section for more information on this field.* :param str tenant_id: The tenant ID to use during credential validation. - Defaults to the tenant ID configured in the Vault `backend`. + Defaults to the tenant ID configured in the Vault `backend`. *See the caveats section for more information on this field.* :param bool validate_creds: Whether generated credentials should be - validated before being returned. Defaults to `false`, which returns + validated before being returned. Defaults to `false`, which returns credentials without checking whether they have fully propagated throughout Azure Active Directory. Designating `true` activates testing. """ @@ -335,7 +335,7 @@ def get_access_credentials_output(backend: Optional[pulumi.Input[str]] = None, read credentials from, with no leading or trailing `/`s. :param str environment: The Azure environment to use during credential validation. Defaults to the environment configured in the Vault backend. - Some possible values: `AzurePublicCloud`, `AzureGovernmentCloud` + Some possible values: `AzurePublicCloud`, `AzureGovernmentCloud` *See the caveats section for more information on this field.* :param int max_cred_validation_seconds: If 'validate_creds' is true, the number of seconds after which to give up validating credentials. Defaults @@ -348,18 +348,18 @@ def get_access_credentials_output(backend: Optional[pulumi.Input[str]] = None, the number of seconds to wait between each test of generated credentials. Defaults to 1. :param int num_sequential_successes: If 'validate_creds' is true, - the number of sequential successes required to validate generated + the number of sequential successes required to validate generated credentials. Defaults to 8. :param str role: The name of the Azure secret backend role to read credentials from, with no leading or trailing `/`s. :param str subscription_id: The subscription ID to use during credential - validation. Defaults to the subscription ID configured in the Vault `backend`. + validation. Defaults to the subscription ID configured in the Vault `backend`. *See the caveats section for more information on this field.* :param str tenant_id: The tenant ID to use during credential validation. - Defaults to the tenant ID configured in the Vault `backend`. + Defaults to the tenant ID configured in the Vault `backend`. *See the caveats section for more information on this field.* :param bool validate_creds: Whether generated credentials should be - validated before being returned. Defaults to `false`, which returns + validated before being returned. Defaults to `false`, which returns credentials without checking whether they have fully propagated throughout Azure Active Directory. Designating `true` activates testing. """ diff --git a/sdk/python/pulumi_vault/cert_auth_backend_role.py b/sdk/python/pulumi_vault/cert_auth_backend_role.py index b2d98e52c..add412c35 100644 --- a/sdk/python/pulumi_vault/cert_auth_backend_role.py +++ b/sdk/python/pulumi_vault/cert_auth_backend_role.py @@ -71,7 +71,7 @@ def __init__(__self__, *, accepting the first successful OCSP response, query all servers and consider the certificate valid only if all servers agree. Requires Vault version 1.13+. - :param pulumi.Input[Sequence[pulumi.Input[str]]] ocsp_servers_overrides: : A comma-separated list of OCSP + :param pulumi.Input[Sequence[pulumi.Input[str]]] ocsp_servers_overrides: A comma-separated list of OCSP server addresses. If unset, the OCSP server is determined from the AuthorityInformationAccess extension on the certificate being inspected. Requires Vault version 1.13+. @@ -372,7 +372,7 @@ def ocsp_query_all_servers(self, value: Optional[pulumi.Input[bool]]): @pulumi.getter(name="ocspServersOverrides") def ocsp_servers_overrides(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: """ - : A comma-separated list of OCSP + A comma-separated list of OCSP server addresses. If unset, the OCSP server is determined from the AuthorityInformationAccess extension on the certificate being inspected. Requires Vault version 1.13+. @@ -584,7 +584,7 @@ def __init__(__self__, *, accepting the first successful OCSP response, query all servers and consider the certificate valid only if all servers agree. Requires Vault version 1.13+. - :param pulumi.Input[Sequence[pulumi.Input[str]]] ocsp_servers_overrides: : A comma-separated list of OCSP + :param pulumi.Input[Sequence[pulumi.Input[str]]] ocsp_servers_overrides: A comma-separated list of OCSP server addresses. If unset, the OCSP server is determined from the AuthorityInformationAccess extension on the certificate being inspected. Requires Vault version 1.13+. @@ -886,7 +886,7 @@ def ocsp_query_all_servers(self, value: Optional[pulumi.Input[bool]]): @pulumi.getter(name="ocspServersOverrides") def ocsp_servers_overrides(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: """ - : A comma-separated list of OCSP + A comma-separated list of OCSP server addresses. If unset, the OCSP server is determined from the AuthorityInformationAccess extension on the certificate being inspected. Requires Vault version 1.13+. @@ -1125,7 +1125,7 @@ def __init__(__self__, accepting the first successful OCSP response, query all servers and consider the certificate valid only if all servers agree. Requires Vault version 1.13+. - :param pulumi.Input[Sequence[pulumi.Input[str]]] ocsp_servers_overrides: : A comma-separated list of OCSP + :param pulumi.Input[Sequence[pulumi.Input[str]]] ocsp_servers_overrides: A comma-separated list of OCSP server addresses. If unset, the OCSP server is determined from the AuthorityInformationAccess extension on the certificate being inspected. Requires Vault version 1.13+. @@ -1342,7 +1342,7 @@ def get(resource_name: str, accepting the first successful OCSP response, query all servers and consider the certificate valid only if all servers agree. Requires Vault version 1.13+. - :param pulumi.Input[Sequence[pulumi.Input[str]]] ocsp_servers_overrides: : A comma-separated list of OCSP + :param pulumi.Input[Sequence[pulumi.Input[str]]] ocsp_servers_overrides: A comma-separated list of OCSP server addresses. If unset, the OCSP server is determined from the AuthorityInformationAccess extension on the certificate being inspected. Requires Vault version 1.13+. @@ -1555,7 +1555,7 @@ def ocsp_query_all_servers(self) -> pulumi.Output[bool]: @pulumi.getter(name="ocspServersOverrides") def ocsp_servers_overrides(self) -> pulumi.Output[Optional[Sequence[str]]]: """ - : A comma-separated list of OCSP + A comma-separated list of OCSP server addresses. If unset, the OCSP server is determined from the AuthorityInformationAccess extension on the certificate being inspected. Requires Vault version 1.13+. diff --git a/sdk/python/pulumi_vault/database/_inputs.py b/sdk/python/pulumi_vault/database/_inputs.py index 8262f085d..0deb2ae01 100644 --- a/sdk/python/pulumi_vault/database/_inputs.py +++ b/sdk/python/pulumi_vault/database/_inputs.py @@ -4212,7 +4212,7 @@ def __init__(__self__, *, :param pulumi.Input[str] connection_url: Specifies the Redshift DSN. See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) :param pulumi.Input[bool] contained_db: For Vault v1.9+. Set to true when the target is a - Contained Database, e.g. AzureSQL. + Contained Database, e.g. AzureSQL. See [Vault docs](https://www.vaultproject.io/api/secret/databases/mssql#contained_db) :param pulumi.Input[Mapping[str, Any]] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings. @@ -4301,7 +4301,7 @@ def connection_url(self, value: Optional[pulumi.Input[str]]): def contained_db(self) -> Optional[pulumi.Input[bool]]: """ For Vault v1.9+. Set to true when the target is a - Contained Database, e.g. AzureSQL. + Contained Database, e.g. AzureSQL. See [Vault docs](https://www.vaultproject.io/api/secret/databases/mssql#contained_db) """ return pulumi.get(self, "contained_db") diff --git a/sdk/python/pulumi_vault/database/outputs.py b/sdk/python/pulumi_vault/database/outputs.py index ad14e799d..9f0585882 100644 --- a/sdk/python/pulumi_vault/database/outputs.py +++ b/sdk/python/pulumi_vault/database/outputs.py @@ -3967,7 +3967,7 @@ def __init__(__self__, *, :param str connection_url: Specifies the Redshift DSN. See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) :param bool contained_db: For Vault v1.9+. Set to true when the target is a - Contained Database, e.g. AzureSQL. + Contained Database, e.g. AzureSQL. See [Vault docs](https://www.vaultproject.io/api/secret/databases/mssql#contained_db) :param Mapping[str, Any] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings. @@ -4044,7 +4044,7 @@ def connection_url(self) -> Optional[str]: def contained_db(self) -> Optional[bool]: """ For Vault v1.9+. Set to true when the target is a - Contained Database, e.g. AzureSQL. + Contained Database, e.g. AzureSQL. See [Vault docs](https://www.vaultproject.io/api/secret/databases/mssql#contained_db) """ return pulumi.get(self, "contained_db") diff --git a/sdk/python/pulumi_vault/generic/endpoint.py b/sdk/python/pulumi_vault/generic/endpoint.py index c2521f44c..671aac0fa 100644 --- a/sdk/python/pulumi_vault/generic/endpoint.py +++ b/sdk/python/pulumi_vault/generic/endpoint.py @@ -29,7 +29,7 @@ def __init__(__self__, *, data. Consult each backend's documentation to see which endpoints support the `PUT` methods and to determine whether they also support `DELETE` and `GET`. - :param pulumi.Input[bool] disable_delete: - (Optional) True/false. Set this to true if your + :param pulumi.Input[bool] disable_delete: True/false. Set this to true if your vault authentication is not able to delete the data or if the endpoint does not support the `DELETE` method. Defaults to false. :param pulumi.Input[bool] disable_read: True/false. Set this to true if your vault @@ -37,7 +37,7 @@ def __init__(__self__, *, not support the `GET` method. Setting this to `true` will break drift detection. You should set this to `true` for endpoints that are write-only. Defaults to false. - :param pulumi.Input[bool] ignore_absent_fields: - (Optional) True/false. If set to true, + :param pulumi.Input[bool] ignore_absent_fields: True/false. If set to true, ignore any fields present when the endpoint is read but that were not in `data_json`. Also, if a field that was written is not returned when the endpoint is read, treat that field as being up to date. You should @@ -48,7 +48,7 @@ def __init__(__self__, *, The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). *Available only for Vault Enterprise*. - :param pulumi.Input[Sequence[pulumi.Input[str]]] write_fields: - (Optional). A list of fields that should be returned + :param pulumi.Input[Sequence[pulumi.Input[str]]] write_fields: . A list of fields that should be returned in `write_data_json` and `write_data`. If omitted, data returned by the write operation is not available to the resource or included in state. This helps to avoid accidental storage of sensitive values in @@ -101,7 +101,7 @@ def path(self, value: pulumi.Input[str]): @pulumi.getter(name="disableDelete") def disable_delete(self) -> Optional[pulumi.Input[bool]]: """ - - (Optional) True/false. Set this to true if your + True/false. Set this to true if your vault authentication is not able to delete the data or if the endpoint does not support the `DELETE` method. Defaults to false. """ @@ -131,7 +131,7 @@ def disable_read(self, value: Optional[pulumi.Input[bool]]): @pulumi.getter(name="ignoreAbsentFields") def ignore_absent_fields(self) -> Optional[pulumi.Input[bool]]: """ - - (Optional) True/false. If set to true, + True/false. If set to true, ignore any fields present when the endpoint is read but that were not in `data_json`. Also, if a field that was written is not returned when the endpoint is read, treat that field as being up to date. You should @@ -164,7 +164,7 @@ def namespace(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="writeFields") def write_fields(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: """ - - (Optional). A list of fields that should be returned + . A list of fields that should be returned in `write_data_json` and `write_data`. If omitted, data returned by the write operation is not available to the resource or included in state. This helps to avoid accidental storage of sensitive values in @@ -195,7 +195,7 @@ def __init__(__self__, *, Input properties used for looking up and filtering Endpoint resources. :param pulumi.Input[str] data_json: String containing a JSON-encoded object that will be written to the given path as the secret data. - :param pulumi.Input[bool] disable_delete: - (Optional) True/false. Set this to true if your + :param pulumi.Input[bool] disable_delete: True/false. Set this to true if your vault authentication is not able to delete the data or if the endpoint does not support the `DELETE` method. Defaults to false. :param pulumi.Input[bool] disable_read: True/false. Set this to true if your vault @@ -203,7 +203,7 @@ def __init__(__self__, *, not support the `GET` method. Setting this to `true` will break drift detection. You should set this to `true` for endpoints that are write-only. Defaults to false. - :param pulumi.Input[bool] ignore_absent_fields: - (Optional) True/false. If set to true, + :param pulumi.Input[bool] ignore_absent_fields: True/false. If set to true, ignore any fields present when the endpoint is read but that were not in `data_json`. Also, if a field that was written is not returned when the endpoint is read, treat that field as being up to date. You should @@ -225,7 +225,7 @@ def __init__(__self__, *, Only fields set in `write_fields` are present in the JSON data. :param pulumi.Input[str] write_data_json: - The JSON data returned by the write operation. Only fields set in `write_fields` are present in the JSON data. - :param pulumi.Input[Sequence[pulumi.Input[str]]] write_fields: - (Optional). A list of fields that should be returned + :param pulumi.Input[Sequence[pulumi.Input[str]]] write_fields: . A list of fields that should be returned in `write_data_json` and `write_data`. If omitted, data returned by the write operation is not available to the resource or included in state. This helps to avoid accidental storage of sensitive values in @@ -269,7 +269,7 @@ def data_json(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="disableDelete") def disable_delete(self) -> Optional[pulumi.Input[bool]]: """ - - (Optional) True/false. Set this to true if your + True/false. Set this to true if your vault authentication is not able to delete the data or if the endpoint does not support the `DELETE` method. Defaults to false. """ @@ -299,7 +299,7 @@ def disable_read(self, value: Optional[pulumi.Input[bool]]): @pulumi.getter(name="ignoreAbsentFields") def ignore_absent_fields(self) -> Optional[pulumi.Input[bool]]: """ - - (Optional) True/false. If set to true, + True/false. If set to true, ignore any fields present when the endpoint is read but that were not in `data_json`. Also, if a field that was written is not returned when the endpoint is read, treat that field as being up to date. You should @@ -376,7 +376,7 @@ def write_data_json(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="writeFields") def write_fields(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: """ - - (Optional). A list of fields that should be returned + . A list of fields that should be returned in `write_data_json` and `write_data`. If omitted, data returned by the write operation is not available to the resource or included in state. This helps to avoid accidental storage of sensitive values in @@ -459,7 +459,7 @@ def __init__(__self__, :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[str] data_json: String containing a JSON-encoded object that will be written to the given path as the secret data. - :param pulumi.Input[bool] disable_delete: - (Optional) True/false. Set this to true if your + :param pulumi.Input[bool] disable_delete: True/false. Set this to true if your vault authentication is not able to delete the data or if the endpoint does not support the `DELETE` method. Defaults to false. :param pulumi.Input[bool] disable_read: True/false. Set this to true if your vault @@ -467,7 +467,7 @@ def __init__(__self__, not support the `GET` method. Setting this to `true` will break drift detection. You should set this to `true` for endpoints that are write-only. Defaults to false. - :param pulumi.Input[bool] ignore_absent_fields: - (Optional) True/false. If set to true, + :param pulumi.Input[bool] ignore_absent_fields: True/false. If set to true, ignore any fields present when the endpoint is read but that were not in `data_json`. Also, if a field that was written is not returned when the endpoint is read, treat that field as being up to date. You should @@ -482,7 +482,7 @@ def __init__(__self__, data. Consult each backend's documentation to see which endpoints support the `PUT` methods and to determine whether they also support `DELETE` and `GET`. - :param pulumi.Input[Sequence[pulumi.Input[str]]] write_fields: - (Optional). A list of fields that should be returned + :param pulumi.Input[Sequence[pulumi.Input[str]]] write_fields: . A list of fields that should be returned in `write_data_json` and `write_data`. If omitted, data returned by the write operation is not available to the resource or included in state. This helps to avoid accidental storage of sensitive values in @@ -621,7 +621,7 @@ def get(resource_name: str, :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[str] data_json: String containing a JSON-encoded object that will be written to the given path as the secret data. - :param pulumi.Input[bool] disable_delete: - (Optional) True/false. Set this to true if your + :param pulumi.Input[bool] disable_delete: True/false. Set this to true if your vault authentication is not able to delete the data or if the endpoint does not support the `DELETE` method. Defaults to false. :param pulumi.Input[bool] disable_read: True/false. Set this to true if your vault @@ -629,7 +629,7 @@ def get(resource_name: str, not support the `GET` method. Setting this to `true` will break drift detection. You should set this to `true` for endpoints that are write-only. Defaults to false. - :param pulumi.Input[bool] ignore_absent_fields: - (Optional) True/false. If set to true, + :param pulumi.Input[bool] ignore_absent_fields: True/false. If set to true, ignore any fields present when the endpoint is read but that were not in `data_json`. Also, if a field that was written is not returned when the endpoint is read, treat that field as being up to date. You should @@ -651,7 +651,7 @@ def get(resource_name: str, Only fields set in `write_fields` are present in the JSON data. :param pulumi.Input[str] write_data_json: - The JSON data returned by the write operation. Only fields set in `write_fields` are present in the JSON data. - :param pulumi.Input[Sequence[pulumi.Input[str]]] write_fields: - (Optional). A list of fields that should be returned + :param pulumi.Input[Sequence[pulumi.Input[str]]] write_fields: . A list of fields that should be returned in `write_data_json` and `write_data`. If omitted, data returned by the write operation is not available to the resource or included in state. This helps to avoid accidental storage of sensitive values in @@ -687,7 +687,7 @@ def data_json(self) -> pulumi.Output[str]: @pulumi.getter(name="disableDelete") def disable_delete(self) -> pulumi.Output[Optional[bool]]: """ - - (Optional) True/false. Set this to true if your + True/false. Set this to true if your vault authentication is not able to delete the data or if the endpoint does not support the `DELETE` method. Defaults to false. """ @@ -709,7 +709,7 @@ def disable_read(self) -> pulumi.Output[Optional[bool]]: @pulumi.getter(name="ignoreAbsentFields") def ignore_absent_fields(self) -> pulumi.Output[Optional[bool]]: """ - - (Optional) True/false. If set to true, + True/false. If set to true, ignore any fields present when the endpoint is read but that were not in `data_json`. Also, if a field that was written is not returned when the endpoint is read, treat that field as being up to date. You should @@ -766,7 +766,7 @@ def write_data_json(self) -> pulumi.Output[str]: @pulumi.getter(name="writeFields") def write_fields(self) -> pulumi.Output[Optional[Sequence[str]]]: """ - - (Optional). A list of fields that should be returned + . A list of fields that should be returned in `write_data_json` and `write_data`. If omitted, data returned by the write operation is not available to the resource or included in state. This helps to avoid accidental storage of sensitive values in diff --git a/sdk/python/pulumi_vault/identity/group_member_group_ids.py b/sdk/python/pulumi_vault/identity/group_member_group_ids.py index 9e9f702db..61bf80765 100644 --- a/sdk/python/pulumi_vault/identity/group_member_group_ids.py +++ b/sdk/python/pulumi_vault/identity/group_member_group_ids.py @@ -26,7 +26,7 @@ def __init__(__self__, *, If `true`, this resource will take exclusive control of the member groups that belong to the group and will set it equal to what is specified in the resource. - If set to `false`, this resource will simply ensure that the member groups specified in the resource are present + If set to `false`, this resource will simply ensure that the member groups specified in the resource are present in the group. When destroying the resource, the resource will ensure that the member groups specified in the resource are removed. :param pulumi.Input[Sequence[pulumi.Input[str]]] member_group_ids: List of member groups that belong to the group @@ -64,7 +64,7 @@ def exclusive(self) -> Optional[pulumi.Input[bool]]: If `true`, this resource will take exclusive control of the member groups that belong to the group and will set it equal to what is specified in the resource. - If set to `false`, this resource will simply ensure that the member groups specified in the resource are present + If set to `false`, this resource will simply ensure that the member groups specified in the resource are present in the group. When destroying the resource, the resource will ensure that the member groups specified in the resource are removed. """ @@ -116,7 +116,7 @@ def __init__(__self__, *, If `true`, this resource will take exclusive control of the member groups that belong to the group and will set it equal to what is specified in the resource. - If set to `false`, this resource will simply ensure that the member groups specified in the resource are present + If set to `false`, this resource will simply ensure that the member groups specified in the resource are present in the group. When destroying the resource, the resource will ensure that the member groups specified in the resource are removed. :param pulumi.Input[str] group_id: Group ID to assign member entities to. @@ -144,7 +144,7 @@ def exclusive(self) -> Optional[pulumi.Input[bool]]: If `true`, this resource will take exclusive control of the member groups that belong to the group and will set it equal to what is specified in the resource. - If set to `false`, this resource will simply ensure that the member groups specified in the resource are present + If set to `false`, this resource will simply ensure that the member groups specified in the resource are present in the group. When destroying the resource, the resource will ensure that the member groups specified in the resource are removed. """ @@ -258,7 +258,7 @@ def __init__(__self__, If `true`, this resource will take exclusive control of the member groups that belong to the group and will set it equal to what is specified in the resource. - If set to `false`, this resource will simply ensure that the member groups specified in the resource are present + If set to `false`, this resource will simply ensure that the member groups specified in the resource are present in the group. When destroying the resource, the resource will ensure that the member groups specified in the resource are removed. :param pulumi.Input[str] group_id: Group ID to assign member entities to. @@ -381,7 +381,7 @@ def get(resource_name: str, If `true`, this resource will take exclusive control of the member groups that belong to the group and will set it equal to what is specified in the resource. - If set to `false`, this resource will simply ensure that the member groups specified in the resource are present + If set to `false`, this resource will simply ensure that the member groups specified in the resource are present in the group. When destroying the resource, the resource will ensure that the member groups specified in the resource are removed. :param pulumi.Input[str] group_id: Group ID to assign member entities to. @@ -410,7 +410,7 @@ def exclusive(self) -> pulumi.Output[Optional[bool]]: If `true`, this resource will take exclusive control of the member groups that belong to the group and will set it equal to what is specified in the resource. - If set to `false`, this resource will simply ensure that the member groups specified in the resource are present + If set to `false`, this resource will simply ensure that the member groups specified in the resource are present in the group. When destroying the resource, the resource will ensure that the member groups specified in the resource are removed. """ diff --git a/sdk/python/pulumi_vault/jwt/auth_backend.py b/sdk/python/pulumi_vault/jwt/auth_backend.py index 4a5f5f047..a736d32cf 100644 --- a/sdk/python/pulumi_vault/jwt/auth_backend.py +++ b/sdk/python/pulumi_vault/jwt/auth_backend.py @@ -55,6 +55,7 @@ def __init__(__self__, *, *Available only for Vault Enterprise*. :param pulumi.Input[bool] namespace_in_state: Pass namespace in the OIDC state parameter instead of as a separate query parameter. With this setting, the allowed redirect URL(s) in Vault and on the provider side should not contain a namespace query parameter. This means only one redirect URL entry needs to be maintained on the OIDC provider side for all vault namespaces that will be authenticating against it. Defaults to true for new configs + * tune - (Optional) Extra configuration block. Structure is documented below. The `tune` block is used to tune the auth backend: @@ -241,6 +242,7 @@ def namespace_in_state(self) -> Optional[pulumi.Input[bool]]: """ Pass namespace in the OIDC state parameter instead of as a separate query parameter. With this setting, the allowed redirect URL(s) in Vault and on the provider side should not contain a namespace query parameter. This means only one redirect URL entry needs to be maintained on the OIDC provider side for all vault namespaces that will be authenticating against it. Defaults to true for new configs + * tune - (Optional) Extra configuration block. Structure is documented below. The `tune` block is used to tune the auth backend: @@ -413,6 +415,7 @@ def __init__(__self__, *, *Available only for Vault Enterprise*. :param pulumi.Input[bool] namespace_in_state: Pass namespace in the OIDC state parameter instead of as a separate query parameter. With this setting, the allowed redirect URL(s) in Vault and on the provider side should not contain a namespace query parameter. This means only one redirect URL entry needs to be maintained on the OIDC provider side for all vault namespaces that will be authenticating against it. Defaults to true for new configs + * tune - (Optional) Extra configuration block. Structure is documented below. The `tune` block is used to tune the auth backend: @@ -613,6 +616,7 @@ def namespace_in_state(self) -> Optional[pulumi.Input[bool]]: """ Pass namespace in the OIDC state parameter instead of as a separate query parameter. With this setting, the allowed redirect URL(s) in Vault and on the provider side should not contain a namespace query parameter. This means only one redirect URL entry needs to be maintained on the OIDC provider side for all vault namespaces that will be authenticating against it. Defaults to true for new configs + * tune - (Optional) Extra configuration block. Structure is documented below. The `tune` block is used to tune the auth backend: @@ -856,6 +860,7 @@ def __init__(__self__, *Available only for Vault Enterprise*. :param pulumi.Input[bool] namespace_in_state: Pass namespace in the OIDC state parameter instead of as a separate query parameter. With this setting, the allowed redirect URL(s) in Vault and on the provider side should not contain a namespace query parameter. This means only one redirect URL entry needs to be maintained on the OIDC provider side for all vault namespaces that will be authenticating against it. Defaults to true for new configs + * tune - (Optional) Extra configuration block. Structure is documented below. The `tune` block is used to tune the auth backend: @@ -1070,6 +1075,7 @@ def get(resource_name: str, *Available only for Vault Enterprise*. :param pulumi.Input[bool] namespace_in_state: Pass namespace in the OIDC state parameter instead of as a separate query parameter. With this setting, the allowed redirect URL(s) in Vault and on the provider side should not contain a namespace query parameter. This means only one redirect URL entry needs to be maintained on the OIDC provider side for all vault namespaces that will be authenticating against it. Defaults to true for new configs + * tune - (Optional) Extra configuration block. Structure is documented below. The `tune` block is used to tune the auth backend: @@ -1209,6 +1215,7 @@ def namespace_in_state(self) -> pulumi.Output[Optional[bool]]: """ Pass namespace in the OIDC state parameter instead of as a separate query parameter. With this setting, the allowed redirect URL(s) in Vault and on the provider side should not contain a namespace query parameter. This means only one redirect URL entry needs to be maintained on the OIDC provider side for all vault namespaces that will be authenticating against it. Defaults to true for new configs + * tune - (Optional) Extra configuration block. Structure is documented below. The `tune` block is used to tune the auth backend: diff --git a/sdk/python/pulumi_vault/jwt/auth_backend_role.py b/sdk/python/pulumi_vault/jwt/auth_backend_role.py index bfc54644f..28d1894c0 100644 --- a/sdk/python/pulumi_vault/jwt/auth_backend_role.py +++ b/sdk/python/pulumi_vault/jwt/auth_backend_role.py @@ -116,7 +116,7 @@ def __init__(__self__, *, `default-service` and `default-batch` which specify the type to return unless the client requests a different type at generation time. :param pulumi.Input[bool] user_claim_json_pointer: Specifies if the `user_claim` value uses - [JSON pointer](https://www.vaultproject.io/docs/auth/jwt#claim-specifications-and-json-pointer) + [JSON pointer](https://www.vaultproject.io/docs/auth/jwt#claim-specifications-and-json-pointer) syntax for referencing claims. By default, the `user_claim` value will not use JSON pointer. Requires Vault 1.11+. :param pulumi.Input[bool] verbose_oidc_logging: Log received OIDC tokens and claims when debug-level @@ -552,7 +552,7 @@ def token_type(self, value: Optional[pulumi.Input[str]]): def user_claim_json_pointer(self) -> Optional[pulumi.Input[bool]]: """ Specifies if the `user_claim` value uses - [JSON pointer](https://www.vaultproject.io/docs/auth/jwt#claim-specifications-and-json-pointer) + [JSON pointer](https://www.vaultproject.io/docs/auth/jwt#claim-specifications-and-json-pointer) syntax for referencing claims. By default, the `user_claim` value will not use JSON pointer. Requires Vault 1.11+. """ @@ -682,7 +682,7 @@ def __init__(__self__, *, the user; this will be used as the name for the Identity entity alias created due to a successful login. :param pulumi.Input[bool] user_claim_json_pointer: Specifies if the `user_claim` value uses - [JSON pointer](https://www.vaultproject.io/docs/auth/jwt#claim-specifications-and-json-pointer) + [JSON pointer](https://www.vaultproject.io/docs/auth/jwt#claim-specifications-and-json-pointer) syntax for referencing claims. By default, the `user_claim` value will not use JSON pointer. Requires Vault 1.11+. :param pulumi.Input[bool] verbose_oidc_logging: Log received OIDC tokens and claims when debug-level @@ -1120,7 +1120,7 @@ def user_claim(self, value: Optional[pulumi.Input[str]]): def user_claim_json_pointer(self) -> Optional[pulumi.Input[bool]]: """ Specifies if the `user_claim` value uses - [JSON pointer](https://www.vaultproject.io/docs/auth/jwt#claim-specifications-and-json-pointer) + [JSON pointer](https://www.vaultproject.io/docs/auth/jwt#claim-specifications-and-json-pointer) syntax for referencing claims. By default, the `user_claim` value will not use JSON pointer. Requires Vault 1.11+. """ @@ -1313,7 +1313,7 @@ def __init__(__self__, the user; this will be used as the name for the Identity entity alias created due to a successful login. :param pulumi.Input[bool] user_claim_json_pointer: Specifies if the `user_claim` value uses - [JSON pointer](https://www.vaultproject.io/docs/auth/jwt#claim-specifications-and-json-pointer) + [JSON pointer](https://www.vaultproject.io/docs/auth/jwt#claim-specifications-and-json-pointer) syntax for referencing claims. By default, the `user_claim` value will not use JSON pointer. Requires Vault 1.11+. :param pulumi.Input[bool] verbose_oidc_logging: Log received OIDC tokens and claims when debug-level @@ -1589,7 +1589,7 @@ def get(resource_name: str, the user; this will be used as the name for the Identity entity alias created due to a successful login. :param pulumi.Input[bool] user_claim_json_pointer: Specifies if the `user_claim` value uses - [JSON pointer](https://www.vaultproject.io/docs/auth/jwt#claim-specifications-and-json-pointer) + [JSON pointer](https://www.vaultproject.io/docs/auth/jwt#claim-specifications-and-json-pointer) syntax for referencing claims. By default, the `user_claim` value will not use JSON pointer. Requires Vault 1.11+. :param pulumi.Input[bool] verbose_oidc_logging: Log received OIDC tokens and claims when debug-level @@ -1895,7 +1895,7 @@ def user_claim(self) -> pulumi.Output[str]: def user_claim_json_pointer(self) -> pulumi.Output[Optional[bool]]: """ Specifies if the `user_claim` value uses - [JSON pointer](https://www.vaultproject.io/docs/auth/jwt#claim-specifications-and-json-pointer) + [JSON pointer](https://www.vaultproject.io/docs/auth/jwt#claim-specifications-and-json-pointer) syntax for referencing claims. By default, the `user_claim` value will not use JSON pointer. Requires Vault 1.11+. """ diff --git a/sdk/python/pulumi_vault/kubernetes/secret_backend.py b/sdk/python/pulumi_vault/kubernetes/secret_backend.py index 73880a94e..6b2b9bbd8 100644 --- a/sdk/python/pulumi_vault/kubernetes/secret_backend.py +++ b/sdk/python/pulumi_vault/kubernetes/secret_backend.py @@ -42,11 +42,11 @@ def __init__(__self__, *, service account JWT when Vault is running in a Kubernetes pod. :param pulumi.Input[bool] external_entropy_access: Enable the secrets engine to access Vault's external entropy source :param pulumi.Input[str] kubernetes_ca_cert: A PEM-encoded CA certificate used by the - secrets engine to verify the Kubernetes API server certificate. Defaults to the local + secrets engine to verify the Kubernetes API server certificate. Defaults to the local pod’s CA if Vault is running in Kubernetes. Otherwise, defaults to the root CA set where Vault is running. :param pulumi.Input[str] kubernetes_host: The Kubernetes API URL to connect to. Required if the - standard pod environment variables `KUBERNETES_SERVICE_HOST` or `KUBERNETES_SERVICE_PORT` + standard pod environment variables `KUBERNETES_SERVICE_HOST` or `KUBERNETES_SERVICE_PORT` are not set on the host that Vault is running on. :param pulumi.Input[bool] local: Local mount flag that can be explicitly set to true to enforce local mount in HA environment :param pulumi.Input[int] max_lease_ttl_seconds: Maximum possible lease duration for tokens and secrets in seconds @@ -57,7 +57,7 @@ def __init__(__self__, *, :param pulumi.Input[Mapping[str, Any]] options: Specifies mount type specific options that are passed to the backend :param pulumi.Input[bool] seal_wrap: Enable seal wrapping for the mount, causing values stored by the mount to be wrapped by the seal's encryption capability :param pulumi.Input[str] service_account_jwt: The JSON web token of the service account used by the - secrets engine to manage Kubernetes credentials. Defaults to the local pod’s JWT if Vault + secrets engine to manage Kubernetes credentials. Defaults to the local pod’s JWT if Vault is running in Kubernetes. """ pulumi.set(__self__, "path", path) @@ -194,7 +194,7 @@ def external_entropy_access(self, value: Optional[pulumi.Input[bool]]): def kubernetes_ca_cert(self) -> Optional[pulumi.Input[str]]: """ A PEM-encoded CA certificate used by the - secrets engine to verify the Kubernetes API server certificate. Defaults to the local + secrets engine to verify the Kubernetes API server certificate. Defaults to the local pod’s CA if Vault is running in Kubernetes. Otherwise, defaults to the root CA set where Vault is running. """ @@ -209,7 +209,7 @@ def kubernetes_ca_cert(self, value: Optional[pulumi.Input[str]]): def kubernetes_host(self) -> Optional[pulumi.Input[str]]: """ The Kubernetes API URL to connect to. Required if the - standard pod environment variables `KUBERNETES_SERVICE_HOST` or `KUBERNETES_SERVICE_PORT` + standard pod environment variables `KUBERNETES_SERVICE_HOST` or `KUBERNETES_SERVICE_PORT` are not set on the host that Vault is running on. """ return pulumi.get(self, "kubernetes_host") @@ -286,7 +286,7 @@ def seal_wrap(self, value: Optional[pulumi.Input[bool]]): def service_account_jwt(self) -> Optional[pulumi.Input[str]]: """ The JSON web token of the service account used by the - secrets engine to manage Kubernetes credentials. Defaults to the local pod’s JWT if Vault + secrets engine to manage Kubernetes credentials. Defaults to the local pod’s JWT if Vault is running in Kubernetes. """ return pulumi.get(self, "service_account_jwt") @@ -328,11 +328,11 @@ def __init__(__self__, *, service account JWT when Vault is running in a Kubernetes pod. :param pulumi.Input[bool] external_entropy_access: Enable the secrets engine to access Vault's external entropy source :param pulumi.Input[str] kubernetes_ca_cert: A PEM-encoded CA certificate used by the - secrets engine to verify the Kubernetes API server certificate. Defaults to the local + secrets engine to verify the Kubernetes API server certificate. Defaults to the local pod’s CA if Vault is running in Kubernetes. Otherwise, defaults to the root CA set where Vault is running. :param pulumi.Input[str] kubernetes_host: The Kubernetes API URL to connect to. Required if the - standard pod environment variables `KUBERNETES_SERVICE_HOST` or `KUBERNETES_SERVICE_PORT` + standard pod environment variables `KUBERNETES_SERVICE_HOST` or `KUBERNETES_SERVICE_PORT` are not set on the host that Vault is running on. :param pulumi.Input[bool] local: Local mount flag that can be explicitly set to true to enforce local mount in HA environment :param pulumi.Input[int] max_lease_ttl_seconds: Maximum possible lease duration for tokens and secrets in seconds @@ -344,7 +344,7 @@ def __init__(__self__, *, :param pulumi.Input[str] path: Where the secret backend will be mounted :param pulumi.Input[bool] seal_wrap: Enable seal wrapping for the mount, causing values stored by the mount to be wrapped by the seal's encryption capability :param pulumi.Input[str] service_account_jwt: The JSON web token of the service account used by the - secrets engine to manage Kubernetes credentials. Defaults to the local pod’s JWT if Vault + secrets engine to manage Kubernetes credentials. Defaults to the local pod’s JWT if Vault is running in Kubernetes. """ if accessor is not None: @@ -484,7 +484,7 @@ def external_entropy_access(self, value: Optional[pulumi.Input[bool]]): def kubernetes_ca_cert(self) -> Optional[pulumi.Input[str]]: """ A PEM-encoded CA certificate used by the - secrets engine to verify the Kubernetes API server certificate. Defaults to the local + secrets engine to verify the Kubernetes API server certificate. Defaults to the local pod’s CA if Vault is running in Kubernetes. Otherwise, defaults to the root CA set where Vault is running. """ @@ -499,7 +499,7 @@ def kubernetes_ca_cert(self, value: Optional[pulumi.Input[str]]): def kubernetes_host(self) -> Optional[pulumi.Input[str]]: """ The Kubernetes API URL to connect to. Required if the - standard pod environment variables `KUBERNETES_SERVICE_HOST` or `KUBERNETES_SERVICE_PORT` + standard pod environment variables `KUBERNETES_SERVICE_HOST` or `KUBERNETES_SERVICE_PORT` are not set on the host that Vault is running on. """ return pulumi.get(self, "kubernetes_host") @@ -588,7 +588,7 @@ def seal_wrap(self, value: Optional[pulumi.Input[bool]]): def service_account_jwt(self) -> Optional[pulumi.Input[str]]: """ The JSON web token of the service account used by the - secrets engine to manage Kubernetes credentials. Defaults to the local pod’s JWT if Vault + secrets engine to manage Kubernetes credentials. Defaults to the local pod’s JWT if Vault is running in Kubernetes. """ return pulumi.get(self, "service_account_jwt") @@ -657,11 +657,11 @@ def __init__(__self__, service account JWT when Vault is running in a Kubernetes pod. :param pulumi.Input[bool] external_entropy_access: Enable the secrets engine to access Vault's external entropy source :param pulumi.Input[str] kubernetes_ca_cert: A PEM-encoded CA certificate used by the - secrets engine to verify the Kubernetes API server certificate. Defaults to the local + secrets engine to verify the Kubernetes API server certificate. Defaults to the local pod’s CA if Vault is running in Kubernetes. Otherwise, defaults to the root CA set where Vault is running. :param pulumi.Input[str] kubernetes_host: The Kubernetes API URL to connect to. Required if the - standard pod environment variables `KUBERNETES_SERVICE_HOST` or `KUBERNETES_SERVICE_PORT` + standard pod environment variables `KUBERNETES_SERVICE_HOST` or `KUBERNETES_SERVICE_PORT` are not set on the host that Vault is running on. :param pulumi.Input[bool] local: Local mount flag that can be explicitly set to true to enforce local mount in HA environment :param pulumi.Input[int] max_lease_ttl_seconds: Maximum possible lease duration for tokens and secrets in seconds @@ -673,7 +673,7 @@ def __init__(__self__, :param pulumi.Input[str] path: Where the secret backend will be mounted :param pulumi.Input[bool] seal_wrap: Enable seal wrapping for the mount, causing values stored by the mount to be wrapped by the seal's encryption capability :param pulumi.Input[str] service_account_jwt: The JSON web token of the service account used by the - secrets engine to manage Kubernetes credentials. Defaults to the local pod’s JWT if Vault + secrets engine to manage Kubernetes credentials. Defaults to the local pod’s JWT if Vault is running in Kubernetes. """ ... @@ -813,11 +813,11 @@ def get(resource_name: str, service account JWT when Vault is running in a Kubernetes pod. :param pulumi.Input[bool] external_entropy_access: Enable the secrets engine to access Vault's external entropy source :param pulumi.Input[str] kubernetes_ca_cert: A PEM-encoded CA certificate used by the - secrets engine to verify the Kubernetes API server certificate. Defaults to the local + secrets engine to verify the Kubernetes API server certificate. Defaults to the local pod’s CA if Vault is running in Kubernetes. Otherwise, defaults to the root CA set where Vault is running. :param pulumi.Input[str] kubernetes_host: The Kubernetes API URL to connect to. Required if the - standard pod environment variables `KUBERNETES_SERVICE_HOST` or `KUBERNETES_SERVICE_PORT` + standard pod environment variables `KUBERNETES_SERVICE_HOST` or `KUBERNETES_SERVICE_PORT` are not set on the host that Vault is running on. :param pulumi.Input[bool] local: Local mount flag that can be explicitly set to true to enforce local mount in HA environment :param pulumi.Input[int] max_lease_ttl_seconds: Maximum possible lease duration for tokens and secrets in seconds @@ -829,7 +829,7 @@ def get(resource_name: str, :param pulumi.Input[str] path: Where the secret backend will be mounted :param pulumi.Input[bool] seal_wrap: Enable seal wrapping for the mount, causing values stored by the mount to be wrapped by the seal's encryption capability :param pulumi.Input[str] service_account_jwt: The JSON web token of the service account used by the - secrets engine to manage Kubernetes credentials. Defaults to the local pod’s JWT if Vault + secrets engine to manage Kubernetes credentials. Defaults to the local pod’s JWT if Vault is running in Kubernetes. """ opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id)) @@ -925,7 +925,7 @@ def external_entropy_access(self) -> pulumi.Output[Optional[bool]]: def kubernetes_ca_cert(self) -> pulumi.Output[Optional[str]]: """ A PEM-encoded CA certificate used by the - secrets engine to verify the Kubernetes API server certificate. Defaults to the local + secrets engine to verify the Kubernetes API server certificate. Defaults to the local pod’s CA if Vault is running in Kubernetes. Otherwise, defaults to the root CA set where Vault is running. """ @@ -936,7 +936,7 @@ def kubernetes_ca_cert(self) -> pulumi.Output[Optional[str]]: def kubernetes_host(self) -> pulumi.Output[Optional[str]]: """ The Kubernetes API URL to connect to. Required if the - standard pod environment variables `KUBERNETES_SERVICE_HOST` or `KUBERNETES_SERVICE_PORT` + standard pod environment variables `KUBERNETES_SERVICE_HOST` or `KUBERNETES_SERVICE_PORT` are not set on the host that Vault is running on. """ return pulumi.get(self, "kubernetes_host") @@ -997,7 +997,7 @@ def seal_wrap(self) -> pulumi.Output[bool]: def service_account_jwt(self) -> pulumi.Output[Optional[str]]: """ The JSON web token of the service account used by the - secrets engine to manage Kubernetes credentials. Defaults to the local pod’s JWT if Vault + secrets engine to manage Kubernetes credentials. Defaults to the local pod’s JWT if Vault is running in Kubernetes. """ return pulumi.get(self, "service_account_jwt") diff --git a/sdk/python/pulumi_vault/kubernetes/secret_backend_role.py b/sdk/python/pulumi_vault/kubernetes/secret_backend_role.py index f00ab11cb..6e5f87bbf 100644 --- a/sdk/python/pulumi_vault/kubernetes/secret_backend_role.py +++ b/sdk/python/pulumi_vault/kubernetes/secret_backend_role.py @@ -40,12 +40,12 @@ def __init__(__self__, *, This resource also directly accepts all Mount fields. :param pulumi.Input[str] generated_role_rules: The Role or ClusterRole rules to use when generating - a role. Accepts either JSON or YAML formatted rules. Mutually exclusive with `service_account_name` - and `kubernetes_role_name`. If set, the entire chain of Kubernetes objects will be generated + a role. Accepts either JSON or YAML formatted rules. Mutually exclusive with `service_account_name` + and `kubernetes_role_name`. If set, the entire chain of Kubernetes objects will be generated when credentials are requested. :param pulumi.Input[str] kubernetes_role_name: The pre-existing Role or ClusterRole to bind a - generated service account to. Mutually exclusive with `service_account_name` and - `generated_role_rules`. If set, Kubernetes token, service account, and role + generated service account to. Mutually exclusive with `service_account_name` and + `generated_role_rules`. If set, Kubernetes token, service account, and role binding objects will be created when credentials are requested. :param pulumi.Input[str] kubernetes_role_type: Specifies whether the Kubernetes role is a Role or ClusterRole. @@ -146,8 +146,8 @@ def extra_labels(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[st def generated_role_rules(self) -> Optional[pulumi.Input[str]]: """ The Role or ClusterRole rules to use when generating - a role. Accepts either JSON or YAML formatted rules. Mutually exclusive with `service_account_name` - and `kubernetes_role_name`. If set, the entire chain of Kubernetes objects will be generated + a role. Accepts either JSON or YAML formatted rules. Mutually exclusive with `service_account_name` + and `kubernetes_role_name`. If set, the entire chain of Kubernetes objects will be generated when credentials are requested. """ return pulumi.get(self, "generated_role_rules") @@ -161,8 +161,8 @@ def generated_role_rules(self, value: Optional[pulumi.Input[str]]): def kubernetes_role_name(self) -> Optional[pulumi.Input[str]]: """ The pre-existing Role or ClusterRole to bind a - generated service account to. Mutually exclusive with `service_account_name` and - `generated_role_rules`. If set, Kubernetes token, service account, and role + generated service account to. Mutually exclusive with `service_account_name` and + `generated_role_rules`. If set, Kubernetes token, service account, and role binding objects will be created when credentials are requested. """ return pulumi.get(self, "kubernetes_role_name") @@ -292,12 +292,12 @@ def __init__(__self__, *, This resource also directly accepts all Mount fields. :param pulumi.Input[str] generated_role_rules: The Role or ClusterRole rules to use when generating - a role. Accepts either JSON or YAML formatted rules. Mutually exclusive with `service_account_name` - and `kubernetes_role_name`. If set, the entire chain of Kubernetes objects will be generated + a role. Accepts either JSON or YAML formatted rules. Mutually exclusive with `service_account_name` + and `kubernetes_role_name`. If set, the entire chain of Kubernetes objects will be generated when credentials are requested. :param pulumi.Input[str] kubernetes_role_name: The pre-existing Role or ClusterRole to bind a - generated service account to. Mutually exclusive with `service_account_name` and - `generated_role_rules`. If set, Kubernetes token, service account, and role + generated service account to. Mutually exclusive with `service_account_name` and + `generated_role_rules`. If set, Kubernetes token, service account, and role binding objects will be created when credentials are requested. :param pulumi.Input[str] kubernetes_role_type: Specifies whether the Kubernetes role is a Role or ClusterRole. @@ -400,8 +400,8 @@ def extra_labels(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[st def generated_role_rules(self) -> Optional[pulumi.Input[str]]: """ The Role or ClusterRole rules to use when generating - a role. Accepts either JSON or YAML formatted rules. Mutually exclusive with `service_account_name` - and `kubernetes_role_name`. If set, the entire chain of Kubernetes objects will be generated + a role. Accepts either JSON or YAML formatted rules. Mutually exclusive with `service_account_name` + and `kubernetes_role_name`. If set, the entire chain of Kubernetes objects will be generated when credentials are requested. """ return pulumi.get(self, "generated_role_rules") @@ -415,8 +415,8 @@ def generated_role_rules(self, value: Optional[pulumi.Input[str]]): def kubernetes_role_name(self) -> Optional[pulumi.Input[str]]: """ The pre-existing Role or ClusterRole to bind a - generated service account to. Mutually exclusive with `service_account_name` and - `generated_role_rules`. If set, Kubernetes token, service account, and role + generated service account to. Mutually exclusive with `service_account_name` and + `generated_role_rules`. If set, Kubernetes token, service account, and role binding objects will be created when credentials are requested. """ return pulumi.get(self, "kubernetes_role_name") @@ -652,12 +652,12 @@ def __init__(__self__, This resource also directly accepts all Mount fields. :param pulumi.Input[str] generated_role_rules: The Role or ClusterRole rules to use when generating - a role. Accepts either JSON or YAML formatted rules. Mutually exclusive with `service_account_name` - and `kubernetes_role_name`. If set, the entire chain of Kubernetes objects will be generated + a role. Accepts either JSON or YAML formatted rules. Mutually exclusive with `service_account_name` + and `kubernetes_role_name`. If set, the entire chain of Kubernetes objects will be generated when credentials are requested. :param pulumi.Input[str] kubernetes_role_name: The pre-existing Role or ClusterRole to bind a - generated service account to. Mutually exclusive with `service_account_name` and - `generated_role_rules`. If set, Kubernetes token, service account, and role + generated service account to. Mutually exclusive with `service_account_name` and + `generated_role_rules`. If set, Kubernetes token, service account, and role binding objects will be created when credentials are requested. :param pulumi.Input[str] kubernetes_role_type: Specifies whether the Kubernetes role is a Role or ClusterRole. @@ -878,12 +878,12 @@ def get(resource_name: str, This resource also directly accepts all Mount fields. :param pulumi.Input[str] generated_role_rules: The Role or ClusterRole rules to use when generating - a role. Accepts either JSON or YAML formatted rules. Mutually exclusive with `service_account_name` - and `kubernetes_role_name`. If set, the entire chain of Kubernetes objects will be generated + a role. Accepts either JSON or YAML formatted rules. Mutually exclusive with `service_account_name` + and `kubernetes_role_name`. If set, the entire chain of Kubernetes objects will be generated when credentials are requested. :param pulumi.Input[str] kubernetes_role_name: The pre-existing Role or ClusterRole to bind a - generated service account to. Mutually exclusive with `service_account_name` and - `generated_role_rules`. If set, Kubernetes token, service account, and role + generated service account to. Mutually exclusive with `service_account_name` and + `generated_role_rules`. If set, Kubernetes token, service account, and role binding objects will be created when credentials are requested. :param pulumi.Input[str] kubernetes_role_type: Specifies whether the Kubernetes role is a Role or ClusterRole. @@ -962,8 +962,8 @@ def extra_labels(self) -> pulumi.Output[Optional[Mapping[str, str]]]: def generated_role_rules(self) -> pulumi.Output[Optional[str]]: """ The Role or ClusterRole rules to use when generating - a role. Accepts either JSON or YAML formatted rules. Mutually exclusive with `service_account_name` - and `kubernetes_role_name`. If set, the entire chain of Kubernetes objects will be generated + a role. Accepts either JSON or YAML formatted rules. Mutually exclusive with `service_account_name` + and `kubernetes_role_name`. If set, the entire chain of Kubernetes objects will be generated when credentials are requested. """ return pulumi.get(self, "generated_role_rules") @@ -973,8 +973,8 @@ def generated_role_rules(self) -> pulumi.Output[Optional[str]]: def kubernetes_role_name(self) -> pulumi.Output[Optional[str]]: """ The pre-existing Role or ClusterRole to bind a - generated service account to. Mutually exclusive with `service_account_name` and - `generated_role_rules`. If set, Kubernetes token, service account, and role + generated service account to. Mutually exclusive with `service_account_name` and + `generated_role_rules`. If set, Kubernetes token, service account, and role binding objects will be created when credentials are requested. """ return pulumi.get(self, "kubernetes_role_name") diff --git a/sdk/python/pulumi_vault/mfa_okta.py b/sdk/python/pulumi_vault/mfa_okta.py index 1de9b4067..5c3a48967 100644 --- a/sdk/python/pulumi_vault/mfa_okta.py +++ b/sdk/python/pulumi_vault/mfa_okta.py @@ -38,7 +38,7 @@ def __init__(__self__, *, :param pulumi.Input[bool] primary_email: `(string: )` - If set to true, the username will only match the primary email for the account. :param pulumi.Input[str] username_format: `(string)` - A format string for mapping Identity names to MFA method names. - Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`. + Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`. If blank, the Alias's Name field will be used as-is. Currently-supported mappings: - alias.name: The name returned by the mount configured via the `mount_accessor` parameter - entity.name: The name configured for the Entity @@ -154,7 +154,7 @@ def primary_email(self, value: Optional[pulumi.Input[bool]]): def username_format(self) -> Optional[pulumi.Input[str]]: """ `(string)` - A format string for mapping Identity names to MFA method names. - Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`. + Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`. If blank, the Alias's Name field will be used as-is. Currently-supported mappings: - alias.name: The name returned by the mount configured via the `mount_accessor` parameter - entity.name: The name configured for the Entity @@ -195,7 +195,7 @@ def __init__(__self__, *, :param pulumi.Input[bool] primary_email: `(string: )` - If set to true, the username will only match the primary email for the account. :param pulumi.Input[str] username_format: `(string)` - A format string for mapping Identity names to MFA method names. - Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`. + Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`. If blank, the Alias's Name field will be used as-is. Currently-supported mappings: - alias.name: The name returned by the mount configured via the `mount_accessor` parameter - entity.name: The name configured for the Entity @@ -314,7 +314,7 @@ def primary_email(self, value: Optional[pulumi.Input[bool]]): def username_format(self) -> Optional[pulumi.Input[str]]: """ `(string)` - A format string for mapping Identity names to MFA method names. - Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`. + Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`. If blank, the Alias's Name field will be used as-is. Currently-supported mappings: - alias.name: The name returned by the mount configured via the `mount_accessor` parameter - entity.name: The name configured for the Entity @@ -387,7 +387,7 @@ def __init__(__self__, :param pulumi.Input[bool] primary_email: `(string: )` - If set to true, the username will only match the primary email for the account. :param pulumi.Input[str] username_format: `(string)` - A format string for mapping Identity names to MFA method names. - Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`. + Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`. If blank, the Alias's Name field will be used as-is. Currently-supported mappings: - alias.name: The name returned by the mount configured via the `mount_accessor` parameter - entity.name: The name configured for the Entity @@ -516,7 +516,7 @@ def get(resource_name: str, :param pulumi.Input[bool] primary_email: `(string: )` - If set to true, the username will only match the primary email for the account. :param pulumi.Input[str] username_format: `(string)` - A format string for mapping Identity names to MFA method names. - Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`. + Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`. If blank, the Alias's Name field will be used as-is. Currently-supported mappings: - alias.name: The name returned by the mount configured via the `mount_accessor` parameter - entity.name: The name configured for the Entity @@ -604,7 +604,7 @@ def primary_email(self) -> pulumi.Output[Optional[bool]]: def username_format(self) -> pulumi.Output[Optional[str]]: """ `(string)` - A format string for mapping Identity names to MFA method names. - Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`. + Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`. If blank, the Alias's Name field will be used as-is. Currently-supported mappings: - alias.name: The name returned by the mount configured via the `mount_accessor` parameter - entity.name: The name configured for the Entity diff --git a/sdk/python/pulumi_vault/mfa_pingid.py b/sdk/python/pulumi_vault/mfa_pingid.py index db300028d..c4a5e8e01 100644 --- a/sdk/python/pulumi_vault/mfa_pingid.py +++ b/sdk/python/pulumi_vault/mfa_pingid.py @@ -31,7 +31,7 @@ def __init__(__self__, *, The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). *Available only for Vault Enterprise*. :param pulumi.Input[str] username_format: `(string)` - A format string for mapping Identity names to MFA method names. - Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`. + Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`. If blank, the Alias's Name field will be used as-is. Currently-supported mappings: - alias.name: The name returned by the mount configured via the `mount_accessor` parameter - entity.name: The name configured for the Entity @@ -105,7 +105,7 @@ def namespace(self, value: Optional[pulumi.Input[str]]): def username_format(self) -> Optional[pulumi.Input[str]]: """ `(string)` - A format string for mapping Identity names to MFA method names. - Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`. + Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`. If blank, the Alias's Name field will be used as-is. Currently-supported mappings: - alias.name: The name returned by the mount configured via the `mount_accessor` parameter - entity.name: The name configured for the Entity @@ -153,7 +153,7 @@ def __init__(__self__, *, :param pulumi.Input[str] type: `(string)` – Type of configuration computed by Vault :param pulumi.Input[bool] use_signature: `(string)` – If set to true, enables use of PingID signature. Computed by Vault :param pulumi.Input[str] username_format: `(string)` - A format string for mapping Identity names to MFA method names. - Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`. + Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`. If blank, the Alias's Name field will be used as-is. Currently-supported mappings: - alias.name: The name returned by the mount configured via the `mount_accessor` parameter - entity.name: The name configured for the Entity @@ -327,7 +327,7 @@ def use_signature(self, value: Optional[pulumi.Input[bool]]): def username_format(self) -> Optional[pulumi.Input[str]]: """ `(string)` - A format string for mapping Identity names to MFA method names. - Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`. + Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`. If blank, the Alias's Name field will be used as-is. Currently-supported mappings: - alias.name: The name returned by the mount configured via the `mount_accessor` parameter - entity.name: The name configured for the Entity @@ -394,7 +394,7 @@ def __init__(__self__, :param pulumi.Input[str] settings_file_base64: `(string: )` - A base64-encoded third-party settings file retrieved from PingID's configuration page. :param pulumi.Input[str] username_format: `(string)` - A format string for mapping Identity names to MFA method names. - Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`. + Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`. If blank, the Alias's Name field will be used as-is. Currently-supported mappings: - alias.name: The name returned by the mount configured via the `mount_accessor` parameter - entity.name: The name configured for the Entity @@ -528,7 +528,7 @@ def get(resource_name: str, :param pulumi.Input[str] type: `(string)` – Type of configuration computed by Vault :param pulumi.Input[bool] use_signature: `(string)` – If set to true, enables use of PingID signature. Computed by Vault :param pulumi.Input[str] username_format: `(string)` - A format string for mapping Identity names to MFA method names. - Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`. + Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`. If blank, the Alias's Name field will be used as-is. Currently-supported mappings: - alias.name: The name returned by the mount configured via the `mount_accessor` parameter - entity.name: The name configured for the Entity @@ -651,7 +651,7 @@ def use_signature(self) -> pulumi.Output[bool]: def username_format(self) -> pulumi.Output[Optional[str]]: """ `(string)` - A format string for mapping Identity names to MFA method names. - Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`. + Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`. If blank, the Alias's Name field will be used as-is. Currently-supported mappings: - alias.name: The name returned by the mount configured via the `mount_accessor` parameter - entity.name: The name configured for the Entity diff --git a/sdk/python/pulumi_vault/pkisecret/secret_backend_key.py b/sdk/python/pulumi_vault/pkisecret/secret_backend_key.py index a75a4761b..c396f664d 100644 --- a/sdk/python/pulumi_vault/pkisecret/secret_backend_key.py +++ b/sdk/python/pulumi_vault/pkisecret/secret_backend_key.py @@ -28,7 +28,7 @@ def __init__(__self__, *, :param pulumi.Input[str] type: Specifies the type of the key to create. Can be `exported`,`internal` or `kms`. :param pulumi.Input[int] key_bits: Specifies the number of bits to use for the generated keys. Allowed values are 0 (universal default); with `key_type=rsa`, allowed values are: - 2048 (default), 3072, or 4096; with `key_type=ec`, allowed values are: 224, 256 (default), + 2048 (default), 3072, or 4096; with `key_type=ec`, allowed values are: 224, 256 (default), 384, or 521; ignored with `key_type=ed25519`. :param pulumi.Input[str] key_name: When a new key is created with this request, optionally specifies the name for this. The global ref `default` may not be used as a name. @@ -85,7 +85,7 @@ def key_bits(self) -> Optional[pulumi.Input[int]]: """ Specifies the number of bits to use for the generated keys. Allowed values are 0 (universal default); with `key_type=rsa`, allowed values are: - 2048 (default), 3072, or 4096; with `key_type=ec`, allowed values are: 224, 256 (default), + 2048 (default), 3072, or 4096; with `key_type=ec`, allowed values are: 224, 256 (default), 384, or 521; ignored with `key_type=ed25519`. """ return pulumi.get(self, "key_bits") @@ -176,7 +176,7 @@ def __init__(__self__, *, :param pulumi.Input[str] backend: The path the PKI secret backend is mounted at, with no leading or trailing `/`s. :param pulumi.Input[int] key_bits: Specifies the number of bits to use for the generated keys. Allowed values are 0 (universal default); with `key_type=rsa`, allowed values are: - 2048 (default), 3072, or 4096; with `key_type=ec`, allowed values are: 224, 256 (default), + 2048 (default), 3072, or 4096; with `key_type=ec`, allowed values are: 224, 256 (default), 384, or 521; ignored with `key_type=ed25519`. :param pulumi.Input[str] key_id: ID of the generated key. :param pulumi.Input[str] key_name: When a new key is created with this request, optionally specifies the name for this. @@ -227,7 +227,7 @@ def key_bits(self) -> Optional[pulumi.Input[int]]: """ Specifies the number of bits to use for the generated keys. Allowed values are 0 (universal default); with `key_type=rsa`, allowed values are: - 2048 (default), 3072, or 4096; with `key_type=ec`, allowed values are: 224, 256 (default), + 2048 (default), 3072, or 4096; with `key_type=ec`, allowed values are: 224, 256 (default), 384, or 521; ignored with `key_type=ed25519`. """ return pulumi.get(self, "key_bits") @@ -355,7 +355,7 @@ def __init__(__self__, :param pulumi.Input[str] backend: The path the PKI secret backend is mounted at, with no leading or trailing `/`s. :param pulumi.Input[int] key_bits: Specifies the number of bits to use for the generated keys. Allowed values are 0 (universal default); with `key_type=rsa`, allowed values are: - 2048 (default), 3072, or 4096; with `key_type=ec`, allowed values are: 224, 256 (default), + 2048 (default), 3072, or 4096; with `key_type=ec`, allowed values are: 224, 256 (default), 384, or 521; ignored with `key_type=ed25519`. :param pulumi.Input[str] key_name: When a new key is created with this request, optionally specifies the name for this. The global ref `default` may not be used as a name. @@ -459,7 +459,7 @@ def get(resource_name: str, :param pulumi.Input[str] backend: The path the PKI secret backend is mounted at, with no leading or trailing `/`s. :param pulumi.Input[int] key_bits: Specifies the number of bits to use for the generated keys. Allowed values are 0 (universal default); with `key_type=rsa`, allowed values are: - 2048 (default), 3072, or 4096; with `key_type=ec`, allowed values are: 224, 256 (default), + 2048 (default), 3072, or 4096; with `key_type=ec`, allowed values are: 224, 256 (default), 384, or 521; ignored with `key_type=ed25519`. :param pulumi.Input[str] key_id: ID of the generated key. :param pulumi.Input[str] key_name: When a new key is created with this request, optionally specifies the name for this. @@ -502,7 +502,7 @@ def key_bits(self) -> pulumi.Output[int]: """ Specifies the number of bits to use for the generated keys. Allowed values are 0 (universal default); with `key_type=rsa`, allowed values are: - 2048 (default), 3072, or 4096; with `key_type=ec`, allowed values are: 224, 256 (default), + 2048 (default), 3072, or 4096; with `key_type=ec`, allowed values are: 224, 256 (default), 384, or 521; ignored with `key_type=ed25519`. """ return pulumi.get(self, "key_bits") diff --git a/sdk/python/pulumi_vault/saml/auth_backend.py b/sdk/python/pulumi_vault/saml/auth_backend.py index 6cb7ce107..8eab582f5 100644 --- a/sdk/python/pulumi_vault/saml/auth_backend.py +++ b/sdk/python/pulumi_vault/saml/auth_backend.py @@ -47,7 +47,7 @@ def __init__(__self__, *, :param pulumi.Input[str] path: Path where the auth backend will be mounted. Defaults to `auth/saml` if not specified. :param pulumi.Input[bool] verbose_logging: If set to `true`, logs additional, potentially sensitive - information during the SAML exchange according to the current logging level. Not + information during the SAML exchange according to the current logging level. Not recommended for production. """ pulumi.set(__self__, "acs_urls", acs_urls) @@ -205,7 +205,7 @@ def path(self, value: Optional[pulumi.Input[str]]): def verbose_logging(self) -> Optional[pulumi.Input[bool]]: """ If set to `true`, logs additional, potentially sensitive - information during the SAML exchange according to the current logging level. Not + information during the SAML exchange according to the current logging level. Not recommended for production. """ return pulumi.get(self, "verbose_logging") @@ -251,7 +251,7 @@ def __init__(__self__, *, :param pulumi.Input[str] path: Path where the auth backend will be mounted. Defaults to `auth/saml` if not specified. :param pulumi.Input[bool] verbose_logging: If set to `true`, logs additional, potentially sensitive - information during the SAML exchange according to the current logging level. Not + information during the SAML exchange according to the current logging level. Not recommended for production. """ if acs_urls is not None: @@ -411,7 +411,7 @@ def path(self, value: Optional[pulumi.Input[str]]): def verbose_logging(self) -> Optional[pulumi.Input[bool]]: """ If set to `true`, logs additional, potentially sensitive - information during the SAML exchange according to the current logging level. Not + information during the SAML exchange according to the current logging level. Not recommended for production. """ return pulumi.get(self, "verbose_logging") @@ -487,7 +487,7 @@ def __init__(__self__, :param pulumi.Input[str] path: Path where the auth backend will be mounted. Defaults to `auth/saml` if not specified. :param pulumi.Input[bool] verbose_logging: If set to `true`, logs additional, potentially sensitive - information during the SAML exchange according to the current logging level. Not + information during the SAML exchange according to the current logging level. Not recommended for production. """ ... @@ -621,7 +621,7 @@ def get(resource_name: str, :param pulumi.Input[str] path: Path where the auth backend will be mounted. Defaults to `auth/saml` if not specified. :param pulumi.Input[bool] verbose_logging: If set to `true`, logs additional, potentially sensitive - information during the SAML exchange according to the current logging level. Not + information during the SAML exchange according to the current logging level. Not recommended for production. """ opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id)) @@ -735,7 +735,7 @@ def path(self) -> pulumi.Output[Optional[str]]: def verbose_logging(self) -> pulumi.Output[bool]: """ If set to `true`, logs additional, potentially sensitive - information during the SAML exchange according to the current logging level. Not + information during the SAML exchange according to the current logging level. Not recommended for production. """ return pulumi.get(self, "verbose_logging") diff --git a/sdk/python/pulumi_vault/ssh/_inputs.py b/sdk/python/pulumi_vault/ssh/_inputs.py index 7cfea7c23..b9296619c 100644 --- a/sdk/python/pulumi_vault/ssh/_inputs.py +++ b/sdk/python/pulumi_vault/ssh/_inputs.py @@ -30,7 +30,7 @@ def __init__(__self__, *, import pulumi ``` :param pulumi.Input[str] type: The SSH public key type. - *Supported key types are:* + *Supported key types are:* `rsa`, `ecdsa`, `ec`, `dsa`, `ed25519`, `ssh-rsa`, `ssh-dss`, `ssh-ed25519`, `ecdsa-sha2-nistp256`, `ecdsa-sha2-nistp384`, `ecdsa-sha2-nistp521` """ @@ -63,7 +63,7 @@ def lengths(self, value: pulumi.Input[Sequence[pulumi.Input[int]]]): def type(self) -> pulumi.Input[str]: """ The SSH public key type. - *Supported key types are:* + *Supported key types are:* `rsa`, `ecdsa`, `ec`, `dsa`, `ed25519`, `ssh-rsa`, `ssh-dss`, `ssh-ed25519`, `ecdsa-sha2-nistp256`, `ecdsa-sha2-nistp384`, `ecdsa-sha2-nistp521` """ diff --git a/sdk/python/pulumi_vault/ssh/outputs.py b/sdk/python/pulumi_vault/ssh/outputs.py index 1d6bacbf7..8ae68a5bb 100644 --- a/sdk/python/pulumi_vault/ssh/outputs.py +++ b/sdk/python/pulumi_vault/ssh/outputs.py @@ -30,7 +30,7 @@ def __init__(__self__, *, import pulumi ``` :param str type: The SSH public key type. - *Supported key types are:* + *Supported key types are:* `rsa`, `ecdsa`, `ec`, `dsa`, `ed25519`, `ssh-rsa`, `ssh-dss`, `ssh-ed25519`, `ecdsa-sha2-nistp256`, `ecdsa-sha2-nistp384`, `ecdsa-sha2-nistp521` """ @@ -59,7 +59,7 @@ def lengths(self) -> Sequence[int]: def type(self) -> str: """ The SSH public key type. - *Supported key types are:* + *Supported key types are:* `rsa`, `ecdsa`, `ec`, `dsa`, `ed25519`, `ssh-rsa`, `ssh-dss`, `ssh-ed25519`, `ecdsa-sha2-nistp256`, `ecdsa-sha2-nistp384`, `ecdsa-sha2-nistp521` """ diff --git a/sdk/python/pulumi_vault/ssh/secret_backend_role.py b/sdk/python/pulumi_vault/ssh/secret_backend_role.py index 6a260ba2d..a75bbf9b8 100644 --- a/sdk/python/pulumi_vault/ssh/secret_backend_role.py +++ b/sdk/python/pulumi_vault/ssh/secret_backend_role.py @@ -59,10 +59,10 @@ def __init__(__self__, *, identity template policies. Non-templated domains are also permitted. :param pulumi.Input[str] allowed_extensions: Specifies a comma-separated list of extensions that certificates can have when signed. :param pulumi.Input[Sequence[pulumi.Input['SecretBackendRoleAllowedUserKeyConfigArgs']]] allowed_user_key_configs: Set of configuration blocks to define allowed - user key configuration, like key type and their lengths. Can be specified multiple times. + user key configuration, like key type and their lengths. Can be specified multiple times. *See Configuration-Options for more info* :param pulumi.Input[Mapping[str, pulumi.Input[int]]] allowed_user_key_lengths: Specifies a map of ssh key types and their expected sizes which - are allowed to be signed by the CA type. + are allowed to be signed by the CA type. *Deprecated: use* allowed_user_key_config *instead* :param pulumi.Input[str] allowed_users: Specifies a comma-separated list of usernames that are to be allowed, only if certain usernames are to be allowed. :param pulumi.Input[bool] allowed_users_template: Specifies if `allowed_users` can be declared using identity template policies. Non-templated users are also permitted. @@ -288,7 +288,7 @@ def allowed_extensions(self, value: Optional[pulumi.Input[str]]): def allowed_user_key_configs(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['SecretBackendRoleAllowedUserKeyConfigArgs']]]]: """ Set of configuration blocks to define allowed - user key configuration, like key type and their lengths. Can be specified multiple times. + user key configuration, like key type and their lengths. Can be specified multiple times. *See Configuration-Options for more info* """ return pulumi.get(self, "allowed_user_key_configs") @@ -302,7 +302,7 @@ def allowed_user_key_configs(self, value: Optional[pulumi.Input[Sequence[pulumi. def allowed_user_key_lengths(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[int]]]]: """ Specifies a map of ssh key types and their expected sizes which - are allowed to be signed by the CA type. + are allowed to be signed by the CA type. *Deprecated: use* allowed_user_key_config *instead* """ warnings.warn("""Set in allowed_user_key_config""", DeprecationWarning) @@ -519,10 +519,10 @@ def __init__(__self__, *, identity template policies. Non-templated domains are also permitted. :param pulumi.Input[str] allowed_extensions: Specifies a comma-separated list of extensions that certificates can have when signed. :param pulumi.Input[Sequence[pulumi.Input['SecretBackendRoleAllowedUserKeyConfigArgs']]] allowed_user_key_configs: Set of configuration blocks to define allowed - user key configuration, like key type and their lengths. Can be specified multiple times. + user key configuration, like key type and their lengths. Can be specified multiple times. *See Configuration-Options for more info* :param pulumi.Input[Mapping[str, pulumi.Input[int]]] allowed_user_key_lengths: Specifies a map of ssh key types and their expected sizes which - are allowed to be signed by the CA type. + are allowed to be signed by the CA type. *Deprecated: use* allowed_user_key_config *instead* :param pulumi.Input[str] allowed_users: Specifies a comma-separated list of usernames that are to be allowed, only if certain usernames are to be allowed. :param pulumi.Input[bool] allowed_users_template: Specifies if `allowed_users` can be declared using identity template policies. Non-templated users are also permitted. @@ -728,7 +728,7 @@ def allowed_extensions(self, value: Optional[pulumi.Input[str]]): def allowed_user_key_configs(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['SecretBackendRoleAllowedUserKeyConfigArgs']]]]: """ Set of configuration blocks to define allowed - user key configuration, like key type and their lengths. Can be specified multiple times. + user key configuration, like key type and their lengths. Can be specified multiple times. *See Configuration-Options for more info* """ return pulumi.get(self, "allowed_user_key_configs") @@ -742,7 +742,7 @@ def allowed_user_key_configs(self, value: Optional[pulumi.Input[Sequence[pulumi. def allowed_user_key_lengths(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[int]]]]: """ Specifies a map of ssh key types and their expected sizes which - are allowed to be signed by the CA type. + are allowed to be signed by the CA type. *Deprecated: use* allowed_user_key_config *instead* """ warnings.warn("""Set in allowed_user_key_config""", DeprecationWarning) @@ -1017,10 +1017,10 @@ def __init__(__self__, identity template policies. Non-templated domains are also permitted. :param pulumi.Input[str] allowed_extensions: Specifies a comma-separated list of extensions that certificates can have when signed. :param pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['SecretBackendRoleAllowedUserKeyConfigArgs']]]] allowed_user_key_configs: Set of configuration blocks to define allowed - user key configuration, like key type and their lengths. Can be specified multiple times. + user key configuration, like key type and their lengths. Can be specified multiple times. *See Configuration-Options for more info* :param pulumi.Input[Mapping[str, pulumi.Input[int]]] allowed_user_key_lengths: Specifies a map of ssh key types and their expected sizes which - are allowed to be signed by the CA type. + are allowed to be signed by the CA type. *Deprecated: use* allowed_user_key_config *instead* :param pulumi.Input[str] allowed_users: Specifies a comma-separated list of usernames that are to be allowed, only if certain usernames are to be allowed. :param pulumi.Input[bool] allowed_users_template: Specifies if `allowed_users` can be declared using identity template policies. Non-templated users are also permitted. @@ -1217,10 +1217,10 @@ def get(resource_name: str, identity template policies. Non-templated domains are also permitted. :param pulumi.Input[str] allowed_extensions: Specifies a comma-separated list of extensions that certificates can have when signed. :param pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['SecretBackendRoleAllowedUserKeyConfigArgs']]]] allowed_user_key_configs: Set of configuration blocks to define allowed - user key configuration, like key type and their lengths. Can be specified multiple times. + user key configuration, like key type and their lengths. Can be specified multiple times. *See Configuration-Options for more info* :param pulumi.Input[Mapping[str, pulumi.Input[int]]] allowed_user_key_lengths: Specifies a map of ssh key types and their expected sizes which - are allowed to be signed by the CA type. + are allowed to be signed by the CA type. *Deprecated: use* allowed_user_key_config *instead* :param pulumi.Input[str] allowed_users: Specifies a comma-separated list of usernames that are to be allowed, only if certain usernames are to be allowed. :param pulumi.Input[bool] allowed_users_template: Specifies if `allowed_users` can be declared using identity template policies. Non-templated users are also permitted. @@ -1361,7 +1361,7 @@ def allowed_extensions(self) -> pulumi.Output[Optional[str]]: def allowed_user_key_configs(self) -> pulumi.Output[Optional[Sequence['outputs.SecretBackendRoleAllowedUserKeyConfig']]]: """ Set of configuration blocks to define allowed - user key configuration, like key type and their lengths. Can be specified multiple times. + user key configuration, like key type and their lengths. Can be specified multiple times. *See Configuration-Options for more info* """ return pulumi.get(self, "allowed_user_key_configs") @@ -1371,7 +1371,7 @@ def allowed_user_key_configs(self) -> pulumi.Output[Optional[Sequence['outputs.S def allowed_user_key_lengths(self) -> pulumi.Output[Optional[Mapping[str, int]]]: """ Specifies a map of ssh key types and their expected sizes which - are allowed to be signed by the CA type. + are allowed to be signed by the CA type. *Deprecated: use* allowed_user_key_config *instead* """ warnings.warn("""Set in allowed_user_key_config""", DeprecationWarning)