diff --git a/examples/go.mod b/examples/go.mod index 1a865d106..a50dde3b0 100644 --- a/examples/go.mod +++ b/examples/go.mod @@ -2,7 +2,7 @@ module github.com/pulumi/pulumi-vault/examples/v6 go 1.21 -require github.com/pulumi/pulumi/pkg/v3 v3.129.0 +require github.com/pulumi/pulumi/pkg/v3 v3.130.0 require ( cloud.google.com/go v0.112.1 // indirect @@ -123,7 +123,7 @@ require ( github.com/pmezard/go-difflib v1.0.0 // indirect github.com/pulumi/appdash v0.0.0-20231130102222-75f619a67231 // indirect github.com/pulumi/esc v0.9.1 // indirect - github.com/pulumi/pulumi/sdk/v3 v3.129.0 // indirect + github.com/pulumi/pulumi/sdk/v3 v3.130.0 // indirect github.com/rivo/uniseg v0.4.4 // indirect github.com/rogpeppe/go-internal v1.12.0 // indirect github.com/ryanuber/go-glob v1.0.0 // indirect diff --git a/examples/go.sum b/examples/go.sum index d9d59af93..1fc06cde5 100644 --- a/examples/go.sum +++ b/examples/go.sum @@ -342,10 +342,10 @@ github.com/pulumi/appdash v0.0.0-20231130102222-75f619a67231 h1:vkHw5I/plNdTr435 github.com/pulumi/appdash v0.0.0-20231130102222-75f619a67231/go.mod h1:murToZ2N9hNJzewjHBgfFdXhZKjY3z5cYC1VXk+lbFE= github.com/pulumi/esc v0.9.1 h1:HH5eEv8sgyxSpY5a8yePyqFXzA8cvBvapfH8457+mIs= github.com/pulumi/esc v0.9.1/go.mod h1:oEJ6bOsjYlQUpjf70GiX+CXn3VBmpwFDxUTlmtUN84c= -github.com/pulumi/pulumi/pkg/v3 v3.129.0 h1:n4Jd4ctlvw3eqyHglb/yJKDtRqjOvdkCBfG5T+orU30= -github.com/pulumi/pulumi/pkg/v3 v3.129.0/go.mod h1:W3c7JgO064kUH5IfyQMCgmsAr5iwr3PO6KEeIQiO0dY= -github.com/pulumi/pulumi/sdk/v3 v3.129.0 h1:uZpTTwWTx7Mk8UT9FgatzxzArim47vZ6hzNCKvgvX6A= -github.com/pulumi/pulumi/sdk/v3 v3.129.0/go.mod h1:p1U24en3zt51agx+WlNboSOV8eLlPWYAkxMzVEXKbnY= +github.com/pulumi/pulumi/pkg/v3 v3.130.0 h1:lS51XeCnhg72LXkMiw2FP1cGP+Y85wYD3quWhCPD5+M= +github.com/pulumi/pulumi/pkg/v3 v3.130.0/go.mod h1:jhZ1Ug5Rl1qivexgEWvmwSWYIT/jRnKSFhLwwv6PrZ0= +github.com/pulumi/pulumi/sdk/v3 v3.130.0 h1:gGJNd+akPqhZ+vrsZmAjSNJn6kGJkitjjkwrmIQMmn8= +github.com/pulumi/pulumi/sdk/v3 v3.130.0/go.mod h1:p1U24en3zt51agx+WlNboSOV8eLlPWYAkxMzVEXKbnY= github.com/rivo/uniseg v0.1.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= github.com/rivo/uniseg v0.4.4 h1:8TfxU8dW6PdqD27gjM8MVNuicgxIjxpm4K7x4jp8sis= diff --git a/provider/cmd/pulumi-resource-vault/schema.json b/provider/cmd/pulumi-resource-vault/schema.json index 807c32bd7..5977100fe 100644 --- a/provider/cmd/pulumi-resource-vault/schema.json +++ b/provider/cmd/pulumi-resource-vault/schema.json @@ -3247,7 +3247,7 @@ }, "tokenType": { "type": "string", - "description": "Specifies the type of tokens that should be returned by\nthe mount. Valid values are \"default-service\", \"default-batch\", \"service\", \"batch\".\n\n\nFor more details on the usage of each argument consult the [Vault GCP API documentation](https://www.vaultproject.io/api-docs/auth/gcp#configure).\n" + "description": "Specifies the type of tokens that should be returned by\nthe mount. Valid values are \"default-service\", \"default-batch\", \"service\", \"batch\".\n\nFor more details on the usage of each argument consult the [Vault GCP API documentation](https://www.vaultproject.io/api-docs/auth/gcp#configure).\n" } }, "type": "object" @@ -6536,7 +6536,7 @@ }, "identityTokenAudience": { "type": "string", - "description": "The audience claim value. Mutually exclusive with `access_key`. \nRequires Vault 1.17+. *Available only for Vault Enterprise*\n" + "description": "The audience claim value. Mutually exclusive with `access_key`.\nRequires Vault 1.17+. *Available only for Vault Enterprise*\n" }, "identityTokenTtl": { "type": "integer", @@ -6544,7 +6544,7 @@ }, "maxRetries": { "type": "integer", - "description": "Number of max retries the client should use for recoverable errors. \nThe default `-1` falls back to the AWS SDK's default behavior.\n" + "description": "Number of max retries the client should use for recoverable errors.\nThe default `-1` falls back to the AWS SDK's default behavior.\n" }, "namespace": { "type": "string", @@ -6565,11 +6565,11 @@ }, "stsRegion": { "type": "string", - "description": "Override the default region when making STS API \ncalls. The `sts_endpoint` argument must be set when using `sts_region`.\n" + "description": "Override the default region when making STS API\ncalls. The `sts_endpoint` argument must be set when using `sts_region`.\n" }, "useStsRegionFromClient": { "type": "boolean", - "description": "Available in Vault v1.15+. If set, \noverrides both `sts_endpoint` and `sts_region` to instead use the region\nspecified in the client request headers for IAM-based authentication.\nThis can be useful when you have client requests coming from different\nregions and want flexibility in which regional STS API is used.\n" + "description": "Available in Vault v1.15+. If set,\noverrides both `sts_endpoint` and `sts_region` to instead use the region\nspecified in the client request headers for IAM-based authentication.\nThis can be useful when you have client requests coming from different\nregions and want flexibility in which regional STS API is used.\n" } }, "required": [ @@ -6601,7 +6601,7 @@ }, "identityTokenAudience": { "type": "string", - "description": "The audience claim value. Mutually exclusive with `access_key`. \nRequires Vault 1.17+. *Available only for Vault Enterprise*\n" + "description": "The audience claim value. Mutually exclusive with `access_key`.\nRequires Vault 1.17+. *Available only for Vault Enterprise*\n" }, "identityTokenTtl": { "type": "integer", @@ -6609,7 +6609,7 @@ }, "maxRetries": { "type": "integer", - "description": "Number of max retries the client should use for recoverable errors. \nThe default `-1` falls back to the AWS SDK's default behavior.\n" + "description": "Number of max retries the client should use for recoverable errors.\nThe default `-1` falls back to the AWS SDK's default behavior.\n" }, "namespace": { "type": "string", @@ -6631,11 +6631,11 @@ }, "stsRegion": { "type": "string", - "description": "Override the default region when making STS API \ncalls. The `sts_endpoint` argument must be set when using `sts_region`.\n" + "description": "Override the default region when making STS API\ncalls. The `sts_endpoint` argument must be set when using `sts_region`.\n" }, "useStsRegionFromClient": { "type": "boolean", - "description": "Available in Vault v1.15+. If set, \noverrides both `sts_endpoint` and `sts_region` to instead use the region\nspecified in the client request headers for IAM-based authentication.\nThis can be useful when you have client requests coming from different\nregions and want flexibility in which regional STS API is used.\n" + "description": "Available in Vault v1.15+. If set,\noverrides both `sts_endpoint` and `sts_region` to instead use the region\nspecified in the client request headers for IAM-based authentication.\nThis can be useful when you have client requests coming from different\nregions and want flexibility in which regional STS API is used.\n" } }, "stateInputs": { @@ -6665,7 +6665,7 @@ }, "identityTokenAudience": { "type": "string", - "description": "The audience claim value. Mutually exclusive with `access_key`. \nRequires Vault 1.17+. *Available only for Vault Enterprise*\n" + "description": "The audience claim value. Mutually exclusive with `access_key`.\nRequires Vault 1.17+. *Available only for Vault Enterprise*\n" }, "identityTokenTtl": { "type": "integer", @@ -6673,7 +6673,7 @@ }, "maxRetries": { "type": "integer", - "description": "Number of max retries the client should use for recoverable errors. \nThe default `-1` falls back to the AWS SDK's default behavior.\n" + "description": "Number of max retries the client should use for recoverable errors.\nThe default `-1` falls back to the AWS SDK's default behavior.\n" }, "namespace": { "type": "string", @@ -6695,11 +6695,11 @@ }, "stsRegion": { "type": "string", - "description": "Override the default region when making STS API \ncalls. The `sts_endpoint` argument must be set when using `sts_region`.\n" + "description": "Override the default region when making STS API\ncalls. The `sts_endpoint` argument must be set when using `sts_region`.\n" }, "useStsRegionFromClient": { "type": "boolean", - "description": "Available in Vault v1.15+. If set, \noverrides both `sts_endpoint` and `sts_region` to instead use the region\nspecified in the client request headers for IAM-based authentication.\nThis can be useful when you have client requests coming from different\nregions and want flexibility in which regional STS API is used.\n" + "description": "Available in Vault v1.15+. If set,\noverrides both `sts_endpoint` and `sts_region` to instead use the region\nspecified in the client request headers for IAM-based authentication.\nThis can be useful when you have client requests coming from different\nregions and want flexibility in which regional STS API is used.\n" } }, "type": "object" @@ -7604,7 +7604,7 @@ } }, "vault:aws/authBackendRoleTag:AuthBackendRoleTag": { - "description": "Reads role tag information from an AWS auth backend in Vault. \n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```yaml\nresources:\n aws:\n type: vault:AuthBackend\n properties:\n path: '%s'\n type: aws\n role:\n type: vault:aws:AuthBackendRole\n properties:\n backend: ${aws.path}\n role: '%s'\n authType: ec2\n boundAccountId: '123456789012'\n policies:\n - dev\n - prod\n - qa\n - test\n roleTag: VaultRoleTag\n test:\n type: vault:aws:AuthBackendRoleTag\n properties:\n backend: ${aws.path}\n role: ${role.role}\n policies:\n - prod\n - dev\n - test\n maxTtl: 1h\n instanceId: i-1234567\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", + "description": "Reads role tag information from an AWS auth backend in Vault.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```yaml\nresources:\n aws:\n type: vault:AuthBackend\n properties:\n path: '%s'\n type: aws\n role:\n type: vault:aws:AuthBackendRole\n properties:\n backend: ${aws.path}\n role: '%s'\n authType: ec2\n boundAccountId: '123456789012'\n policies:\n - dev\n - prod\n - qa\n - test\n roleTag: VaultRoleTag\n test:\n type: vault:aws:AuthBackendRoleTag\n properties:\n backend: ${aws.path}\n role: ${role.role}\n policies:\n - prod\n - dev\n - test\n maxTtl: 1h\n instanceId: i-1234567\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "allowInstanceMigration": { "type": "boolean", @@ -8156,7 +8156,7 @@ }, "externalId": { "type": "string", - "description": "External ID to set for assume role creds. \nValid only when `credential_type` is set to `assumed_role`.\n" + "description": "External ID to set for assume role creds.\nValid only when `credential_type` is set to `assumed_role`.\n" }, "iamGroups": { "type": "array", @@ -8186,7 +8186,7 @@ }, "permissionsBoundaryArn": { "type": "string", - "description": "The ARN of the AWS Permissions \nBoundary to attach to IAM users created in the role. Valid only when\n`credential_type` is `iam_user`. If not specified, then no permissions boundary\npolicy will be attached.\n" + "description": "The ARN of the AWS Permissions\nBoundary to attach to IAM users created in the role. Valid only when\n`credential_type` is `iam_user`. If not specified, then no permissions boundary\npolicy will be attached.\n" }, "policyArns": { "type": "array", @@ -8215,7 +8215,7 @@ }, "userPath": { "type": "string", - "description": "The path for the user name. Valid only when \n`credential_type` is `iam_user`. Default is `/`.\n" + "description": "The path for the user name. Valid only when\n`credential_type` is `iam_user`. Default is `/`.\n" } }, "required": [ @@ -8241,7 +8241,7 @@ }, "externalId": { "type": "string", - "description": "External ID to set for assume role creds. \nValid only when `credential_type` is set to `assumed_role`.\n" + "description": "External ID to set for assume role creds.\nValid only when `credential_type` is set to `assumed_role`.\n" }, "iamGroups": { "type": "array", @@ -8273,7 +8273,7 @@ }, "permissionsBoundaryArn": { "type": "string", - "description": "The ARN of the AWS Permissions \nBoundary to attach to IAM users created in the role. Valid only when\n`credential_type` is `iam_user`. If not specified, then no permissions boundary\npolicy will be attached.\n" + "description": "The ARN of the AWS Permissions\nBoundary to attach to IAM users created in the role. Valid only when\n`credential_type` is `iam_user`. If not specified, then no permissions boundary\npolicy will be attached.\n" }, "policyArns": { "type": "array", @@ -8303,7 +8303,7 @@ }, "userPath": { "type": "string", - "description": "The path for the user name. Valid only when \n`credential_type` is `iam_user`. Default is `/`.\n" + "description": "The path for the user name. Valid only when\n`credential_type` is `iam_user`. Default is `/`.\n" } }, "requiredInputs": [ @@ -8328,7 +8328,7 @@ }, "externalId": { "type": "string", - "description": "External ID to set for assume role creds. \nValid only when `credential_type` is set to `assumed_role`.\n" + "description": "External ID to set for assume role creds.\nValid only when `credential_type` is set to `assumed_role`.\n" }, "iamGroups": { "type": "array", @@ -8360,7 +8360,7 @@ }, "permissionsBoundaryArn": { "type": "string", - "description": "The ARN of the AWS Permissions \nBoundary to attach to IAM users created in the role. Valid only when\n`credential_type` is `iam_user`. If not specified, then no permissions boundary\npolicy will be attached.\n" + "description": "The ARN of the AWS Permissions\nBoundary to attach to IAM users created in the role. Valid only when\n`credential_type` is `iam_user`. If not specified, then no permissions boundary\npolicy will be attached.\n" }, "policyArns": { "type": "array", @@ -8390,7 +8390,7 @@ }, "userPath": { "type": "string", - "description": "The path for the user name. Valid only when \n`credential_type` is `iam_user`. Default is `/`.\n" + "description": "The path for the user name. Valid only when\n`credential_type` is `iam_user`. Default is `/`.\n" } }, "type": "object" @@ -8941,7 +8941,7 @@ } }, "vault:azure/backend:Backend": { - "description": "## Example Usage\n\n### *Vault-1.9 And Above*\n\nYou can setup the Azure secrets engine with Workload Identity Federation (WIF) for a secret-less configuration:\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst azure = new vault.azure.Backend(\"azure\", {\n subscriptionId: \"11111111-2222-3333-4444-111111111111\",\n tenantId: \"11111111-2222-3333-4444-222222222222\",\n clientId: \"11111111-2222-3333-4444-333333333333\",\n identityTokenAudience: \"\u003cTOKEN_AUDIENCE\u003e\",\n identityTokenTtl: \"\u003cTOKEN_TTL\u003e\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nazure = vault.azure.Backend(\"azure\",\n subscription_id=\"11111111-2222-3333-4444-111111111111\",\n tenant_id=\"11111111-2222-3333-4444-222222222222\",\n client_id=\"11111111-2222-3333-4444-333333333333\",\n identity_token_audience=\"\u003cTOKEN_AUDIENCE\u003e\",\n identity_token_ttl=\"\u003cTOKEN_TTL\u003e\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var azure = new Vault.Azure.Backend(\"azure\", new()\n {\n SubscriptionId = \"11111111-2222-3333-4444-111111111111\",\n TenantId = \"11111111-2222-3333-4444-222222222222\",\n ClientId = \"11111111-2222-3333-4444-333333333333\",\n IdentityTokenAudience = \"\u003cTOKEN_AUDIENCE\u003e\",\n IdentityTokenTtl = \"\u003cTOKEN_TTL\u003e\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/azure\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azure.NewBackend(ctx, \"azure\", \u0026azure.BackendArgs{\n\t\t\tSubscriptionId: pulumi.String(\"11111111-2222-3333-4444-111111111111\"),\n\t\t\tTenantId: pulumi.String(\"11111111-2222-3333-4444-222222222222\"),\n\t\t\tClientId: pulumi.String(\"11111111-2222-3333-4444-333333333333\"),\n\t\t\tIdentityTokenAudience: pulumi.String(\"\u003cTOKEN_AUDIENCE\u003e\"),\n\t\t\tIdentityTokenTtl: pulumi.Int(\"\u003cTOKEN_TTL\u003e\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.azure.Backend;\nimport com.pulumi.vault.azure.BackendArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var azure = new Backend(\"azure\", BackendArgs.builder()\n .subscriptionId(\"11111111-2222-3333-4444-111111111111\")\n .tenantId(\"11111111-2222-3333-4444-222222222222\")\n .clientId(\"11111111-2222-3333-4444-333333333333\")\n .identityTokenAudience(\"\u003cTOKEN_AUDIENCE\u003e\")\n .identityTokenTtl(\"\u003cTOKEN_TTL\u003e\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n azure:\n type: vault:azure:Backend\n properties:\n subscriptionId: 11111111-2222-3333-4444-111111111111\n tenantId: 11111111-2222-3333-4444-222222222222\n clientId: 11111111-2222-3333-4444-333333333333\n identityTokenAudience: \u003cTOKEN_AUDIENCE\u003e\n identityTokenTtl: \u003cTOKEN_TTL\u003e\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst azure = new vault.azure.Backend(\"azure\", {\n useMicrosoftGraphApi: true,\n subscriptionId: \"11111111-2222-3333-4444-111111111111\",\n tenantId: \"11111111-2222-3333-4444-222222222222\",\n clientId: \"11111111-2222-3333-4444-333333333333\",\n clientSecret: \"12345678901234567890\",\n environment: \"AzurePublicCloud\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nazure = vault.azure.Backend(\"azure\",\n use_microsoft_graph_api=True,\n subscription_id=\"11111111-2222-3333-4444-111111111111\",\n tenant_id=\"11111111-2222-3333-4444-222222222222\",\n client_id=\"11111111-2222-3333-4444-333333333333\",\n client_secret=\"12345678901234567890\",\n environment=\"AzurePublicCloud\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var azure = new Vault.Azure.Backend(\"azure\", new()\n {\n UseMicrosoftGraphApi = true,\n SubscriptionId = \"11111111-2222-3333-4444-111111111111\",\n TenantId = \"11111111-2222-3333-4444-222222222222\",\n ClientId = \"11111111-2222-3333-4444-333333333333\",\n ClientSecret = \"12345678901234567890\",\n Environment = \"AzurePublicCloud\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/azure\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azure.NewBackend(ctx, \"azure\", \u0026azure.BackendArgs{\n\t\t\tUseMicrosoftGraphApi: pulumi.Bool(true),\n\t\t\tSubscriptionId: pulumi.String(\"11111111-2222-3333-4444-111111111111\"),\n\t\t\tTenantId: pulumi.String(\"11111111-2222-3333-4444-222222222222\"),\n\t\t\tClientId: pulumi.String(\"11111111-2222-3333-4444-333333333333\"),\n\t\t\tClientSecret: pulumi.String(\"12345678901234567890\"),\n\t\t\tEnvironment: pulumi.String(\"AzurePublicCloud\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.azure.Backend;\nimport com.pulumi.vault.azure.BackendArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var azure = new Backend(\"azure\", BackendArgs.builder()\n .useMicrosoftGraphApi(true)\n .subscriptionId(\"11111111-2222-3333-4444-111111111111\")\n .tenantId(\"11111111-2222-3333-4444-222222222222\")\n .clientId(\"11111111-2222-3333-4444-333333333333\")\n .clientSecret(\"12345678901234567890\")\n .environment(\"AzurePublicCloud\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n azure:\n type: vault:azure:Backend\n properties:\n useMicrosoftGraphApi: true\n subscriptionId: 11111111-2222-3333-4444-111111111111\n tenantId: 11111111-2222-3333-4444-222222222222\n clientId: 11111111-2222-3333-4444-333333333333\n clientSecret: '12345678901234567890'\n environment: AzurePublicCloud\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\n### *Vault-1.8 And Below*\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst azure = new vault.azure.Backend(\"azure\", {\n useMicrosoftGraphApi: false,\n subscriptionId: \"11111111-2222-3333-4444-111111111111\",\n tenantId: \"11111111-2222-3333-4444-222222222222\",\n clientId: \"11111111-2222-3333-4444-333333333333\",\n clientSecret: \"12345678901234567890\",\n environment: \"AzurePublicCloud\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nazure = vault.azure.Backend(\"azure\",\n use_microsoft_graph_api=False,\n subscription_id=\"11111111-2222-3333-4444-111111111111\",\n tenant_id=\"11111111-2222-3333-4444-222222222222\",\n client_id=\"11111111-2222-3333-4444-333333333333\",\n client_secret=\"12345678901234567890\",\n environment=\"AzurePublicCloud\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var azure = new Vault.Azure.Backend(\"azure\", new()\n {\n UseMicrosoftGraphApi = false,\n SubscriptionId = \"11111111-2222-3333-4444-111111111111\",\n TenantId = \"11111111-2222-3333-4444-222222222222\",\n ClientId = \"11111111-2222-3333-4444-333333333333\",\n ClientSecret = \"12345678901234567890\",\n Environment = \"AzurePublicCloud\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/azure\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azure.NewBackend(ctx, \"azure\", \u0026azure.BackendArgs{\n\t\t\tUseMicrosoftGraphApi: pulumi.Bool(false),\n\t\t\tSubscriptionId: pulumi.String(\"11111111-2222-3333-4444-111111111111\"),\n\t\t\tTenantId: pulumi.String(\"11111111-2222-3333-4444-222222222222\"),\n\t\t\tClientId: pulumi.String(\"11111111-2222-3333-4444-333333333333\"),\n\t\t\tClientSecret: pulumi.String(\"12345678901234567890\"),\n\t\t\tEnvironment: pulumi.String(\"AzurePublicCloud\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.azure.Backend;\nimport com.pulumi.vault.azure.BackendArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var azure = new Backend(\"azure\", BackendArgs.builder()\n .useMicrosoftGraphApi(false)\n .subscriptionId(\"11111111-2222-3333-4444-111111111111\")\n .tenantId(\"11111111-2222-3333-4444-222222222222\")\n .clientId(\"11111111-2222-3333-4444-333333333333\")\n .clientSecret(\"12345678901234567890\")\n .environment(\"AzurePublicCloud\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n azure:\n type: vault:azure:Backend\n properties:\n useMicrosoftGraphApi: false\n subscriptionId: 11111111-2222-3333-4444-111111111111\n tenantId: 11111111-2222-3333-4444-222222222222\n clientId: 11111111-2222-3333-4444-333333333333\n clientSecret: '12345678901234567890'\n environment: AzurePublicCloud\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", + "description": "## Example Usage\n\n### vault-1.9 and above\n\nYou can setup the Azure secrets engine with Workload Identity Federation (WIF) for a secret-less configuration:\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst azure = new vault.azure.Backend(\"azure\", {\n subscriptionId: \"11111111-2222-3333-4444-111111111111\",\n tenantId: \"11111111-2222-3333-4444-222222222222\",\n clientId: \"11111111-2222-3333-4444-333333333333\",\n identityTokenAudience: \"\u003cTOKEN_AUDIENCE\u003e\",\n identityTokenTtl: \"\u003cTOKEN_TTL\u003e\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nazure = vault.azure.Backend(\"azure\",\n subscription_id=\"11111111-2222-3333-4444-111111111111\",\n tenant_id=\"11111111-2222-3333-4444-222222222222\",\n client_id=\"11111111-2222-3333-4444-333333333333\",\n identity_token_audience=\"\u003cTOKEN_AUDIENCE\u003e\",\n identity_token_ttl=\"\u003cTOKEN_TTL\u003e\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var azure = new Vault.Azure.Backend(\"azure\", new()\n {\n SubscriptionId = \"11111111-2222-3333-4444-111111111111\",\n TenantId = \"11111111-2222-3333-4444-222222222222\",\n ClientId = \"11111111-2222-3333-4444-333333333333\",\n IdentityTokenAudience = \"\u003cTOKEN_AUDIENCE\u003e\",\n IdentityTokenTtl = \"\u003cTOKEN_TTL\u003e\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/azure\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azure.NewBackend(ctx, \"azure\", \u0026azure.BackendArgs{\n\t\t\tSubscriptionId: pulumi.String(\"11111111-2222-3333-4444-111111111111\"),\n\t\t\tTenantId: pulumi.String(\"11111111-2222-3333-4444-222222222222\"),\n\t\t\tClientId: pulumi.String(\"11111111-2222-3333-4444-333333333333\"),\n\t\t\tIdentityTokenAudience: pulumi.String(\"\u003cTOKEN_AUDIENCE\u003e\"),\n\t\t\tIdentityTokenTtl: pulumi.Int(\"\u003cTOKEN_TTL\u003e\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.azure.Backend;\nimport com.pulumi.vault.azure.BackendArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var azure = new Backend(\"azure\", BackendArgs.builder()\n .subscriptionId(\"11111111-2222-3333-4444-111111111111\")\n .tenantId(\"11111111-2222-3333-4444-222222222222\")\n .clientId(\"11111111-2222-3333-4444-333333333333\")\n .identityTokenAudience(\"\u003cTOKEN_AUDIENCE\u003e\")\n .identityTokenTtl(\"\u003cTOKEN_TTL\u003e\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n azure:\n type: vault:azure:Backend\n properties:\n subscriptionId: 11111111-2222-3333-4444-111111111111\n tenantId: 11111111-2222-3333-4444-222222222222\n clientId: 11111111-2222-3333-4444-333333333333\n identityTokenAudience: \u003cTOKEN_AUDIENCE\u003e\n identityTokenTtl: \u003cTOKEN_TTL\u003e\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst azure = new vault.azure.Backend(\"azure\", {\n useMicrosoftGraphApi: true,\n subscriptionId: \"11111111-2222-3333-4444-111111111111\",\n tenantId: \"11111111-2222-3333-4444-222222222222\",\n clientId: \"11111111-2222-3333-4444-333333333333\",\n clientSecret: \"12345678901234567890\",\n environment: \"AzurePublicCloud\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nazure = vault.azure.Backend(\"azure\",\n use_microsoft_graph_api=True,\n subscription_id=\"11111111-2222-3333-4444-111111111111\",\n tenant_id=\"11111111-2222-3333-4444-222222222222\",\n client_id=\"11111111-2222-3333-4444-333333333333\",\n client_secret=\"12345678901234567890\",\n environment=\"AzurePublicCloud\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var azure = new Vault.Azure.Backend(\"azure\", new()\n {\n UseMicrosoftGraphApi = true,\n SubscriptionId = \"11111111-2222-3333-4444-111111111111\",\n TenantId = \"11111111-2222-3333-4444-222222222222\",\n ClientId = \"11111111-2222-3333-4444-333333333333\",\n ClientSecret = \"12345678901234567890\",\n Environment = \"AzurePublicCloud\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/azure\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azure.NewBackend(ctx, \"azure\", \u0026azure.BackendArgs{\n\t\t\tUseMicrosoftGraphApi: pulumi.Bool(true),\n\t\t\tSubscriptionId: pulumi.String(\"11111111-2222-3333-4444-111111111111\"),\n\t\t\tTenantId: pulumi.String(\"11111111-2222-3333-4444-222222222222\"),\n\t\t\tClientId: pulumi.String(\"11111111-2222-3333-4444-333333333333\"),\n\t\t\tClientSecret: pulumi.String(\"12345678901234567890\"),\n\t\t\tEnvironment: pulumi.String(\"AzurePublicCloud\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.azure.Backend;\nimport com.pulumi.vault.azure.BackendArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var azure = new Backend(\"azure\", BackendArgs.builder()\n .useMicrosoftGraphApi(true)\n .subscriptionId(\"11111111-2222-3333-4444-111111111111\")\n .tenantId(\"11111111-2222-3333-4444-222222222222\")\n .clientId(\"11111111-2222-3333-4444-333333333333\")\n .clientSecret(\"12345678901234567890\")\n .environment(\"AzurePublicCloud\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n azure:\n type: vault:azure:Backend\n properties:\n useMicrosoftGraphApi: true\n subscriptionId: 11111111-2222-3333-4444-111111111111\n tenantId: 11111111-2222-3333-4444-222222222222\n clientId: 11111111-2222-3333-4444-333333333333\n clientSecret: '12345678901234567890'\n environment: AzurePublicCloud\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### vault-1.8 and below\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst azure = new vault.azure.Backend(\"azure\", {\n useMicrosoftGraphApi: false,\n subscriptionId: \"11111111-2222-3333-4444-111111111111\",\n tenantId: \"11111111-2222-3333-4444-222222222222\",\n clientId: \"11111111-2222-3333-4444-333333333333\",\n clientSecret: \"12345678901234567890\",\n environment: \"AzurePublicCloud\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nazure = vault.azure.Backend(\"azure\",\n use_microsoft_graph_api=False,\n subscription_id=\"11111111-2222-3333-4444-111111111111\",\n tenant_id=\"11111111-2222-3333-4444-222222222222\",\n client_id=\"11111111-2222-3333-4444-333333333333\",\n client_secret=\"12345678901234567890\",\n environment=\"AzurePublicCloud\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var azure = new Vault.Azure.Backend(\"azure\", new()\n {\n UseMicrosoftGraphApi = false,\n SubscriptionId = \"11111111-2222-3333-4444-111111111111\",\n TenantId = \"11111111-2222-3333-4444-222222222222\",\n ClientId = \"11111111-2222-3333-4444-333333333333\",\n ClientSecret = \"12345678901234567890\",\n Environment = \"AzurePublicCloud\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/azure\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azure.NewBackend(ctx, \"azure\", \u0026azure.BackendArgs{\n\t\t\tUseMicrosoftGraphApi: pulumi.Bool(false),\n\t\t\tSubscriptionId: pulumi.String(\"11111111-2222-3333-4444-111111111111\"),\n\t\t\tTenantId: pulumi.String(\"11111111-2222-3333-4444-222222222222\"),\n\t\t\tClientId: pulumi.String(\"11111111-2222-3333-4444-333333333333\"),\n\t\t\tClientSecret: pulumi.String(\"12345678901234567890\"),\n\t\t\tEnvironment: pulumi.String(\"AzurePublicCloud\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.azure.Backend;\nimport com.pulumi.vault.azure.BackendArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var azure = new Backend(\"azure\", BackendArgs.builder()\n .useMicrosoftGraphApi(false)\n .subscriptionId(\"11111111-2222-3333-4444-111111111111\")\n .tenantId(\"11111111-2222-3333-4444-222222222222\")\n .clientId(\"11111111-2222-3333-4444-333333333333\")\n .clientSecret(\"12345678901234567890\")\n .environment(\"AzurePublicCloud\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n azure:\n type: vault:azure:Backend\n properties:\n useMicrosoftGraphApi: false\n subscriptionId: 11111111-2222-3333-4444-111111111111\n tenantId: 11111111-2222-3333-4444-222222222222\n clientId: 11111111-2222-3333-4444-333333333333\n clientSecret: '12345678901234567890'\n environment: AzurePublicCloud\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "clientId": { "type": "string", @@ -9477,7 +9477,7 @@ } }, "vault:consul/secretBackend:SecretBackend": { - "description": "## Example Usage\n\n### Creating a standard backend resource:\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst test = new vault.consul.SecretBackend(\"test\", {\n path: \"consul\",\n description: \"Manages the Consul backend\",\n address: \"127.0.0.1:8500\",\n token: \"4240861b-ce3d-8530-115a-521ff070dd29\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ntest = vault.consul.SecretBackend(\"test\",\n path=\"consul\",\n description=\"Manages the Consul backend\",\n address=\"127.0.0.1:8500\",\n token=\"4240861b-ce3d-8530-115a-521ff070dd29\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Vault.Consul.SecretBackend(\"test\", new()\n {\n Path = \"consul\",\n Description = \"Manages the Consul backend\",\n Address = \"127.0.0.1:8500\",\n Token = \"4240861b-ce3d-8530-115a-521ff070dd29\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/consul\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := consul.NewSecretBackend(ctx, \"test\", \u0026consul.SecretBackendArgs{\n\t\t\tPath: pulumi.String(\"consul\"),\n\t\t\tDescription: pulumi.String(\"Manages the Consul backend\"),\n\t\t\tAddress: pulumi.String(\"127.0.0.1:8500\"),\n\t\t\tToken: pulumi.String(\"4240861b-ce3d-8530-115a-521ff070dd29\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.consul.SecretBackend;\nimport com.pulumi.vault.consul.SecretBackendArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new SecretBackend(\"test\", SecretBackendArgs.builder()\n .path(\"consul\")\n .description(\"Manages the Consul backend\")\n .address(\"127.0.0.1:8500\")\n .token(\"4240861b-ce3d-8530-115a-521ff070dd29\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: vault:consul:SecretBackend\n properties:\n path: consul\n description: Manages the Consul backend\n address: 127.0.0.1:8500\n token: 4240861b-ce3d-8530-115a-521ff070dd29\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Creating a backend resource to bootstrap a new Consul instance:\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst test = new vault.consul.SecretBackend(\"test\", {\n path: \"consul\",\n description: \"Bootstrap the Consul backend\",\n address: \"127.0.0.1:8500\",\n bootstrap: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ntest = vault.consul.SecretBackend(\"test\",\n path=\"consul\",\n description=\"Bootstrap the Consul backend\",\n address=\"127.0.0.1:8500\",\n bootstrap=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Vault.Consul.SecretBackend(\"test\", new()\n {\n Path = \"consul\",\n Description = \"Bootstrap the Consul backend\",\n Address = \"127.0.0.1:8500\",\n Bootstrap = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/consul\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := consul.NewSecretBackend(ctx, \"test\", \u0026consul.SecretBackendArgs{\n\t\t\tPath: pulumi.String(\"consul\"),\n\t\t\tDescription: pulumi.String(\"Bootstrap the Consul backend\"),\n\t\t\tAddress: pulumi.String(\"127.0.0.1:8500\"),\n\t\t\tBootstrap: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.consul.SecretBackend;\nimport com.pulumi.vault.consul.SecretBackendArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new SecretBackend(\"test\", SecretBackendArgs.builder()\n .path(\"consul\")\n .description(\"Bootstrap the Consul backend\")\n .address(\"127.0.0.1:8500\")\n .bootstrap(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: vault:consul:SecretBackend\n properties:\n path: consul\n description: Bootstrap the Consul backend\n address: 127.0.0.1:8500\n bootstrap: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nConsul secret backends can be imported using the `path`, e.g.\n\n```sh\n$ pulumi import vault:consul/secretBackend:SecretBackend example consul\n```\n", + "description": "## Example Usage\n\n#### Creating a standard backend resource:\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst test = new vault.consul.SecretBackend(\"test\", {\n path: \"consul\",\n description: \"Manages the Consul backend\",\n address: \"127.0.0.1:8500\",\n token: \"4240861b-ce3d-8530-115a-521ff070dd29\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ntest = vault.consul.SecretBackend(\"test\",\n path=\"consul\",\n description=\"Manages the Consul backend\",\n address=\"127.0.0.1:8500\",\n token=\"4240861b-ce3d-8530-115a-521ff070dd29\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Vault.Consul.SecretBackend(\"test\", new()\n {\n Path = \"consul\",\n Description = \"Manages the Consul backend\",\n Address = \"127.0.0.1:8500\",\n Token = \"4240861b-ce3d-8530-115a-521ff070dd29\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/consul\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := consul.NewSecretBackend(ctx, \"test\", \u0026consul.SecretBackendArgs{\n\t\t\tPath: pulumi.String(\"consul\"),\n\t\t\tDescription: pulumi.String(\"Manages the Consul backend\"),\n\t\t\tAddress: pulumi.String(\"127.0.0.1:8500\"),\n\t\t\tToken: pulumi.String(\"4240861b-ce3d-8530-115a-521ff070dd29\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.consul.SecretBackend;\nimport com.pulumi.vault.consul.SecretBackendArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new SecretBackend(\"test\", SecretBackendArgs.builder()\n .path(\"consul\")\n .description(\"Manages the Consul backend\")\n .address(\"127.0.0.1:8500\")\n .token(\"4240861b-ce3d-8530-115a-521ff070dd29\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: vault:consul:SecretBackend\n properties:\n path: consul\n description: Manages the Consul backend\n address: 127.0.0.1:8500\n token: 4240861b-ce3d-8530-115a-521ff070dd29\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n#### Creating a backend resource to bootstrap a new Consul instance:\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst test = new vault.consul.SecretBackend(\"test\", {\n path: \"consul\",\n description: \"Bootstrap the Consul backend\",\n address: \"127.0.0.1:8500\",\n bootstrap: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ntest = vault.consul.SecretBackend(\"test\",\n path=\"consul\",\n description=\"Bootstrap the Consul backend\",\n address=\"127.0.0.1:8500\",\n bootstrap=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Vault.Consul.SecretBackend(\"test\", new()\n {\n Path = \"consul\",\n Description = \"Bootstrap the Consul backend\",\n Address = \"127.0.0.1:8500\",\n Bootstrap = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/consul\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := consul.NewSecretBackend(ctx, \"test\", \u0026consul.SecretBackendArgs{\n\t\t\tPath: pulumi.String(\"consul\"),\n\t\t\tDescription: pulumi.String(\"Bootstrap the Consul backend\"),\n\t\t\tAddress: pulumi.String(\"127.0.0.1:8500\"),\n\t\t\tBootstrap: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.consul.SecretBackend;\nimport com.pulumi.vault.consul.SecretBackendArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new SecretBackend(\"test\", SecretBackendArgs.builder()\n .path(\"consul\")\n .description(\"Bootstrap the Consul backend\")\n .address(\"127.0.0.1:8500\")\n .bootstrap(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: vault:consul:SecretBackend\n properties:\n path: consul\n description: Bootstrap the Consul backend\n address: 127.0.0.1:8500\n bootstrap: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nConsul secret backends can be imported using the `path`, e.g.\n\n```sh\n$ pulumi import vault:consul/secretBackend:SecretBackend example consul\n```\n", "properties": { "address": { "type": "string", @@ -10678,14 +10678,14 @@ "items": { "$ref": "#/types/vault:database/SecretsMountCassandra:SecretsMountCassandra" }, - "description": "A nested block containing configuration options for Cassandra connections. \n*See Configuration Options for more info*\n" + "description": "A nested block containing configuration options for Cassandra connections.*See Configuration Options for more info*\n" }, "couchbases": { "type": "array", "items": { "$ref": "#/types/vault:database/SecretsMountCouchbase:SecretsMountCouchbase" }, - "description": "A nested block containing configuration options for Couchbase connections. \n*See Configuration Options for more info*\n" + "description": "A nested block containing configuration options for Couchbase connections.*See Configuration Options for more info*\n" }, "defaultLeaseTtlSeconds": { "type": "integer", @@ -10707,7 +10707,7 @@ "items": { "$ref": "#/types/vault:database/SecretsMountElasticsearch:SecretsMountElasticsearch" }, - "description": "A nested block containing configuration options for Elasticsearch connections. \n*See Configuration Options for more info*\n" + "description": "A nested block containing configuration options for Elasticsearch connections.*See Configuration Options for more info*\n" }, "engineCount": { "type": "integer", @@ -10722,7 +10722,7 @@ "items": { "$ref": "#/types/vault:database/SecretsMountHana:SecretsMountHana" }, - "description": "A nested block containing configuration options for SAP HanaDB connections. \n*See Configuration Options for more info*\n" + "description": "A nested block containing configuration options for SAP HanaDB connections.*See Configuration Options for more info*\n" }, "identityTokenKey": { "type": "string", @@ -10733,7 +10733,7 @@ "items": { "$ref": "#/types/vault:database/SecretsMountInfluxdb:SecretsMountInfluxdb" }, - "description": "A nested block containing configuration options for InfluxDB connections. \n*See Configuration Options for more info*\n" + "description": "A nested block containing configuration options for InfluxDB connections.*See Configuration Options for more info*\n" }, "listingVisibility": { "type": "string", @@ -10752,49 +10752,49 @@ "items": { "$ref": "#/types/vault:database/SecretsMountMongodbatla:SecretsMountMongodbatla" }, - "description": "A nested block containing configuration options for MongoDB Atlas connections. \n*See Configuration Options for more info*\n" + "description": "A nested block containing configuration options for MongoDB Atlas connections.*See Configuration Options for more info*\n" }, "mongodbs": { "type": "array", "items": { "$ref": "#/types/vault:database/SecretsMountMongodb:SecretsMountMongodb" }, - "description": "A nested block containing configuration options for MongoDB connections. \n*See Configuration Options for more info*\n" + "description": "A nested block containing configuration options for MongoDB connections.*See Configuration Options for more info*\n" }, "mssqls": { "type": "array", "items": { "$ref": "#/types/vault:database/SecretsMountMssql:SecretsMountMssql" }, - "description": "A nested block containing configuration options for MSSQL connections. \n*See Configuration Options for more info*\n" + "description": "A nested block containing configuration options for MSSQL connections.*See Configuration Options for more info*\n" }, "mysqlAuroras": { "type": "array", "items": { "$ref": "#/types/vault:database/SecretsMountMysqlAurora:SecretsMountMysqlAurora" }, - "description": "A nested block containing configuration options for Aurora MySQL connections. \n*See Configuration Options for more info*\n" + "description": "A nested block containing configuration options for Aurora MySQL connections.*See Configuration Options for more info*\n" }, "mysqlLegacies": { "type": "array", "items": { "$ref": "#/types/vault:database/SecretsMountMysqlLegacy:SecretsMountMysqlLegacy" }, - "description": "A nested block containing configuration options for legacy MySQL connections. \n*See Configuration Options for more info*\n" + "description": "A nested block containing configuration options for legacy MySQL connections.*See Configuration Options for more info*\n" }, "mysqlRds": { "type": "array", "items": { "$ref": "#/types/vault:database/SecretsMountMysqlRd:SecretsMountMysqlRd" }, - "description": "A nested block containing configuration options for RDS MySQL connections. \n*See Configuration Options for more info*\n" + "description": "A nested block containing configuration options for RDS MySQL connections.*See Configuration Options for more info*\n" }, "mysqls": { "type": "array", "items": { "$ref": "#/types/vault:database/SecretsMountMysql:SecretsMountMysql" }, - "description": "A nested block containing configuration options for MySQL connections. \n*See Configuration Options for more info*\n" + "description": "A nested block containing configuration options for MySQL connections.*See Configuration Options for more info*\n" }, "namespace": { "type": "string", @@ -10812,7 +10812,7 @@ "items": { "$ref": "#/types/vault:database/SecretsMountOracle:SecretsMountOracle" }, - "description": "A nested block containing configuration options for Oracle connections. \n*See Configuration Options for more info*\n" + "description": "A nested block containing configuration options for Oracle connections.*See Configuration Options for more info*\n" }, "passthroughRequestHeaders": { "type": "array", @@ -10834,28 +10834,28 @@ "items": { "$ref": "#/types/vault:database/SecretsMountPostgresql:SecretsMountPostgresql" }, - "description": "A nested block containing configuration options for PostgreSQL connections. \n*See Configuration Options for more info*\n" + "description": "A nested block containing configuration options for PostgreSQL connections.*See Configuration Options for more info*\n" }, "redis": { "type": "array", "items": { "$ref": "#/types/vault:database/SecretsMountRedi:SecretsMountRedi" }, - "description": "A nested block containing configuration options for Redis connections. \n*See Configuration Options for more info*\n" + "description": "A nested block containing configuration options for Redis connections.*See Configuration Options for more info*\n" }, "redisElasticaches": { "type": "array", "items": { "$ref": "#/types/vault:database/SecretsMountRedisElasticach:SecretsMountRedisElasticach" }, - "description": "A nested block containing configuration options for Redis ElastiCache connections. \n*See Configuration Options for more info*\n" + "description": "A nested block containing configuration options for Redis ElastiCache connections.*See Configuration Options for more info*\n" }, "redshifts": { "type": "array", "items": { "$ref": "#/types/vault:database/SecretsMountRedshift:SecretsMountRedshift" }, - "description": "A nested block containing configuration options for AWS Redshift connections. \n*See Configuration Options for more info*\n" + "description": "A nested block containing configuration options for AWS Redshift connections.*See Configuration Options for more info*\n" }, "sealWrap": { "type": "boolean", @@ -10866,7 +10866,7 @@ "items": { "$ref": "#/types/vault:database/SecretsMountSnowflake:SecretsMountSnowflake" }, - "description": "A nested block containing configuration options for Snowflake connections. \n*See Configuration Options for more info*\n" + "description": "A nested block containing configuration options for Snowflake connections.*See Configuration Options for more info*\n" } }, "required": [ @@ -10913,14 +10913,14 @@ "items": { "$ref": "#/types/vault:database/SecretsMountCassandra:SecretsMountCassandra" }, - "description": "A nested block containing configuration options for Cassandra connections. \n*See Configuration Options for more info*\n" + "description": "A nested block containing configuration options for Cassandra connections.*See Configuration Options for more info*\n" }, "couchbases": { "type": "array", "items": { "$ref": "#/types/vault:database/SecretsMountCouchbase:SecretsMountCouchbase" }, - "description": "A nested block containing configuration options for Couchbase connections. \n*See Configuration Options for more info*\n" + "description": "A nested block containing configuration options for Couchbase connections.*See Configuration Options for more info*\n" }, "defaultLeaseTtlSeconds": { "type": "integer", @@ -10942,7 +10942,7 @@ "items": { "$ref": "#/types/vault:database/SecretsMountElasticsearch:SecretsMountElasticsearch" }, - "description": "A nested block containing configuration options for Elasticsearch connections. \n*See Configuration Options for more info*\n" + "description": "A nested block containing configuration options for Elasticsearch connections.*See Configuration Options for more info*\n" }, "externalEntropyAccess": { "type": "boolean", @@ -10954,7 +10954,7 @@ "items": { "$ref": "#/types/vault:database/SecretsMountHana:SecretsMountHana" }, - "description": "A nested block containing configuration options for SAP HanaDB connections. \n*See Configuration Options for more info*\n" + "description": "A nested block containing configuration options for SAP HanaDB connections.*See Configuration Options for more info*\n" }, "identityTokenKey": { "type": "string", @@ -10965,7 +10965,7 @@ "items": { "$ref": "#/types/vault:database/SecretsMountInfluxdb:SecretsMountInfluxdb" }, - "description": "A nested block containing configuration options for InfluxDB connections. \n*See Configuration Options for more info*\n" + "description": "A nested block containing configuration options for InfluxDB connections.*See Configuration Options for more info*\n" }, "listingVisibility": { "type": "string", @@ -10985,49 +10985,49 @@ "items": { "$ref": "#/types/vault:database/SecretsMountMongodbatla:SecretsMountMongodbatla" }, - "description": "A nested block containing configuration options for MongoDB Atlas connections. \n*See Configuration Options for more info*\n" + "description": "A nested block containing configuration options for MongoDB Atlas connections.*See Configuration Options for more info*\n" }, "mongodbs": { "type": "array", "items": { "$ref": "#/types/vault:database/SecretsMountMongodb:SecretsMountMongodb" }, - "description": "A nested block containing configuration options for MongoDB connections. \n*See Configuration Options for more info*\n" + "description": "A nested block containing configuration options for MongoDB connections.*See Configuration Options for more info*\n" }, "mssqls": { "type": "array", "items": { "$ref": "#/types/vault:database/SecretsMountMssql:SecretsMountMssql" }, - "description": "A nested block containing configuration options for MSSQL connections. \n*See Configuration Options for more info*\n" + "description": "A nested block containing configuration options for MSSQL connections.*See Configuration Options for more info*\n" }, "mysqlAuroras": { "type": "array", "items": { "$ref": "#/types/vault:database/SecretsMountMysqlAurora:SecretsMountMysqlAurora" }, - "description": "A nested block containing configuration options for Aurora MySQL connections. \n*See Configuration Options for more info*\n" + "description": "A nested block containing configuration options for Aurora MySQL connections.*See Configuration Options for more info*\n" }, "mysqlLegacies": { "type": "array", "items": { "$ref": "#/types/vault:database/SecretsMountMysqlLegacy:SecretsMountMysqlLegacy" }, - "description": "A nested block containing configuration options for legacy MySQL connections. \n*See Configuration Options for more info*\n" + "description": "A nested block containing configuration options for legacy MySQL connections.*See Configuration Options for more info*\n" }, "mysqlRds": { "type": "array", "items": { "$ref": "#/types/vault:database/SecretsMountMysqlRd:SecretsMountMysqlRd" }, - "description": "A nested block containing configuration options for RDS MySQL connections. \n*See Configuration Options for more info*\n" + "description": "A nested block containing configuration options for RDS MySQL connections.*See Configuration Options for more info*\n" }, "mysqls": { "type": "array", "items": { "$ref": "#/types/vault:database/SecretsMountMysql:SecretsMountMysql" }, - "description": "A nested block containing configuration options for MySQL connections. \n*See Configuration Options for more info*\n" + "description": "A nested block containing configuration options for MySQL connections.*See Configuration Options for more info*\n" }, "namespace": { "type": "string", @@ -11046,7 +11046,7 @@ "items": { "$ref": "#/types/vault:database/SecretsMountOracle:SecretsMountOracle" }, - "description": "A nested block containing configuration options for Oracle connections. \n*See Configuration Options for more info*\n" + "description": "A nested block containing configuration options for Oracle connections.*See Configuration Options for more info*\n" }, "passthroughRequestHeaders": { "type": "array", @@ -11068,28 +11068,28 @@ "items": { "$ref": "#/types/vault:database/SecretsMountPostgresql:SecretsMountPostgresql" }, - "description": "A nested block containing configuration options for PostgreSQL connections. \n*See Configuration Options for more info*\n" + "description": "A nested block containing configuration options for PostgreSQL connections.*See Configuration Options for more info*\n" }, "redis": { "type": "array", "items": { "$ref": "#/types/vault:database/SecretsMountRedi:SecretsMountRedi" }, - "description": "A nested block containing configuration options for Redis connections. \n*See Configuration Options for more info*\n" + "description": "A nested block containing configuration options for Redis connections.*See Configuration Options for more info*\n" }, "redisElasticaches": { "type": "array", "items": { "$ref": "#/types/vault:database/SecretsMountRedisElasticach:SecretsMountRedisElasticach" }, - "description": "A nested block containing configuration options for Redis ElastiCache connections. \n*See Configuration Options for more info*\n" + "description": "A nested block containing configuration options for Redis ElastiCache connections.*See Configuration Options for more info*\n" }, "redshifts": { "type": "array", "items": { "$ref": "#/types/vault:database/SecretsMountRedshift:SecretsMountRedshift" }, - "description": "A nested block containing configuration options for AWS Redshift connections. \n*See Configuration Options for more info*\n" + "description": "A nested block containing configuration options for AWS Redshift connections.*See Configuration Options for more info*\n" }, "sealWrap": { "type": "boolean", @@ -11101,7 +11101,7 @@ "items": { "$ref": "#/types/vault:database/SecretsMountSnowflake:SecretsMountSnowflake" }, - "description": "A nested block containing configuration options for Snowflake connections. \n*See Configuration Options for more info*\n" + "description": "A nested block containing configuration options for Snowflake connections.*See Configuration Options for more info*\n" } }, "requiredInputs": [ @@ -11147,14 +11147,14 @@ "items": { "$ref": "#/types/vault:database/SecretsMountCassandra:SecretsMountCassandra" }, - "description": "A nested block containing configuration options for Cassandra connections. \n*See Configuration Options for more info*\n" + "description": "A nested block containing configuration options for Cassandra connections.*See Configuration Options for more info*\n" }, "couchbases": { "type": "array", "items": { "$ref": "#/types/vault:database/SecretsMountCouchbase:SecretsMountCouchbase" }, - "description": "A nested block containing configuration options for Couchbase connections. \n*See Configuration Options for more info*\n" + "description": "A nested block containing configuration options for Couchbase connections.*See Configuration Options for more info*\n" }, "defaultLeaseTtlSeconds": { "type": "integer", @@ -11176,7 +11176,7 @@ "items": { "$ref": "#/types/vault:database/SecretsMountElasticsearch:SecretsMountElasticsearch" }, - "description": "A nested block containing configuration options for Elasticsearch connections. \n*See Configuration Options for more info*\n" + "description": "A nested block containing configuration options for Elasticsearch connections.*See Configuration Options for more info*\n" }, "engineCount": { "type": "integer", @@ -11192,7 +11192,7 @@ "items": { "$ref": "#/types/vault:database/SecretsMountHana:SecretsMountHana" }, - "description": "A nested block containing configuration options for SAP HanaDB connections. \n*See Configuration Options for more info*\n" + "description": "A nested block containing configuration options for SAP HanaDB connections.*See Configuration Options for more info*\n" }, "identityTokenKey": { "type": "string", @@ -11203,7 +11203,7 @@ "items": { "$ref": "#/types/vault:database/SecretsMountInfluxdb:SecretsMountInfluxdb" }, - "description": "A nested block containing configuration options for InfluxDB connections. \n*See Configuration Options for more info*\n" + "description": "A nested block containing configuration options for InfluxDB connections.*See Configuration Options for more info*\n" }, "listingVisibility": { "type": "string", @@ -11223,49 +11223,49 @@ "items": { "$ref": "#/types/vault:database/SecretsMountMongodbatla:SecretsMountMongodbatla" }, - "description": "A nested block containing configuration options for MongoDB Atlas connections. \n*See Configuration Options for more info*\n" + "description": "A nested block containing configuration options for MongoDB Atlas connections.*See Configuration Options for more info*\n" }, "mongodbs": { "type": "array", "items": { "$ref": "#/types/vault:database/SecretsMountMongodb:SecretsMountMongodb" }, - "description": "A nested block containing configuration options for MongoDB connections. \n*See Configuration Options for more info*\n" + "description": "A nested block containing configuration options for MongoDB connections.*See Configuration Options for more info*\n" }, "mssqls": { "type": "array", "items": { "$ref": "#/types/vault:database/SecretsMountMssql:SecretsMountMssql" }, - "description": "A nested block containing configuration options for MSSQL connections. \n*See Configuration Options for more info*\n" + "description": "A nested block containing configuration options for MSSQL connections.*See Configuration Options for more info*\n" }, "mysqlAuroras": { "type": "array", "items": { "$ref": "#/types/vault:database/SecretsMountMysqlAurora:SecretsMountMysqlAurora" }, - "description": "A nested block containing configuration options for Aurora MySQL connections. \n*See Configuration Options for more info*\n" + "description": "A nested block containing configuration options for Aurora MySQL connections.*See Configuration Options for more info*\n" }, "mysqlLegacies": { "type": "array", "items": { "$ref": "#/types/vault:database/SecretsMountMysqlLegacy:SecretsMountMysqlLegacy" }, - "description": "A nested block containing configuration options for legacy MySQL connections. \n*See Configuration Options for more info*\n" + "description": "A nested block containing configuration options for legacy MySQL connections.*See Configuration Options for more info*\n" }, "mysqlRds": { "type": "array", "items": { "$ref": "#/types/vault:database/SecretsMountMysqlRd:SecretsMountMysqlRd" }, - "description": "A nested block containing configuration options for RDS MySQL connections. \n*See Configuration Options for more info*\n" + "description": "A nested block containing configuration options for RDS MySQL connections.*See Configuration Options for more info*\n" }, "mysqls": { "type": "array", "items": { "$ref": "#/types/vault:database/SecretsMountMysql:SecretsMountMysql" }, - "description": "A nested block containing configuration options for MySQL connections. \n*See Configuration Options for more info*\n" + "description": "A nested block containing configuration options for MySQL connections.*See Configuration Options for more info*\n" }, "namespace": { "type": "string", @@ -11284,7 +11284,7 @@ "items": { "$ref": "#/types/vault:database/SecretsMountOracle:SecretsMountOracle" }, - "description": "A nested block containing configuration options for Oracle connections. \n*See Configuration Options for more info*\n" + "description": "A nested block containing configuration options for Oracle connections.*See Configuration Options for more info*\n" }, "passthroughRequestHeaders": { "type": "array", @@ -11306,28 +11306,28 @@ "items": { "$ref": "#/types/vault:database/SecretsMountPostgresql:SecretsMountPostgresql" }, - "description": "A nested block containing configuration options for PostgreSQL connections. \n*See Configuration Options for more info*\n" + "description": "A nested block containing configuration options for PostgreSQL connections.*See Configuration Options for more info*\n" }, "redis": { "type": "array", "items": { "$ref": "#/types/vault:database/SecretsMountRedi:SecretsMountRedi" }, - "description": "A nested block containing configuration options for Redis connections. \n*See Configuration Options for more info*\n" + "description": "A nested block containing configuration options for Redis connections.*See Configuration Options for more info*\n" }, "redisElasticaches": { "type": "array", "items": { "$ref": "#/types/vault:database/SecretsMountRedisElasticach:SecretsMountRedisElasticach" }, - "description": "A nested block containing configuration options for Redis ElastiCache connections. \n*See Configuration Options for more info*\n" + "description": "A nested block containing configuration options for Redis ElastiCache connections.*See Configuration Options for more info*\n" }, "redshifts": { "type": "array", "items": { "$ref": "#/types/vault:database/SecretsMountRedshift:SecretsMountRedshift" }, - "description": "A nested block containing configuration options for AWS Redshift connections. \n*See Configuration Options for more info*\n" + "description": "A nested block containing configuration options for AWS Redshift connections.*See Configuration Options for more info*\n" }, "sealWrap": { "type": "boolean", @@ -11339,7 +11339,7 @@ "items": { "$ref": "#/types/vault:database/SecretsMountSnowflake:SecretsMountSnowflake" }, - "description": "A nested block containing configuration options for Snowflake connections. \n*See Configuration Options for more info*\n" + "description": "A nested block containing configuration options for Snowflake connections.*See Configuration Options for more info*\n" } }, "type": "object" @@ -13821,7 +13821,7 @@ } }, "vault:identity/groupMemberGroupIds:GroupMemberGroupIds": { - "description": "Manages member groups for an Identity Group for Vault. The\n[Identity secrets engine](https://www.vaultproject.io/docs/secrets/identity/index.html)\nis the identity management solution for Vault.\n\n## Example Usage\n\n### Exclusive Member Groups\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst internal = new vault.identity.Group(\"internal\", {\n name: \"internal\",\n type: \"internal\",\n externalMemberGroupIds: true,\n metadata: {\n version: \"2\",\n },\n});\nconst users = new vault.identity.Group(\"users\", {\n name: \"users\",\n metadata: {\n version: \"2\",\n },\n});\nconst members = new vault.identity.GroupMemberGroupIds(\"members\", {\n exclusive: true,\n memberGroupIds: [users.id],\n groupId: internal.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ninternal = vault.identity.Group(\"internal\",\n name=\"internal\",\n type=\"internal\",\n external_member_group_ids=True,\n metadata={\n \"version\": \"2\",\n })\nusers = vault.identity.Group(\"users\",\n name=\"users\",\n metadata={\n \"version\": \"2\",\n })\nmembers = vault.identity.GroupMemberGroupIds(\"members\",\n exclusive=True,\n member_group_ids=[users.id],\n group_id=internal.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @internal = new Vault.Identity.Group(\"internal\", new()\n {\n Name = \"internal\",\n Type = \"internal\",\n ExternalMemberGroupIds = true,\n Metadata = \n {\n { \"version\", \"2\" },\n },\n });\n\n var users = new Vault.Identity.Group(\"users\", new()\n {\n Name = \"users\",\n Metadata = \n {\n { \"version\", \"2\" },\n },\n });\n\n var members = new Vault.Identity.GroupMemberGroupIds(\"members\", new()\n {\n Exclusive = true,\n MemberGroupIds = new[]\n {\n users.Id,\n },\n GroupId = @internal.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinternal, err := identity.NewGroup(ctx, \"internal\", \u0026identity.GroupArgs{\n\t\t\tName: pulumi.String(\"internal\"),\n\t\t\tType: pulumi.String(\"internal\"),\n\t\t\tExternalMemberGroupIds: pulumi.Bool(true),\n\t\t\tMetadata: pulumi.StringMap{\n\t\t\t\t\"version\": pulumi.String(\"2\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tusers, err := identity.NewGroup(ctx, \"users\", \u0026identity.GroupArgs{\n\t\t\tName: pulumi.String(\"users\"),\n\t\t\tMetadata: pulumi.StringMap{\n\t\t\t\t\"version\": pulumi.String(\"2\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = identity.NewGroupMemberGroupIds(ctx, \"members\", \u0026identity.GroupMemberGroupIdsArgs{\n\t\t\tExclusive: pulumi.Bool(true),\n\t\t\tMemberGroupIds: pulumi.StringArray{\n\t\t\t\tusers.ID(),\n\t\t\t},\n\t\t\tGroupId: internal.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.identity.Group;\nimport com.pulumi.vault.identity.GroupArgs;\nimport com.pulumi.vault.identity.GroupMemberGroupIds;\nimport com.pulumi.vault.identity.GroupMemberGroupIdsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var internal = new Group(\"internal\", GroupArgs.builder()\n .name(\"internal\")\n .type(\"internal\")\n .externalMemberGroupIds(true)\n .metadata(Map.of(\"version\", \"2\"))\n .build());\n\n var users = new Group(\"users\", GroupArgs.builder()\n .name(\"users\")\n .metadata(Map.of(\"version\", \"2\"))\n .build());\n\n var members = new GroupMemberGroupIds(\"members\", GroupMemberGroupIdsArgs.builder()\n .exclusive(true)\n .memberGroupIds(users.id())\n .groupId(internal.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n internal:\n type: vault:identity:Group\n properties:\n name: internal\n type: internal\n externalMemberGroupIds: true\n metadata:\n version: '2'\n users:\n type: vault:identity:Group\n properties:\n name: users\n metadata:\n version: '2'\n members:\n type: vault:identity:GroupMemberGroupIds\n properties:\n exclusive: true\n memberGroupIds:\n - ${users.id}\n groupId: ${internal.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Non-Exclusive Member Groups\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst internal = new vault.identity.Group(\"internal\", {\n name: \"internal\",\n type: \"internal\",\n externalMemberGroupIds: true,\n metadata: {\n version: \"2\",\n },\n});\nconst users = new vault.identity.Group(\"users\", {\n name: \"users\",\n metadata: {\n version: \"2\",\n },\n});\nconst members = new vault.identity.GroupMemberGroupIds(\"members\", {\n exclusive: false,\n memberGroupIds: [users.id],\n groupId: internal.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ninternal = vault.identity.Group(\"internal\",\n name=\"internal\",\n type=\"internal\",\n external_member_group_ids=True,\n metadata={\n \"version\": \"2\",\n })\nusers = vault.identity.Group(\"users\",\n name=\"users\",\n metadata={\n \"version\": \"2\",\n })\nmembers = vault.identity.GroupMemberGroupIds(\"members\",\n exclusive=False,\n member_group_ids=[users.id],\n group_id=internal.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @internal = new Vault.Identity.Group(\"internal\", new()\n {\n Name = \"internal\",\n Type = \"internal\",\n ExternalMemberGroupIds = true,\n Metadata = \n {\n { \"version\", \"2\" },\n },\n });\n\n var users = new Vault.Identity.Group(\"users\", new()\n {\n Name = \"users\",\n Metadata = \n {\n { \"version\", \"2\" },\n },\n });\n\n var members = new Vault.Identity.GroupMemberGroupIds(\"members\", new()\n {\n Exclusive = false,\n MemberGroupIds = new[]\n {\n users.Id,\n },\n GroupId = @internal.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinternal, err := identity.NewGroup(ctx, \"internal\", \u0026identity.GroupArgs{\n\t\t\tName: pulumi.String(\"internal\"),\n\t\t\tType: pulumi.String(\"internal\"),\n\t\t\tExternalMemberGroupIds: pulumi.Bool(true),\n\t\t\tMetadata: pulumi.StringMap{\n\t\t\t\t\"version\": pulumi.String(\"2\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tusers, err := identity.NewGroup(ctx, \"users\", \u0026identity.GroupArgs{\n\t\t\tName: pulumi.String(\"users\"),\n\t\t\tMetadata: pulumi.StringMap{\n\t\t\t\t\"version\": pulumi.String(\"2\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = identity.NewGroupMemberGroupIds(ctx, \"members\", \u0026identity.GroupMemberGroupIdsArgs{\n\t\t\tExclusive: pulumi.Bool(false),\n\t\t\tMemberGroupIds: pulumi.StringArray{\n\t\t\t\tusers.ID(),\n\t\t\t},\n\t\t\tGroupId: internal.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.identity.Group;\nimport com.pulumi.vault.identity.GroupArgs;\nimport com.pulumi.vault.identity.GroupMemberGroupIds;\nimport com.pulumi.vault.identity.GroupMemberGroupIdsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var internal = new Group(\"internal\", GroupArgs.builder()\n .name(\"internal\")\n .type(\"internal\")\n .externalMemberGroupIds(true)\n .metadata(Map.of(\"version\", \"2\"))\n .build());\n\n var users = new Group(\"users\", GroupArgs.builder()\n .name(\"users\")\n .metadata(Map.of(\"version\", \"2\"))\n .build());\n\n var members = new GroupMemberGroupIds(\"members\", GroupMemberGroupIdsArgs.builder()\n .exclusive(false)\n .memberGroupIds(users.id())\n .groupId(internal.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n internal:\n type: vault:identity:Group\n properties:\n name: internal\n type: internal\n externalMemberGroupIds: true\n metadata:\n version: '2'\n users:\n type: vault:identity:Group\n properties:\n name: users\n metadata:\n version: '2'\n members:\n type: vault:identity:GroupMemberGroupIds\n properties:\n exclusive: false\n memberGroupIds:\n - ${users.id}\n groupId: ${internal.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", + "description": "layout: \"vault\"\npage_title: \"Vault: vault.identity.GroupMemberGroupIds resource\"\nsidebar_current: \"docs-vault-resource-identity-group-member-group-ids\"\ndescription: |-\nManages member groups for an Identity Group for Vault.\n\u003c!-- yaml: line 6: could not find expected ':' --\u003e\n\n# vault\\_identity\\_group\\_member\\_group\\_ids\n\nManages member groups for an Identity Group for Vault. The\n[Identity secrets engine](https://www.vaultproject.io/docs/secrets/identity/index.html)\nis the identity management solution for Vault.\n\n## Example Usage\n\n### Exclusive Member Groups\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst internal = new vault.identity.Group(\"internal\", {\n name: \"internal\",\n type: \"internal\",\n externalMemberGroupIds: true,\n metadata: {\n version: \"2\",\n },\n});\nconst users = new vault.identity.Group(\"users\", {\n name: \"users\",\n metadata: {\n version: \"2\",\n },\n});\nconst members = new vault.identity.GroupMemberGroupIds(\"members\", {\n exclusive: true,\n memberGroupIds: [users.id],\n groupId: internal.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ninternal = vault.identity.Group(\"internal\",\n name=\"internal\",\n type=\"internal\",\n external_member_group_ids=True,\n metadata={\n \"version\": \"2\",\n })\nusers = vault.identity.Group(\"users\",\n name=\"users\",\n metadata={\n \"version\": \"2\",\n })\nmembers = vault.identity.GroupMemberGroupIds(\"members\",\n exclusive=True,\n member_group_ids=[users.id],\n group_id=internal.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @internal = new Vault.Identity.Group(\"internal\", new()\n {\n Name = \"internal\",\n Type = \"internal\",\n ExternalMemberGroupIds = true,\n Metadata = \n {\n { \"version\", \"2\" },\n },\n });\n\n var users = new Vault.Identity.Group(\"users\", new()\n {\n Name = \"users\",\n Metadata = \n {\n { \"version\", \"2\" },\n },\n });\n\n var members = new Vault.Identity.GroupMemberGroupIds(\"members\", new()\n {\n Exclusive = true,\n MemberGroupIds = new[]\n {\n users.Id,\n },\n GroupId = @internal.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinternal, err := identity.NewGroup(ctx, \"internal\", \u0026identity.GroupArgs{\n\t\t\tName: pulumi.String(\"internal\"),\n\t\t\tType: pulumi.String(\"internal\"),\n\t\t\tExternalMemberGroupIds: pulumi.Bool(true),\n\t\t\tMetadata: pulumi.StringMap{\n\t\t\t\t\"version\": pulumi.String(\"2\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tusers, err := identity.NewGroup(ctx, \"users\", \u0026identity.GroupArgs{\n\t\t\tName: pulumi.String(\"users\"),\n\t\t\tMetadata: pulumi.StringMap{\n\t\t\t\t\"version\": pulumi.String(\"2\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = identity.NewGroupMemberGroupIds(ctx, \"members\", \u0026identity.GroupMemberGroupIdsArgs{\n\t\t\tExclusive: pulumi.Bool(true),\n\t\t\tMemberGroupIds: pulumi.StringArray{\n\t\t\t\tusers.ID(),\n\t\t\t},\n\t\t\tGroupId: internal.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.identity.Group;\nimport com.pulumi.vault.identity.GroupArgs;\nimport com.pulumi.vault.identity.GroupMemberGroupIds;\nimport com.pulumi.vault.identity.GroupMemberGroupIdsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var internal = new Group(\"internal\", GroupArgs.builder()\n .name(\"internal\")\n .type(\"internal\")\n .externalMemberGroupIds(true)\n .metadata(Map.of(\"version\", \"2\"))\n .build());\n\n var users = new Group(\"users\", GroupArgs.builder()\n .name(\"users\")\n .metadata(Map.of(\"version\", \"2\"))\n .build());\n\n var members = new GroupMemberGroupIds(\"members\", GroupMemberGroupIdsArgs.builder()\n .exclusive(true)\n .memberGroupIds(users.id())\n .groupId(internal.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n internal:\n type: vault:identity:Group\n properties:\n name: internal\n type: internal\n externalMemberGroupIds: true\n metadata:\n version: '2'\n users:\n type: vault:identity:Group\n properties:\n name: users\n metadata:\n version: '2'\n members:\n type: vault:identity:GroupMemberGroupIds\n properties:\n exclusive: true\n memberGroupIds:\n - ${users.id}\n groupId: ${internal.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Non-Exclusive Member Groups\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst internal = new vault.identity.Group(\"internal\", {\n name: \"internal\",\n type: \"internal\",\n externalMemberGroupIds: true,\n metadata: {\n version: \"2\",\n },\n});\nconst users = new vault.identity.Group(\"users\", {\n name: \"users\",\n metadata: {\n version: \"2\",\n },\n});\nconst members = new vault.identity.GroupMemberGroupIds(\"members\", {\n exclusive: false,\n memberGroupIds: [users.id],\n groupId: internal.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ninternal = vault.identity.Group(\"internal\",\n name=\"internal\",\n type=\"internal\",\n external_member_group_ids=True,\n metadata={\n \"version\": \"2\",\n })\nusers = vault.identity.Group(\"users\",\n name=\"users\",\n metadata={\n \"version\": \"2\",\n })\nmembers = vault.identity.GroupMemberGroupIds(\"members\",\n exclusive=False,\n member_group_ids=[users.id],\n group_id=internal.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @internal = new Vault.Identity.Group(\"internal\", new()\n {\n Name = \"internal\",\n Type = \"internal\",\n ExternalMemberGroupIds = true,\n Metadata = \n {\n { \"version\", \"2\" },\n },\n });\n\n var users = new Vault.Identity.Group(\"users\", new()\n {\n Name = \"users\",\n Metadata = \n {\n { \"version\", \"2\" },\n },\n });\n\n var members = new Vault.Identity.GroupMemberGroupIds(\"members\", new()\n {\n Exclusive = false,\n MemberGroupIds = new[]\n {\n users.Id,\n },\n GroupId = @internal.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinternal, err := identity.NewGroup(ctx, \"internal\", \u0026identity.GroupArgs{\n\t\t\tName: pulumi.String(\"internal\"),\n\t\t\tType: pulumi.String(\"internal\"),\n\t\t\tExternalMemberGroupIds: pulumi.Bool(true),\n\t\t\tMetadata: pulumi.StringMap{\n\t\t\t\t\"version\": pulumi.String(\"2\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tusers, err := identity.NewGroup(ctx, \"users\", \u0026identity.GroupArgs{\n\t\t\tName: pulumi.String(\"users\"),\n\t\t\tMetadata: pulumi.StringMap{\n\t\t\t\t\"version\": pulumi.String(\"2\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = identity.NewGroupMemberGroupIds(ctx, \"members\", \u0026identity.GroupMemberGroupIdsArgs{\n\t\t\tExclusive: pulumi.Bool(false),\n\t\t\tMemberGroupIds: pulumi.StringArray{\n\t\t\t\tusers.ID(),\n\t\t\t},\n\t\t\tGroupId: internal.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.identity.Group;\nimport com.pulumi.vault.identity.GroupArgs;\nimport com.pulumi.vault.identity.GroupMemberGroupIds;\nimport com.pulumi.vault.identity.GroupMemberGroupIdsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var internal = new Group(\"internal\", GroupArgs.builder()\n .name(\"internal\")\n .type(\"internal\")\n .externalMemberGroupIds(true)\n .metadata(Map.of(\"version\", \"2\"))\n .build());\n\n var users = new Group(\"users\", GroupArgs.builder()\n .name(\"users\")\n .metadata(Map.of(\"version\", \"2\"))\n .build());\n\n var members = new GroupMemberGroupIds(\"members\", GroupMemberGroupIdsArgs.builder()\n .exclusive(false)\n .memberGroupIds(users.id())\n .groupId(internal.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n internal:\n type: vault:identity:Group\n properties:\n name: internal\n type: internal\n externalMemberGroupIds: true\n metadata:\n version: '2'\n users:\n type: vault:identity:Group\n properties:\n name: users\n metadata:\n version: '2'\n members:\n type: vault:identity:GroupMemberGroupIds\n properties:\n exclusive: false\n memberGroupIds:\n - ${users.id}\n groupId: ${internal.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "exclusive": { "type": "boolean", @@ -15029,7 +15029,7 @@ }, "idTokenTtl": { "type": "integer", - "description": "The time-to-live for ID tokens obtained by the client. \nThe value should be less than the `verification_ttl` on the key.\n" + "description": "The time-to-live for ID tokens obtained by the client.\nThe value should be less than the `verification_ttl` on the key.\n" }, "key": { "type": "string", @@ -15048,7 +15048,7 @@ "items": { "type": "string" }, - "description": "Redirection URI values used by the client. \nOne of these values must exactly match the `redirect_uri` parameter value\nused in each authentication request.\n" + "description": "Redirection URI values used by the client.\nOne of these values must exactly match the `redirect_uri` parameter value\nused in each authentication request.\n" } }, "required": [ @@ -15078,7 +15078,7 @@ }, "idTokenTtl": { "type": "integer", - "description": "The time-to-live for ID tokens obtained by the client. \nThe value should be less than the `verification_ttl` on the key.\n" + "description": "The time-to-live for ID tokens obtained by the client.\nThe value should be less than the `verification_ttl` on the key.\n" }, "key": { "type": "string", @@ -15100,7 +15100,7 @@ "items": { "type": "string" }, - "description": "Redirection URI values used by the client. \nOne of these values must exactly match the `redirect_uri` parameter value\nused in each authentication request.\n" + "description": "Redirection URI values used by the client.\nOne of these values must exactly match the `redirect_uri` parameter value\nused in each authentication request.\n" } }, "stateInputs": { @@ -15132,7 +15132,7 @@ }, "idTokenTtl": { "type": "integer", - "description": "The time-to-live for ID tokens obtained by the client. \nThe value should be less than the `verification_ttl` on the key.\n" + "description": "The time-to-live for ID tokens obtained by the client.\nThe value should be less than the `verification_ttl` on the key.\n" }, "key": { "type": "string", @@ -15154,7 +15154,7 @@ "items": { "type": "string" }, - "description": "Redirection URI values used by the client. \nOne of these values must exactly match the `redirect_uri` parameter value\nused in each authentication request.\n" + "description": "Redirection URI values used by the client.\nOne of these values must exactly match the `redirect_uri` parameter value\nused in each authentication request.\n" } }, "type": "object" @@ -15333,7 +15333,7 @@ "items": { "type": "string" }, - "description": "The client IDs that are permitted to use the provider. \nIf empty, no clients are allowed. If `*`, all clients are allowed.\n" + "description": "The client IDs that are permitted to use the provider.\nIf empty, no clients are allowed. If `*`, all clients are allowed.\n" }, "httpsEnabled": { "type": "boolean", @@ -15373,7 +15373,7 @@ "items": { "type": "string" }, - "description": "The client IDs that are permitted to use the provider. \nIf empty, no clients are allowed. If `*`, all clients are allowed.\n" + "description": "The client IDs that are permitted to use the provider.\nIf empty, no clients are allowed. If `*`, all clients are allowed.\n" }, "httpsEnabled": { "type": "boolean", @@ -15409,7 +15409,7 @@ "items": { "type": "string" }, - "description": "The client IDs that are permitted to use the provider. \nIf empty, no clients are allowed. If `*`, all clients are allowed.\n" + "description": "The client IDs that are permitted to use the provider.\nIf empty, no clients are allowed. If `*`, all clients are allowed.\n" }, "httpsEnabled": { "type": "boolean", @@ -15612,7 +15612,7 @@ } }, "vault:index/audit:Audit": { - "description": "## Example Usage\n\n### File Audit Device)\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst test = new vault.Audit(\"test\", {\n type: \"file\",\n options: {\n file_path: \"C:/temp/audit.txt\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ntest = vault.Audit(\"test\",\n type=\"file\",\n options={\n \"file_path\": \"C:/temp/audit.txt\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Vault.Audit(\"test\", new()\n {\n Type = \"file\",\n Options = \n {\n { \"file_path\", \"C:/temp/audit.txt\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v6/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vault.NewAudit(ctx, \"test\", \u0026vault.AuditArgs{\n\t\t\tType: pulumi.String(\"file\"),\n\t\t\tOptions: pulumi.StringMap{\n\t\t\t\t\"file_path\": pulumi.String(\"C:/temp/audit.txt\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Audit;\nimport com.pulumi.vault.AuditArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Audit(\"test\", AuditArgs.builder()\n .type(\"file\")\n .options(Map.of(\"file_path\", \"C:/temp/audit.txt\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: vault:Audit\n properties:\n type: file\n options:\n file_path: C:/temp/audit.txt\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\n### Socket Audit Device)\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst test = new vault.Audit(\"test\", {\n type: \"socket\",\n path: \"app_socket\",\n local: false,\n options: {\n address: \"127.0.0.1:8000\",\n socket_type: \"tcp\",\n description: \"application x socket\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ntest = vault.Audit(\"test\",\n type=\"socket\",\n path=\"app_socket\",\n local=False,\n options={\n \"address\": \"127.0.0.1:8000\",\n \"socket_type\": \"tcp\",\n \"description\": \"application x socket\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Vault.Audit(\"test\", new()\n {\n Type = \"socket\",\n Path = \"app_socket\",\n Local = false,\n Options = \n {\n { \"address\", \"127.0.0.1:8000\" },\n { \"socket_type\", \"tcp\" },\n { \"description\", \"application x socket\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v6/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vault.NewAudit(ctx, \"test\", \u0026vault.AuditArgs{\n\t\t\tType: pulumi.String(\"socket\"),\n\t\t\tPath: pulumi.String(\"app_socket\"),\n\t\t\tLocal: pulumi.Bool(false),\n\t\t\tOptions: pulumi.StringMap{\n\t\t\t\t\"address\": pulumi.String(\"127.0.0.1:8000\"),\n\t\t\t\t\"socket_type\": pulumi.String(\"tcp\"),\n\t\t\t\t\"description\": pulumi.String(\"application x socket\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Audit;\nimport com.pulumi.vault.AuditArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Audit(\"test\", AuditArgs.builder()\n .type(\"socket\")\n .path(\"app_socket\")\n .local(false)\n .options(Map.ofEntries(\n Map.entry(\"address\", \"127.0.0.1:8000\"),\n Map.entry(\"socket_type\", \"tcp\"),\n Map.entry(\"description\", \"application x socket\")\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: vault:Audit\n properties:\n type: socket\n path: app_socket\n local: false\n options:\n address: 127.0.0.1:8000\n socket_type: tcp\n description: application x socket\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nAudit devices can be imported using the `path`, e.g.\n\n```sh\n$ pulumi import vault:index/audit:Audit test syslog\n```\n", + "description": "## Example Usage\n\n### file audit device)\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst test = new vault.Audit(\"test\", {\n type: \"file\",\n options: {\n file_path: \"C:/temp/audit.txt\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ntest = vault.Audit(\"test\",\n type=\"file\",\n options={\n \"file_path\": \"C:/temp/audit.txt\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Vault.Audit(\"test\", new()\n {\n Type = \"file\",\n Options = \n {\n { \"file_path\", \"C:/temp/audit.txt\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v6/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vault.NewAudit(ctx, \"test\", \u0026vault.AuditArgs{\n\t\t\tType: pulumi.String(\"file\"),\n\t\t\tOptions: pulumi.StringMap{\n\t\t\t\t\"file_path\": pulumi.String(\"C:/temp/audit.txt\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Audit;\nimport com.pulumi.vault.AuditArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Audit(\"test\", AuditArgs.builder()\n .type(\"file\")\n .options(Map.of(\"file_path\", \"C:/temp/audit.txt\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: vault:Audit\n properties:\n type: file\n options:\n file_path: C:/temp/audit.txt\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### socket audit device)\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst test = new vault.Audit(\"test\", {\n type: \"socket\",\n path: \"app_socket\",\n local: false,\n options: {\n address: \"127.0.0.1:8000\",\n socket_type: \"tcp\",\n description: \"application x socket\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ntest = vault.Audit(\"test\",\n type=\"socket\",\n path=\"app_socket\",\n local=False,\n options={\n \"address\": \"127.0.0.1:8000\",\n \"socket_type\": \"tcp\",\n \"description\": \"application x socket\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Vault.Audit(\"test\", new()\n {\n Type = \"socket\",\n Path = \"app_socket\",\n Local = false,\n Options = \n {\n { \"address\", \"127.0.0.1:8000\" },\n { \"socket_type\", \"tcp\" },\n { \"description\", \"application x socket\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v6/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vault.NewAudit(ctx, \"test\", \u0026vault.AuditArgs{\n\t\t\tType: pulumi.String(\"socket\"),\n\t\t\tPath: pulumi.String(\"app_socket\"),\n\t\t\tLocal: pulumi.Bool(false),\n\t\t\tOptions: pulumi.StringMap{\n\t\t\t\t\"address\": pulumi.String(\"127.0.0.1:8000\"),\n\t\t\t\t\"socket_type\": pulumi.String(\"tcp\"),\n\t\t\t\t\"description\": pulumi.String(\"application x socket\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Audit;\nimport com.pulumi.vault.AuditArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Audit(\"test\", AuditArgs.builder()\n .type(\"socket\")\n .path(\"app_socket\")\n .local(false)\n .options(Map.ofEntries(\n Map.entry(\"address\", \"127.0.0.1:8000\"),\n Map.entry(\"socket_type\", \"tcp\"),\n Map.entry(\"description\", \"application x socket\")\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: vault:Audit\n properties:\n type: socket\n path: app_socket\n local: false\n options:\n address: 127.0.0.1:8000\n socket_type: tcp\n description: application x socket\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nAudit devices can be imported using the `path`, e.g.\n\n```sh\n$ pulumi import vault:index/audit:Audit test syslog\n```\n", "properties": { "description": { "type": "string", @@ -16355,7 +16355,7 @@ } }, "vault:index/egpPolicy:EgpPolicy": { - "description": "Provides a resource to manage Endpoint Governing Policy (EGP) via [Sentinel](https://www.vaultproject.io/docs/enterprise/sentinel/index.html).\n\n**Note** this feature is available only with Vault Enterprise.\n\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst allow_all = new vault.EgpPolicy(\"allow-all\", {\n name: \"allow-all\",\n paths: [\"*\"],\n enforcementLevel: \"soft-mandatory\",\n policy: `main = rule {\n true\n}\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nallow_all = vault.EgpPolicy(\"allow-all\",\n name=\"allow-all\",\n paths=[\"*\"],\n enforcement_level=\"soft-mandatory\",\n policy=\"\"\"main = rule {\n true\n}\n\"\"\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var allow_all = new Vault.EgpPolicy(\"allow-all\", new()\n {\n Name = \"allow-all\",\n Paths = new[]\n {\n \"*\",\n },\n EnforcementLevel = \"soft-mandatory\",\n Policy = @\"main = rule {\n true\n}\n\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v6/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vault.NewEgpPolicy(ctx, \"allow-all\", \u0026vault.EgpPolicyArgs{\n\t\t\tName: pulumi.String(\"allow-all\"),\n\t\t\tPaths: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"*\"),\n\t\t\t},\n\t\t\tEnforcementLevel: pulumi.String(\"soft-mandatory\"),\n\t\t\tPolicy: pulumi.String(\"main = rule {\\n true\\n}\\n\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.EgpPolicy;\nimport com.pulumi.vault.EgpPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var allow_all = new EgpPolicy(\"allow-all\", EgpPolicyArgs.builder()\n .name(\"allow-all\")\n .paths(\"*\")\n .enforcementLevel(\"soft-mandatory\")\n .policy(\"\"\"\nmain = rule {\n true\n}\n \"\"\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n allow-all:\n type: vault:EgpPolicy\n properties:\n name: allow-all\n paths:\n - '*'\n enforcementLevel: soft-mandatory\n policy: |\n main = rule {\n true\n }\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", + "description": "Provides a resource to manage Endpoint Governing Policy (EGP) via [Sentinel](https://www.vaultproject.io/docs/enterprise/sentinel/index.html).\n\n**Note** this feature is available only with Vault Enterprise.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst allow_all = new vault.EgpPolicy(\"allow-all\", {\n name: \"allow-all\",\n paths: [\"*\"],\n enforcementLevel: \"soft-mandatory\",\n policy: `main = rule {\n true\n}\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nallow_all = vault.EgpPolicy(\"allow-all\",\n name=\"allow-all\",\n paths=[\"*\"],\n enforcement_level=\"soft-mandatory\",\n policy=\"\"\"main = rule {\n true\n}\n\"\"\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var allow_all = new Vault.EgpPolicy(\"allow-all\", new()\n {\n Name = \"allow-all\",\n Paths = new[]\n {\n \"*\",\n },\n EnforcementLevel = \"soft-mandatory\",\n Policy = @\"main = rule {\n true\n}\n\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v6/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vault.NewEgpPolicy(ctx, \"allow-all\", \u0026vault.EgpPolicyArgs{\n\t\t\tName: pulumi.String(\"allow-all\"),\n\t\t\tPaths: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"*\"),\n\t\t\t},\n\t\t\tEnforcementLevel: pulumi.String(\"soft-mandatory\"),\n\t\t\tPolicy: pulumi.String(\"main = rule {\\n true\\n}\\n\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.EgpPolicy;\nimport com.pulumi.vault.EgpPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var allow_all = new EgpPolicy(\"allow-all\", EgpPolicyArgs.builder()\n .name(\"allow-all\")\n .paths(\"*\")\n .enforcementLevel(\"soft-mandatory\")\n .policy(\"\"\"\nmain = rule {\n true\n}\n \"\"\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n allow-all:\n type: vault:EgpPolicy\n properties:\n name: allow-all\n paths:\n - '*'\n enforcementLevel: soft-mandatory\n policy: |\n main = rule {\n true\n }\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "enforcementLevel": { "type": "string", @@ -16591,11 +16591,11 @@ }, "baseUrl": { "type": "string", - "description": "`(string)` - If set, will be used as the base domain for API requests. Examples are `okta.com`, \n`oktapreview.com`, and `okta-emea.com`.\n" + "description": "`(string)` - If set, will be used as the base domain for API requests. Examples are `okta.com`,\n`oktapreview.com`, and `okta-emea.com`.\n" }, "mountAccessor": { "type": "string", - "description": "`(string: \u003crequired\u003e)` - The mount to tie this method to for use in automatic mappings. \nThe mapping will use the Name field of Aliases associated with this mount as the username in the mapping.\n" + "description": "`(string: \u003crequired\u003e)` - The mount to tie this method to for use in automatic mappings.\nThe mapping will use the Name field of Aliases associated with this mount as the username in the mapping.\n" }, "name": { "type": "string", @@ -16611,11 +16611,11 @@ }, "primaryEmail": { "type": "boolean", - "description": "`(string: \u003crequired\u003e)` - If set to true, the username will only match the \nprimary email for the account.\n" + "description": "`(string: \u003crequired\u003e)` - If set to true, the username will only match the\nprimary email for the account.\n" }, "usernameFormat": { "type": "string", - "description": "`(string)` - A format string for mapping Identity names to MFA method names. \nValues to substitute should be placed in `{{}}`. For example, `\"{{alias.name}}@example.com\"`.\nIf blank, the Alias's Name field will be used as-is. Currently-supported mappings:\n- alias.name: The name returned by the mount configured via the `mount_accessor` parameter\n- entity.name: The name configured for the Entity\n- alias.metadata.`\u003ckey\u003e`: The value of the Alias's metadata parameter\n- entity.metadata.`\u003ckey\u003e`: The value of the Entity's metadata parameter\n" + "description": "`(string)` - A format string for mapping Identity names to MFA method names.\nValues to substitute should be placed in `{{}}`. For example, `\"{{alias.name}}@example.com\"`.\nIf blank, the Alias's Name field will be used as-is. Currently-supported mappings:\n- alias.name: The name returned by the mount configured via the `mount_accessor` parameter\n- entity.name: The name configured for the Entity\n- alias.metadata.`\u003ckey\u003e`: The value of the Alias's metadata parameter\n- entity.metadata.`\u003ckey\u003e`: The value of the Entity's metadata parameter\n" } }, "required": [ @@ -16633,12 +16633,12 @@ }, "baseUrl": { "type": "string", - "description": "`(string)` - If set, will be used as the base domain for API requests. Examples are `okta.com`, \n`oktapreview.com`, and `okta-emea.com`.\n", + "description": "`(string)` - If set, will be used as the base domain for API requests. Examples are `okta.com`,\n`oktapreview.com`, and `okta-emea.com`.\n", "willReplaceOnChanges": true }, "mountAccessor": { "type": "string", - "description": "`(string: \u003crequired\u003e)` - The mount to tie this method to for use in automatic mappings. \nThe mapping will use the Name field of Aliases associated with this mount as the username in the mapping.\n", + "description": "`(string: \u003crequired\u003e)` - The mount to tie this method to for use in automatic mappings.\nThe mapping will use the Name field of Aliases associated with this mount as the username in the mapping.\n", "willReplaceOnChanges": true }, "name": { @@ -16658,12 +16658,12 @@ }, "primaryEmail": { "type": "boolean", - "description": "`(string: \u003crequired\u003e)` - If set to true, the username will only match the \nprimary email for the account.\n", + "description": "`(string: \u003crequired\u003e)` - If set to true, the username will only match the\nprimary email for the account.\n", "willReplaceOnChanges": true }, "usernameFormat": { "type": "string", - "description": "`(string)` - A format string for mapping Identity names to MFA method names. \nValues to substitute should be placed in `{{}}`. For example, `\"{{alias.name}}@example.com\"`.\nIf blank, the Alias's Name field will be used as-is. Currently-supported mappings:\n- alias.name: The name returned by the mount configured via the `mount_accessor` parameter\n- entity.name: The name configured for the Entity\n- alias.metadata.`\u003ckey\u003e`: The value of the Alias's metadata parameter\n- entity.metadata.`\u003ckey\u003e`: The value of the Entity's metadata parameter\n", + "description": "`(string)` - A format string for mapping Identity names to MFA method names.\nValues to substitute should be placed in `{{}}`. For example, `\"{{alias.name}}@example.com\"`.\nIf blank, the Alias's Name field will be used as-is. Currently-supported mappings:\n- alias.name: The name returned by the mount configured via the `mount_accessor` parameter\n- entity.name: The name configured for the Entity\n- alias.metadata.`\u003ckey\u003e`: The value of the Alias's metadata parameter\n- entity.metadata.`\u003ckey\u003e`: The value of the Entity's metadata parameter\n", "willReplaceOnChanges": true } }, @@ -16683,12 +16683,12 @@ }, "baseUrl": { "type": "string", - "description": "`(string)` - If set, will be used as the base domain for API requests. Examples are `okta.com`, \n`oktapreview.com`, and `okta-emea.com`.\n", + "description": "`(string)` - If set, will be used as the base domain for API requests. Examples are `okta.com`,\n`oktapreview.com`, and `okta-emea.com`.\n", "willReplaceOnChanges": true }, "mountAccessor": { "type": "string", - "description": "`(string: \u003crequired\u003e)` - The mount to tie this method to for use in automatic mappings. \nThe mapping will use the Name field of Aliases associated with this mount as the username in the mapping.\n", + "description": "`(string: \u003crequired\u003e)` - The mount to tie this method to for use in automatic mappings.\nThe mapping will use the Name field of Aliases associated with this mount as the username in the mapping.\n", "willReplaceOnChanges": true }, "name": { @@ -16708,12 +16708,12 @@ }, "primaryEmail": { "type": "boolean", - "description": "`(string: \u003crequired\u003e)` - If set to true, the username will only match the \nprimary email for the account.\n", + "description": "`(string: \u003crequired\u003e)` - If set to true, the username will only match the\nprimary email for the account.\n", "willReplaceOnChanges": true }, "usernameFormat": { "type": "string", - "description": "`(string)` - A format string for mapping Identity names to MFA method names. \nValues to substitute should be placed in `{{}}`. For example, `\"{{alias.name}}@example.com\"`.\nIf blank, the Alias's Name field will be used as-is. Currently-supported mappings:\n- alias.name: The name returned by the mount configured via the `mount_accessor` parameter\n- entity.name: The name configured for the Entity\n- alias.metadata.`\u003ckey\u003e`: The value of the Alias's metadata parameter\n- entity.metadata.`\u003ckey\u003e`: The value of the Entity's metadata parameter\n", + "description": "`(string)` - A format string for mapping Identity names to MFA method names.\nValues to substitute should be placed in `{{}}`. For example, `\"{{alias.name}}@example.com\"`.\nIf blank, the Alias's Name field will be used as-is. Currently-supported mappings:\n- alias.name: The name returned by the mount configured via the `mount_accessor` parameter\n- entity.name: The name configured for the Entity\n- alias.metadata.`\u003ckey\u003e`: The value of the Alias's metadata parameter\n- entity.metadata.`\u003ckey\u003e`: The value of the Entity's metadata parameter\n", "willReplaceOnChanges": true } }, @@ -16737,7 +16737,7 @@ }, "mountAccessor": { "type": "string", - "description": "`(string: \u003crequired\u003e)` - The mount to tie this method to for use in automatic mappings. \nThe mapping will use the Name field of Aliases associated with this mount as the username in the mapping.\n" + "description": "`(string: \u003crequired\u003e)` - The mount to tie this method to for use in automatic mappings.\nThe mapping will use the Name field of Aliases associated with this mount as the username in the mapping.\n" }, "name": { "type": "string", @@ -16769,7 +16769,7 @@ }, "usernameFormat": { "type": "string", - "description": "`(string)` - A format string for mapping Identity names to MFA method names. \nValues to substitute should be placed in `{{}}`. For example, `\"{{alias.name}}@example.com\"`.\nIf blank, the Alias's Name field will be used as-is. Currently-supported mappings:\n- alias.name: The name returned by the mount configured via the `mount_accessor` parameter\n- entity.name: The name configured for the Entity\n- alias.metadata.`\u003ckey\u003e`: The value of the Alias's metadata parameter\n- entity.metadata.`\u003ckey\u003e`: The value of the Entity's metadata parameter\n" + "description": "`(string)` - A format string for mapping Identity names to MFA method names.\nValues to substitute should be placed in `{{}}`. For example, `\"{{alias.name}}@example.com\"`.\nIf blank, the Alias's Name field will be used as-is. Currently-supported mappings:\n- alias.name: The name returned by the mount configured via the `mount_accessor` parameter\n- entity.name: The name configured for the Entity\n- alias.metadata.`\u003ckey\u003e`: The value of the Alias's metadata parameter\n- entity.metadata.`\u003ckey\u003e`: The value of the Entity's metadata parameter\n" } }, "required": [ @@ -16787,7 +16787,7 @@ "inputProperties": { "mountAccessor": { "type": "string", - "description": "`(string: \u003crequired\u003e)` - The mount to tie this method to for use in automatic mappings. \nThe mapping will use the Name field of Aliases associated with this mount as the username in the mapping.\n", + "description": "`(string: \u003crequired\u003e)` - The mount to tie this method to for use in automatic mappings.\nThe mapping will use the Name field of Aliases associated with this mount as the username in the mapping.\n", "willReplaceOnChanges": true }, "name": { @@ -16807,7 +16807,7 @@ }, "usernameFormat": { "type": "string", - "description": "`(string)` - A format string for mapping Identity names to MFA method names. \nValues to substitute should be placed in `{{}}`. For example, `\"{{alias.name}}@example.com\"`.\nIf blank, the Alias's Name field will be used as-is. Currently-supported mappings:\n- alias.name: The name returned by the mount configured via the `mount_accessor` parameter\n- entity.name: The name configured for the Entity\n- alias.metadata.`\u003ckey\u003e`: The value of the Alias's metadata parameter\n- entity.metadata.`\u003ckey\u003e`: The value of the Entity's metadata parameter\n", + "description": "`(string)` - A format string for mapping Identity names to MFA method names.\nValues to substitute should be placed in `{{}}`. For example, `\"{{alias.name}}@example.com\"`.\nIf blank, the Alias's Name field will be used as-is. Currently-supported mappings:\n- alias.name: The name returned by the mount configured via the `mount_accessor` parameter\n- entity.name: The name configured for the Entity\n- alias.metadata.`\u003ckey\u003e`: The value of the Alias's metadata parameter\n- entity.metadata.`\u003ckey\u003e`: The value of the Entity's metadata parameter\n", "willReplaceOnChanges": true } }, @@ -16832,7 +16832,7 @@ }, "mountAccessor": { "type": "string", - "description": "`(string: \u003crequired\u003e)` - The mount to tie this method to for use in automatic mappings. \nThe mapping will use the Name field of Aliases associated with this mount as the username in the mapping.\n", + "description": "`(string: \u003crequired\u003e)` - The mount to tie this method to for use in automatic mappings.\nThe mapping will use the Name field of Aliases associated with this mount as the username in the mapping.\n", "willReplaceOnChanges": true }, "name": { @@ -16868,7 +16868,7 @@ }, "usernameFormat": { "type": "string", - "description": "`(string)` - A format string for mapping Identity names to MFA method names. \nValues to substitute should be placed in `{{}}`. For example, `\"{{alias.name}}@example.com\"`.\nIf blank, the Alias's Name field will be used as-is. Currently-supported mappings:\n- alias.name: The name returned by the mount configured via the `mount_accessor` parameter\n- entity.name: The name configured for the Entity\n- alias.metadata.`\u003ckey\u003e`: The value of the Alias's metadata parameter\n- entity.metadata.`\u003ckey\u003e`: The value of the Entity's metadata parameter\n", + "description": "`(string)` - A format string for mapping Identity names to MFA method names.\nValues to substitute should be placed in `{{}}`. For example, `\"{{alias.name}}@example.com\"`.\nIf blank, the Alias's Name field will be used as-is. Currently-supported mappings:\n- alias.name: The name returned by the mount configured via the `mount_accessor` parameter\n- entity.name: The name configured for the Entity\n- alias.metadata.`\u003ckey\u003e`: The value of the Alias's metadata parameter\n- entity.metadata.`\u003ckey\u003e`: The value of the Entity's metadata parameter\n", "willReplaceOnChanges": true } }, @@ -17683,7 +17683,7 @@ }, "global": { "type": "boolean", - "description": "Specifies if the generated token should be global. Defaults to \nfalse.\n" + "description": "Specifies if the generated token should be global. Defaults to\nfalse.\n" }, "namespace": { "type": "string", @@ -17694,7 +17694,7 @@ "items": { "type": "string" }, - "description": "List of policies attached to the generated token. This setting is only used \nwhen `type` is 'client'.\n" + "description": "List of policies attached to the generated token. This setting is only used\nwhen `type` is 'client'.\n" }, "role": { "type": "string", @@ -17702,7 +17702,7 @@ }, "type": { "type": "string", - "description": "Specifies the type of token to create when using this role. Valid \nsettings are 'client' and 'management'. Defaults to 'client'.\n" + "description": "Specifies the type of token to create when using this role. Valid\nsettings are 'client' and 'management'. Defaults to 'client'.\n" } }, "required": [ @@ -17720,7 +17720,7 @@ }, "global": { "type": "boolean", - "description": "Specifies if the generated token should be global. Defaults to \nfalse.\n" + "description": "Specifies if the generated token should be global. Defaults to\nfalse.\n" }, "namespace": { "type": "string", @@ -17732,7 +17732,7 @@ "items": { "type": "string" }, - "description": "List of policies attached to the generated token. This setting is only used \nwhen `type` is 'client'.\n" + "description": "List of policies attached to the generated token. This setting is only used\nwhen `type` is 'client'.\n" }, "role": { "type": "string", @@ -17741,7 +17741,7 @@ }, "type": { "type": "string", - "description": "Specifies the type of token to create when using this role. Valid \nsettings are 'client' and 'management'. Defaults to 'client'.\n" + "description": "Specifies the type of token to create when using this role. Valid\nsettings are 'client' and 'management'. Defaults to 'client'.\n" } }, "requiredInputs": [ @@ -17758,7 +17758,7 @@ }, "global": { "type": "boolean", - "description": "Specifies if the generated token should be global. Defaults to \nfalse.\n" + "description": "Specifies if the generated token should be global. Defaults to\nfalse.\n" }, "namespace": { "type": "string", @@ -17770,7 +17770,7 @@ "items": { "type": "string" }, - "description": "List of policies attached to the generated token. This setting is only used \nwhen `type` is 'client'.\n" + "description": "List of policies attached to the generated token. This setting is only used\nwhen `type` is 'client'.\n" }, "role": { "type": "string", @@ -17779,14 +17779,14 @@ }, "type": { "type": "string", - "description": "Specifies the type of token to create when using this role. Valid \nsettings are 'client' and 'management'. Defaults to 'client'.\n" + "description": "Specifies the type of token to create when using this role. Valid\nsettings are 'client' and 'management'. Defaults to 'client'.\n" } }, "type": "object" } }, "vault:index/passwordPolicy:PasswordPolicy": { - "description": "Provides a resource to manage Password Policies \n\n**Note** this feature is available only Vault 1.5+ \n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst alphanumeric = new vault.PasswordPolicy(\"alphanumeric\", {\n name: \"alphanumeric\",\n policy: ` length = 20\n rule \"charset\" {\n charset = \"abcdefghijklmnopqrstuvwxyz0123456789\"\n }\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nalphanumeric = vault.PasswordPolicy(\"alphanumeric\",\n name=\"alphanumeric\",\n policy=\"\"\" length = 20\n rule \"charset\" {\n charset = \"abcdefghijklmnopqrstuvwxyz0123456789\"\n }\n\"\"\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var alphanumeric = new Vault.PasswordPolicy(\"alphanumeric\", new()\n {\n Name = \"alphanumeric\",\n Policy = @\" length = 20\n rule \"\"charset\"\" {\n charset = \"\"abcdefghijklmnopqrstuvwxyz0123456789\"\"\n }\n\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v6/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vault.NewPasswordPolicy(ctx, \"alphanumeric\", \u0026vault.PasswordPolicyArgs{\n\t\t\tName: pulumi.String(\"alphanumeric\"),\n\t\t\tPolicy: pulumi.String(\" length = 20\\n rule \\\"charset\\\" {\\n charset = \\\"abcdefghijklmnopqrstuvwxyz0123456789\\\"\\n }\\n\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.PasswordPolicy;\nimport com.pulumi.vault.PasswordPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var alphanumeric = new PasswordPolicy(\"alphanumeric\", PasswordPolicyArgs.builder()\n .name(\"alphanumeric\")\n .policy(\"\"\"\n length = 20\n rule \"charset\" {\n charset = \"abcdefghijklmnopqrstuvwxyz0123456789\"\n }\n \"\"\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n alphanumeric:\n type: vault:PasswordPolicy\n properties:\n name: alphanumeric\n policy: |2\n length = 20\n rule \"charset\" {\n charset = \"abcdefghijklmnopqrstuvwxyz0123456789\"\n }\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nPassword policies can be imported using the `name`, e.g.\n\n```sh\n$ pulumi import vault:index/passwordPolicy:PasswordPolicy alphanumeric alphanumeric\n```\n", + "description": "Provides a resource to manage Password Policies\n\n**Note** this feature is available only Vault 1.5+\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst alphanumeric = new vault.PasswordPolicy(\"alphanumeric\", {\n name: \"alphanumeric\",\n policy: ` length = 20\n rule \"charset\" {\n charset = \"abcdefghijklmnopqrstuvwxyz0123456789\"\n }\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nalphanumeric = vault.PasswordPolicy(\"alphanumeric\",\n name=\"alphanumeric\",\n policy=\"\"\" length = 20\n rule \"charset\" {\n charset = \"abcdefghijklmnopqrstuvwxyz0123456789\"\n }\n\"\"\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var alphanumeric = new Vault.PasswordPolicy(\"alphanumeric\", new()\n {\n Name = \"alphanumeric\",\n Policy = @\" length = 20\n rule \"\"charset\"\" {\n charset = \"\"abcdefghijklmnopqrstuvwxyz0123456789\"\"\n }\n\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v6/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vault.NewPasswordPolicy(ctx, \"alphanumeric\", \u0026vault.PasswordPolicyArgs{\n\t\t\tName: pulumi.String(\"alphanumeric\"),\n\t\t\tPolicy: pulumi.String(\" length = 20\\n rule \\\"charset\\\" {\\n charset = \\\"abcdefghijklmnopqrstuvwxyz0123456789\\\"\\n }\\n\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.PasswordPolicy;\nimport com.pulumi.vault.PasswordPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var alphanumeric = new PasswordPolicy(\"alphanumeric\", PasswordPolicyArgs.builder()\n .name(\"alphanumeric\")\n .policy(\"\"\"\n length = 20\n rule \"charset\" {\n charset = \"abcdefghijklmnopqrstuvwxyz0123456789\"\n }\n \"\"\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n alphanumeric:\n type: vault:PasswordPolicy\n properties:\n name: alphanumeric\n policy: |2\n length = 20\n rule \"charset\" {\n charset = \"abcdefghijklmnopqrstuvwxyz0123456789\"\n }\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nPassword policies can be imported using the `name`, e.g.\n\n```sh\n$ pulumi import vault:index/passwordPolicy:PasswordPolicy alphanumeric alphanumeric\n```\n", "properties": { "name": { "type": "string", @@ -18142,7 +18142,7 @@ } }, "vault:index/quotaLeaseCount:QuotaLeaseCount": { - "description": "Manage lease count quotas which enforce the number of leases that can be created.\nA lease count quota can be created at the root level or defined on a namespace or mount by\nspecifying a path when creating the quota.\n\nSee [Vault's Documentation](https://www.vaultproject.io/docs/enterprise/lease-count-quotas) for more\ninformation. \n\n**Note** this feature is available only with Vault Enterprise.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst global = new vault.QuotaLeaseCount(\"global\", {\n name: \"global\",\n path: \"\",\n maxLeases: 100,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nglobal_ = vault.QuotaLeaseCount(\"global\",\n name=\"global\",\n path=\"\",\n max_leases=100)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @global = new Vault.QuotaLeaseCount(\"global\", new()\n {\n Name = \"global\",\n Path = \"\",\n MaxLeases = 100,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v6/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vault.NewQuotaLeaseCount(ctx, \"global\", \u0026vault.QuotaLeaseCountArgs{\n\t\t\tName: pulumi.String(\"global\"),\n\t\t\tPath: pulumi.String(\"\"),\n\t\t\tMaxLeases: pulumi.Int(100),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.QuotaLeaseCount;\nimport com.pulumi.vault.QuotaLeaseCountArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var global = new QuotaLeaseCount(\"global\", QuotaLeaseCountArgs.builder()\n .name(\"global\")\n .path(\"\")\n .maxLeases(100)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n global:\n type: vault:QuotaLeaseCount\n properties:\n name: global\n path:\n maxLeases: 100\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nLease count quotas can be imported using their names\n\n```sh\n$ pulumi import vault:index/quotaLeaseCount:QuotaLeaseCount global global\n```\n", + "description": "Manage lease count quotas which enforce the number of leases that can be created.\nA lease count quota can be created at the root level or defined on a namespace or mount by\nspecifying a path when creating the quota.\n\nSee [Vault's Documentation](https://www.vaultproject.io/docs/enterprise/lease-count-quotas) for more\ninformation.\n\n**Note** this feature is available only with Vault Enterprise.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst global = new vault.QuotaLeaseCount(\"global\", {\n name: \"global\",\n path: \"\",\n maxLeases: 100,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nglobal_ = vault.QuotaLeaseCount(\"global\",\n name=\"global\",\n path=\"\",\n max_leases=100)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @global = new Vault.QuotaLeaseCount(\"global\", new()\n {\n Name = \"global\",\n Path = \"\",\n MaxLeases = 100,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v6/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vault.NewQuotaLeaseCount(ctx, \"global\", \u0026vault.QuotaLeaseCountArgs{\n\t\t\tName: pulumi.String(\"global\"),\n\t\t\tPath: pulumi.String(\"\"),\n\t\t\tMaxLeases: pulumi.Int(100),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.QuotaLeaseCount;\nimport com.pulumi.vault.QuotaLeaseCountArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var global = new QuotaLeaseCount(\"global\", QuotaLeaseCountArgs.builder()\n .name(\"global\")\n .path(\"\")\n .maxLeases(100)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n global:\n type: vault:QuotaLeaseCount\n properties:\n name: global\n path:\n maxLeases: 100\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nLease count quotas can be imported using their names\n\n```sh\n$ pulumi import vault:index/quotaLeaseCount:QuotaLeaseCount global global\n```\n", "properties": { "inheritable": { "type": "boolean", @@ -18361,7 +18361,7 @@ } }, "vault:index/raftAutopilot:RaftAutopilot": { - "description": "Autopilot enables automated workflows for managing Raft clusters. The \ncurrent feature set includes 3 main features: Server Stabilization, Dead \nServer Cleanup and State API. **These three features are introduced in \nVault 1.7.**\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst autopilot = new vault.RaftAutopilot(\"autopilot\", {\n cleanupDeadServers: true,\n deadServerLastContactThreshold: \"24h0m0s\",\n lastContactThreshold: \"10s\",\n maxTrailingLogs: 1000,\n minQuorum: 3,\n serverStabilizationTime: \"10s\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nautopilot = vault.RaftAutopilot(\"autopilot\",\n cleanup_dead_servers=True,\n dead_server_last_contact_threshold=\"24h0m0s\",\n last_contact_threshold=\"10s\",\n max_trailing_logs=1000,\n min_quorum=3,\n server_stabilization_time=\"10s\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var autopilot = new Vault.RaftAutopilot(\"autopilot\", new()\n {\n CleanupDeadServers = true,\n DeadServerLastContactThreshold = \"24h0m0s\",\n LastContactThreshold = \"10s\",\n MaxTrailingLogs = 1000,\n MinQuorum = 3,\n ServerStabilizationTime = \"10s\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v6/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vault.NewRaftAutopilot(ctx, \"autopilot\", \u0026vault.RaftAutopilotArgs{\n\t\t\tCleanupDeadServers: pulumi.Bool(true),\n\t\t\tDeadServerLastContactThreshold: pulumi.String(\"24h0m0s\"),\n\t\t\tLastContactThreshold: pulumi.String(\"10s\"),\n\t\t\tMaxTrailingLogs: pulumi.Int(1000),\n\t\t\tMinQuorum: pulumi.Int(3),\n\t\t\tServerStabilizationTime: pulumi.String(\"10s\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.RaftAutopilot;\nimport com.pulumi.vault.RaftAutopilotArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var autopilot = new RaftAutopilot(\"autopilot\", RaftAutopilotArgs.builder()\n .cleanupDeadServers(true)\n .deadServerLastContactThreshold(\"24h0m0s\")\n .lastContactThreshold(\"10s\")\n .maxTrailingLogs(1000)\n .minQuorum(3)\n .serverStabilizationTime(\"10s\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n autopilot:\n type: vault:RaftAutopilot\n properties:\n cleanupDeadServers: true\n deadServerLastContactThreshold: 24h0m0s\n lastContactThreshold: 10s\n maxTrailingLogs: 1000\n minQuorum: 3\n serverStabilizationTime: 10s\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nRaft Autopilot config can be imported using the ID, e.g.\n\n```sh\n$ pulumi import vault:index/raftAutopilot:RaftAutopilot autopilot sys/storage/raft/autopilot/configuration\n```\n", + "description": "Autopilot enables automated workflows for managing Raft clusters. The\ncurrent feature set includes 3 main features: Server Stabilization, Dead\nServer Cleanup and State API. **These three features are introduced in\nVault 1.7.**\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst autopilot = new vault.RaftAutopilot(\"autopilot\", {\n cleanupDeadServers: true,\n deadServerLastContactThreshold: \"24h0m0s\",\n lastContactThreshold: \"10s\",\n maxTrailingLogs: 1000,\n minQuorum: 3,\n serverStabilizationTime: \"10s\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nautopilot = vault.RaftAutopilot(\"autopilot\",\n cleanup_dead_servers=True,\n dead_server_last_contact_threshold=\"24h0m0s\",\n last_contact_threshold=\"10s\",\n max_trailing_logs=1000,\n min_quorum=3,\n server_stabilization_time=\"10s\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var autopilot = new Vault.RaftAutopilot(\"autopilot\", new()\n {\n CleanupDeadServers = true,\n DeadServerLastContactThreshold = \"24h0m0s\",\n LastContactThreshold = \"10s\",\n MaxTrailingLogs = 1000,\n MinQuorum = 3,\n ServerStabilizationTime = \"10s\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v6/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vault.NewRaftAutopilot(ctx, \"autopilot\", \u0026vault.RaftAutopilotArgs{\n\t\t\tCleanupDeadServers: pulumi.Bool(true),\n\t\t\tDeadServerLastContactThreshold: pulumi.String(\"24h0m0s\"),\n\t\t\tLastContactThreshold: pulumi.String(\"10s\"),\n\t\t\tMaxTrailingLogs: pulumi.Int(1000),\n\t\t\tMinQuorum: pulumi.Int(3),\n\t\t\tServerStabilizationTime: pulumi.String(\"10s\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.RaftAutopilot;\nimport com.pulumi.vault.RaftAutopilotArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var autopilot = new RaftAutopilot(\"autopilot\", RaftAutopilotArgs.builder()\n .cleanupDeadServers(true)\n .deadServerLastContactThreshold(\"24h0m0s\")\n .lastContactThreshold(\"10s\")\n .maxTrailingLogs(1000)\n .minQuorum(3)\n .serverStabilizationTime(\"10s\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n autopilot:\n type: vault:RaftAutopilot\n properties:\n cleanupDeadServers: true\n deadServerLastContactThreshold: 24h0m0s\n lastContactThreshold: 10s\n maxTrailingLogs: 1000\n minQuorum: 3\n serverStabilizationTime: 10s\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nRaft Autopilot config can be imported using the ID, e.g.\n\n```sh\n$ pulumi import vault:index/raftAutopilot:RaftAutopilot autopilot sys/storage/raft/autopilot/configuration\n```\n", "properties": { "cleanupDeadServers": { "type": "boolean", @@ -18369,7 +18369,7 @@ }, "deadServerLastContactThreshold": { "type": "string", - "description": "Limit the amount of time a \nserver can go without leader contact before being considered failed. This only takes\neffect when `cleanup_dead_servers` is set.\n" + "description": "Limit the amount of time a\nserver can go without leader contact before being considered failed. This only takes\neffect when `cleanup_dead_servers` is set.\n" }, "disableUpgradeMigration": { "type": "boolean", @@ -18377,15 +18377,15 @@ }, "lastContactThreshold": { "type": "string", - "description": "Limit the amount of time a server can go \nwithout leader contact before being considered unhealthy.\n" + "description": "Limit the amount of time a server can go\nwithout leader contact before being considered unhealthy.\n" }, "maxTrailingLogs": { "type": "integer", - "description": "Maximum number of log entries in the Raft log \nthat a server can be behind its leader before being considered unhealthy.\n" + "description": "Maximum number of log entries in the Raft log\nthat a server can be behind its leader before being considered unhealthy.\n" }, "minQuorum": { "type": "integer", - "description": "Minimum number of servers allowed in a cluster before \nautopilot can prune dead servers. This should at least be 3. Applicable only for\nvoting nodes.\n" + "description": "Minimum number of servers allowed in a cluster before\nautopilot can prune dead servers. This should at least be 3. Applicable only for\nvoting nodes.\n" }, "namespace": { "type": "string", @@ -18393,7 +18393,7 @@ }, "serverStabilizationTime": { "type": "string", - "description": "Minimum amount of time a server must be \nstable in the 'healthy' state before being added to the cluster.\n" + "description": "Minimum amount of time a server must be\nstable in the 'healthy' state before being added to the cluster.\n" } }, "inputProperties": { @@ -18403,7 +18403,7 @@ }, "deadServerLastContactThreshold": { "type": "string", - "description": "Limit the amount of time a \nserver can go without leader contact before being considered failed. This only takes\neffect when `cleanup_dead_servers` is set.\n" + "description": "Limit the amount of time a\nserver can go without leader contact before being considered failed. This only takes\neffect when `cleanup_dead_servers` is set.\n" }, "disableUpgradeMigration": { "type": "boolean", @@ -18411,15 +18411,15 @@ }, "lastContactThreshold": { "type": "string", - "description": "Limit the amount of time a server can go \nwithout leader contact before being considered unhealthy.\n" + "description": "Limit the amount of time a server can go\nwithout leader contact before being considered unhealthy.\n" }, "maxTrailingLogs": { "type": "integer", - "description": "Maximum number of log entries in the Raft log \nthat a server can be behind its leader before being considered unhealthy.\n" + "description": "Maximum number of log entries in the Raft log\nthat a server can be behind its leader before being considered unhealthy.\n" }, "minQuorum": { "type": "integer", - "description": "Minimum number of servers allowed in a cluster before \nautopilot can prune dead servers. This should at least be 3. Applicable only for\nvoting nodes.\n" + "description": "Minimum number of servers allowed in a cluster before\nautopilot can prune dead servers. This should at least be 3. Applicable only for\nvoting nodes.\n" }, "namespace": { "type": "string", @@ -18428,7 +18428,7 @@ }, "serverStabilizationTime": { "type": "string", - "description": "Minimum amount of time a server must be \nstable in the 'healthy' state before being added to the cluster.\n" + "description": "Minimum amount of time a server must be\nstable in the 'healthy' state before being added to the cluster.\n" } }, "stateInputs": { @@ -18440,7 +18440,7 @@ }, "deadServerLastContactThreshold": { "type": "string", - "description": "Limit the amount of time a \nserver can go without leader contact before being considered failed. This only takes\neffect when `cleanup_dead_servers` is set.\n" + "description": "Limit the amount of time a\nserver can go without leader contact before being considered failed. This only takes\neffect when `cleanup_dead_servers` is set.\n" }, "disableUpgradeMigration": { "type": "boolean", @@ -18448,15 +18448,15 @@ }, "lastContactThreshold": { "type": "string", - "description": "Limit the amount of time a server can go \nwithout leader contact before being considered unhealthy.\n" + "description": "Limit the amount of time a server can go\nwithout leader contact before being considered unhealthy.\n" }, "maxTrailingLogs": { "type": "integer", - "description": "Maximum number of log entries in the Raft log \nthat a server can be behind its leader before being considered unhealthy.\n" + "description": "Maximum number of log entries in the Raft log\nthat a server can be behind its leader before being considered unhealthy.\n" }, "minQuorum": { "type": "integer", - "description": "Minimum number of servers allowed in a cluster before \nautopilot can prune dead servers. This should at least be 3. Applicable only for\nvoting nodes.\n" + "description": "Minimum number of servers allowed in a cluster before\nautopilot can prune dead servers. This should at least be 3. Applicable only for\nvoting nodes.\n" }, "namespace": { "type": "string", @@ -18465,14 +18465,14 @@ }, "serverStabilizationTime": { "type": "string", - "description": "Minimum amount of time a server must be \nstable in the 'healthy' state before being added to the cluster.\n" + "description": "Minimum amount of time a server must be\nstable in the 'healthy' state before being added to the cluster.\n" } }, "type": "object" } }, "vault:index/raftSnapshotAgentConfig:RaftSnapshotAgentConfig": { - "description": "## Example Usage\n\n### Local Storage\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst localBackups = new vault.RaftSnapshotAgentConfig(\"local_backups\", {\n name: \"local\",\n intervalSeconds: 86400,\n retain: 7,\n pathPrefix: \"/opt/vault/snapshots/\",\n storageType: \"local\",\n localMaxSpace: 10000000,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nlocal_backups = vault.RaftSnapshotAgentConfig(\"local_backups\",\n name=\"local\",\n interval_seconds=86400,\n retain=7,\n path_prefix=\"/opt/vault/snapshots/\",\n storage_type=\"local\",\n local_max_space=10000000)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var localBackups = new Vault.RaftSnapshotAgentConfig(\"local_backups\", new()\n {\n Name = \"local\",\n IntervalSeconds = 86400,\n Retain = 7,\n PathPrefix = \"/opt/vault/snapshots/\",\n StorageType = \"local\",\n LocalMaxSpace = 10000000,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v6/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vault.NewRaftSnapshotAgentConfig(ctx, \"local_backups\", \u0026vault.RaftSnapshotAgentConfigArgs{\n\t\t\tName: pulumi.String(\"local\"),\n\t\t\tIntervalSeconds: pulumi.Int(86400),\n\t\t\tRetain: pulumi.Int(7),\n\t\t\tPathPrefix: pulumi.String(\"/opt/vault/snapshots/\"),\n\t\t\tStorageType: pulumi.String(\"local\"),\n\t\t\tLocalMaxSpace: pulumi.Int(10000000),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.RaftSnapshotAgentConfig;\nimport com.pulumi.vault.RaftSnapshotAgentConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var localBackups = new RaftSnapshotAgentConfig(\"localBackups\", RaftSnapshotAgentConfigArgs.builder()\n .name(\"local\")\n .intervalSeconds(86400)\n .retain(7)\n .pathPrefix(\"/opt/vault/snapshots/\")\n .storageType(\"local\")\n .localMaxSpace(10000000)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n localBackups:\n type: vault:RaftSnapshotAgentConfig\n name: local_backups\n properties:\n name: local\n intervalSeconds: 86400 # 24h\n retain: 7\n pathPrefix: /opt/vault/snapshots/\n storageType: local\n localMaxSpace: 1e+07\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### AWS S3\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as vault from \"@pulumi/vault\";\n\nconst config = new pulumi.Config();\nconst awsAccessKeyId = config.requireObject(\"awsAccessKeyId\");\nconst awsSecretAccessKey = config.requireObject(\"awsSecretAccessKey\");\nconst current = aws.getRegion({});\nconst s3Backups = new vault.RaftSnapshotAgentConfig(\"s3_backups\", {\n name: \"s3\",\n intervalSeconds: 86400,\n retain: 7,\n pathPrefix: \"/path/in/bucket\",\n storageType: \"aws-s3\",\n awsS3Bucket: \"my-bucket\",\n awsS3Region: current.then(current =\u003e current.name),\n awsAccessKeyId: awsAccessKeyId,\n awsSecretAccessKey: awsSecretAccessKey,\n awsS3EnableKms: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_vault as vault\n\nconfig = pulumi.Config()\naws_access_key_id = config.require_object(\"awsAccessKeyId\")\naws_secret_access_key = config.require_object(\"awsSecretAccessKey\")\ncurrent = aws.get_region()\ns3_backups = vault.RaftSnapshotAgentConfig(\"s3_backups\",\n name=\"s3\",\n interval_seconds=86400,\n retain=7,\n path_prefix=\"/path/in/bucket\",\n storage_type=\"aws-s3\",\n aws_s3_bucket=\"my-bucket\",\n aws_s3_region=current.name,\n aws_access_key_id=aws_access_key_id,\n aws_secret_access_key=aws_secret_access_key,\n aws_s3_enable_kms=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var awsAccessKeyId = config.RequireObject\u003cdynamic\u003e(\"awsAccessKeyId\");\n var awsSecretAccessKey = config.RequireObject\u003cdynamic\u003e(\"awsSecretAccessKey\");\n var current = Aws.GetRegion.Invoke();\n\n var s3Backups = new Vault.RaftSnapshotAgentConfig(\"s3_backups\", new()\n {\n Name = \"s3\",\n IntervalSeconds = 86400,\n Retain = 7,\n PathPrefix = \"/path/in/bucket\",\n StorageType = \"aws-s3\",\n AwsS3Bucket = \"my-bucket\",\n AwsS3Region = current.Apply(getRegionResult =\u003e getRegionResult.Name),\n AwsAccessKeyId = awsAccessKeyId,\n AwsSecretAccessKey = awsSecretAccessKey,\n AwsS3EnableKms = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v5/go/aws\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v6/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcfg := config.New(ctx, \"\")\n\t\tawsAccessKeyId := cfg.RequireObject(\"awsAccessKeyId\")\n\t\tawsSecretAccessKey := cfg.RequireObject(\"awsSecretAccessKey\")\n\t\tcurrent, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = vault.NewRaftSnapshotAgentConfig(ctx, \"s3_backups\", \u0026vault.RaftSnapshotAgentConfigArgs{\n\t\t\tName: pulumi.String(\"s3\"),\n\t\t\tIntervalSeconds: pulumi.Int(86400),\n\t\t\tRetain: pulumi.Int(7),\n\t\t\tPathPrefix: pulumi.String(\"/path/in/bucket\"),\n\t\t\tStorageType: pulumi.String(\"aws-s3\"),\n\t\t\tAwsS3Bucket: pulumi.String(\"my-bucket\"),\n\t\t\tAwsS3Region: pulumi.String(current.Name),\n\t\t\tAwsAccessKeyId: pulumi.Any(awsAccessKeyId),\n\t\t\tAwsSecretAccessKey: pulumi.Any(awsSecretAccessKey),\n\t\t\tAwsS3EnableKms: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.vault.RaftSnapshotAgentConfig;\nimport com.pulumi.vault.RaftSnapshotAgentConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var awsAccessKeyId = config.get(\"awsAccessKeyId\");\n final var awsSecretAccessKey = config.get(\"awsSecretAccessKey\");\n final var current = AwsFunctions.getRegion();\n\n var s3Backups = new RaftSnapshotAgentConfig(\"s3Backups\", RaftSnapshotAgentConfigArgs.builder()\n .name(\"s3\")\n .intervalSeconds(86400)\n .retain(7)\n .pathPrefix(\"/path/in/bucket\")\n .storageType(\"aws-s3\")\n .awsS3Bucket(\"my-bucket\")\n .awsS3Region(current.applyValue(getRegionResult -\u003e getRegionResult.name()))\n .awsAccessKeyId(awsAccessKeyId)\n .awsSecretAccessKey(awsSecretAccessKey)\n .awsS3EnableKms(true)\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n awsAccessKeyId:\n type: dynamic\n awsSecretAccessKey:\n type: dynamic\nresources:\n s3Backups:\n type: vault:RaftSnapshotAgentConfig\n name: s3_backups\n properties:\n name: s3\n intervalSeconds: 86400 # 24h\n retain: 7\n pathPrefix: /path/in/bucket\n storageType: aws-s3\n awsS3Bucket: my-bucket\n awsS3Region: ${current.name}\n awsAccessKeyId: ${awsAccessKeyId}\n awsSecretAccessKey: ${awsSecretAccessKey}\n awsS3EnableKms: true\nvariables:\n current:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Azure BLOB\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst config = new pulumi.Config();\nconst azureAccountName = config.requireObject(\"azureAccountName\");\nconst azureAccountKey = config.requireObject(\"azureAccountKey\");\nconst azureBackups = new vault.RaftSnapshotAgentConfig(\"azure_backups\", {\n name: \"azure_backup\",\n intervalSeconds: 86400,\n retain: 7,\n pathPrefix: \"/\",\n storageType: \"azure-blob\",\n azureContainerName: \"vault-blob\",\n azureAccountName: azureAccountName,\n azureAccountKey: azureAccountKey,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nconfig = pulumi.Config()\nazure_account_name = config.require_object(\"azureAccountName\")\nazure_account_key = config.require_object(\"azureAccountKey\")\nazure_backups = vault.RaftSnapshotAgentConfig(\"azure_backups\",\n name=\"azure_backup\",\n interval_seconds=86400,\n retain=7,\n path_prefix=\"/\",\n storage_type=\"azure-blob\",\n azure_container_name=\"vault-blob\",\n azure_account_name=azure_account_name,\n azure_account_key=azure_account_key)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var azureAccountName = config.RequireObject\u003cdynamic\u003e(\"azureAccountName\");\n var azureAccountKey = config.RequireObject\u003cdynamic\u003e(\"azureAccountKey\");\n var azureBackups = new Vault.RaftSnapshotAgentConfig(\"azure_backups\", new()\n {\n Name = \"azure_backup\",\n IntervalSeconds = 86400,\n Retain = 7,\n PathPrefix = \"/\",\n StorageType = \"azure-blob\",\n AzureContainerName = \"vault-blob\",\n AzureAccountName = azureAccountName,\n AzureAccountKey = azureAccountKey,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v6/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcfg := config.New(ctx, \"\")\n\t\tazureAccountName := cfg.RequireObject(\"azureAccountName\")\n\t\tazureAccountKey := cfg.RequireObject(\"azureAccountKey\")\n\t\t_, err := vault.NewRaftSnapshotAgentConfig(ctx, \"azure_backups\", \u0026vault.RaftSnapshotAgentConfigArgs{\n\t\t\tName: pulumi.String(\"azure_backup\"),\n\t\t\tIntervalSeconds: pulumi.Int(86400),\n\t\t\tRetain: pulumi.Int(7),\n\t\t\tPathPrefix: pulumi.String(\"/\"),\n\t\t\tStorageType: pulumi.String(\"azure-blob\"),\n\t\t\tAzureContainerName: pulumi.String(\"vault-blob\"),\n\t\t\tAzureAccountName: pulumi.Any(azureAccountName),\n\t\t\tAzureAccountKey: pulumi.Any(azureAccountKey),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.RaftSnapshotAgentConfig;\nimport com.pulumi.vault.RaftSnapshotAgentConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var azureAccountName = config.get(\"azureAccountName\");\n final var azureAccountKey = config.get(\"azureAccountKey\");\n var azureBackups = new RaftSnapshotAgentConfig(\"azureBackups\", RaftSnapshotAgentConfigArgs.builder()\n .name(\"azure_backup\")\n .intervalSeconds(86400)\n .retain(7)\n .pathPrefix(\"/\")\n .storageType(\"azure-blob\")\n .azureContainerName(\"vault-blob\")\n .azureAccountName(azureAccountName)\n .azureAccountKey(azureAccountKey)\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n azureAccountName:\n type: dynamic\n azureAccountKey:\n type: dynamic\nresources:\n azureBackups:\n type: vault:RaftSnapshotAgentConfig\n name: azure_backups\n properties:\n name: azure_backup\n intervalSeconds: 86400 # 24h\n retain: 7\n pathPrefix: /\n storageType: azure-blob\n azureContainerName: vault-blob\n azureAccountName: ${azureAccountName}\n azureAccountKey: ${azureAccountKey}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nRaft Snapshot Agent Configurations can be imported using the `name`, e.g.\n\n```sh\n$ pulumi import vault:index/raftSnapshotAgentConfig:RaftSnapshotAgentConfig local local\n```\n", + "description": "## Example Usage\n\n#### Local Storage\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst localBackups = new vault.RaftSnapshotAgentConfig(\"local_backups\", {\n name: \"local\",\n intervalSeconds: 86400,\n retain: 7,\n pathPrefix: \"/opt/vault/snapshots/\",\n storageType: \"local\",\n localMaxSpace: 10000000,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nlocal_backups = vault.RaftSnapshotAgentConfig(\"local_backups\",\n name=\"local\",\n interval_seconds=86400,\n retain=7,\n path_prefix=\"/opt/vault/snapshots/\",\n storage_type=\"local\",\n local_max_space=10000000)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var localBackups = new Vault.RaftSnapshotAgentConfig(\"local_backups\", new()\n {\n Name = \"local\",\n IntervalSeconds = 86400,\n Retain = 7,\n PathPrefix = \"/opt/vault/snapshots/\",\n StorageType = \"local\",\n LocalMaxSpace = 10000000,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v6/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vault.NewRaftSnapshotAgentConfig(ctx, \"local_backups\", \u0026vault.RaftSnapshotAgentConfigArgs{\n\t\t\tName: pulumi.String(\"local\"),\n\t\t\tIntervalSeconds: pulumi.Int(86400),\n\t\t\tRetain: pulumi.Int(7),\n\t\t\tPathPrefix: pulumi.String(\"/opt/vault/snapshots/\"),\n\t\t\tStorageType: pulumi.String(\"local\"),\n\t\t\tLocalMaxSpace: pulumi.Int(10000000),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.RaftSnapshotAgentConfig;\nimport com.pulumi.vault.RaftSnapshotAgentConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var localBackups = new RaftSnapshotAgentConfig(\"localBackups\", RaftSnapshotAgentConfigArgs.builder()\n .name(\"local\")\n .intervalSeconds(86400)\n .retain(7)\n .pathPrefix(\"/opt/vault/snapshots/\")\n .storageType(\"local\")\n .localMaxSpace(10000000)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n localBackups:\n type: vault:RaftSnapshotAgentConfig\n name: local_backups\n properties:\n name: local\n intervalSeconds: 86400 # 24h\n retain: 7\n pathPrefix: /opt/vault/snapshots/\n storageType: local\n localMaxSpace: 1e+07\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n#### AWS S3\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as vault from \"@pulumi/vault\";\n\nconst config = new pulumi.Config();\nconst awsAccessKeyId = config.requireObject(\"awsAccessKeyId\");\nconst awsSecretAccessKey = config.requireObject(\"awsSecretAccessKey\");\nconst current = aws.getRegion({});\nconst s3Backups = new vault.RaftSnapshotAgentConfig(\"s3_backups\", {\n name: \"s3\",\n intervalSeconds: 86400,\n retain: 7,\n pathPrefix: \"/path/in/bucket\",\n storageType: \"aws-s3\",\n awsS3Bucket: \"my-bucket\",\n awsS3Region: current.then(current =\u003e current.name),\n awsAccessKeyId: awsAccessKeyId,\n awsSecretAccessKey: awsSecretAccessKey,\n awsS3EnableKms: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_vault as vault\n\nconfig = pulumi.Config()\naws_access_key_id = config.require_object(\"awsAccessKeyId\")\naws_secret_access_key = config.require_object(\"awsSecretAccessKey\")\ncurrent = aws.get_region()\ns3_backups = vault.RaftSnapshotAgentConfig(\"s3_backups\",\n name=\"s3\",\n interval_seconds=86400,\n retain=7,\n path_prefix=\"/path/in/bucket\",\n storage_type=\"aws-s3\",\n aws_s3_bucket=\"my-bucket\",\n aws_s3_region=current.name,\n aws_access_key_id=aws_access_key_id,\n aws_secret_access_key=aws_secret_access_key,\n aws_s3_enable_kms=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var awsAccessKeyId = config.RequireObject\u003cdynamic\u003e(\"awsAccessKeyId\");\n var awsSecretAccessKey = config.RequireObject\u003cdynamic\u003e(\"awsSecretAccessKey\");\n var current = Aws.GetRegion.Invoke();\n\n var s3Backups = new Vault.RaftSnapshotAgentConfig(\"s3_backups\", new()\n {\n Name = \"s3\",\n IntervalSeconds = 86400,\n Retain = 7,\n PathPrefix = \"/path/in/bucket\",\n StorageType = \"aws-s3\",\n AwsS3Bucket = \"my-bucket\",\n AwsS3Region = current.Apply(getRegionResult =\u003e getRegionResult.Name),\n AwsAccessKeyId = awsAccessKeyId,\n AwsSecretAccessKey = awsSecretAccessKey,\n AwsS3EnableKms = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v5/go/aws\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v6/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcfg := config.New(ctx, \"\")\n\t\tawsAccessKeyId := cfg.RequireObject(\"awsAccessKeyId\")\n\t\tawsSecretAccessKey := cfg.RequireObject(\"awsSecretAccessKey\")\n\t\tcurrent, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = vault.NewRaftSnapshotAgentConfig(ctx, \"s3_backups\", \u0026vault.RaftSnapshotAgentConfigArgs{\n\t\t\tName: pulumi.String(\"s3\"),\n\t\t\tIntervalSeconds: pulumi.Int(86400),\n\t\t\tRetain: pulumi.Int(7),\n\t\t\tPathPrefix: pulumi.String(\"/path/in/bucket\"),\n\t\t\tStorageType: pulumi.String(\"aws-s3\"),\n\t\t\tAwsS3Bucket: pulumi.String(\"my-bucket\"),\n\t\t\tAwsS3Region: pulumi.String(current.Name),\n\t\t\tAwsAccessKeyId: pulumi.Any(awsAccessKeyId),\n\t\t\tAwsSecretAccessKey: pulumi.Any(awsSecretAccessKey),\n\t\t\tAwsS3EnableKms: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.vault.RaftSnapshotAgentConfig;\nimport com.pulumi.vault.RaftSnapshotAgentConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var awsAccessKeyId = config.get(\"awsAccessKeyId\");\n final var awsSecretAccessKey = config.get(\"awsSecretAccessKey\");\n final var current = AwsFunctions.getRegion();\n\n var s3Backups = new RaftSnapshotAgentConfig(\"s3Backups\", RaftSnapshotAgentConfigArgs.builder()\n .name(\"s3\")\n .intervalSeconds(86400)\n .retain(7)\n .pathPrefix(\"/path/in/bucket\")\n .storageType(\"aws-s3\")\n .awsS3Bucket(\"my-bucket\")\n .awsS3Region(current.applyValue(getRegionResult -\u003e getRegionResult.name()))\n .awsAccessKeyId(awsAccessKeyId)\n .awsSecretAccessKey(awsSecretAccessKey)\n .awsS3EnableKms(true)\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n awsAccessKeyId:\n type: dynamic\n awsSecretAccessKey:\n type: dynamic\nresources:\n s3Backups:\n type: vault:RaftSnapshotAgentConfig\n name: s3_backups\n properties:\n name: s3\n intervalSeconds: 86400 # 24h\n retain: 7\n pathPrefix: /path/in/bucket\n storageType: aws-s3\n awsS3Bucket: my-bucket\n awsS3Region: ${current.name}\n awsAccessKeyId: ${awsAccessKeyId}\n awsSecretAccessKey: ${awsSecretAccessKey}\n awsS3EnableKms: true\nvariables:\n current:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n#### Azure BLOB\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst config = new pulumi.Config();\nconst azureAccountName = config.requireObject(\"azureAccountName\");\nconst azureAccountKey = config.requireObject(\"azureAccountKey\");\nconst azureBackups = new vault.RaftSnapshotAgentConfig(\"azure_backups\", {\n name: \"azure_backup\",\n intervalSeconds: 86400,\n retain: 7,\n pathPrefix: \"/\",\n storageType: \"azure-blob\",\n azureContainerName: \"vault-blob\",\n azureAccountName: azureAccountName,\n azureAccountKey: azureAccountKey,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nconfig = pulumi.Config()\nazure_account_name = config.require_object(\"azureAccountName\")\nazure_account_key = config.require_object(\"azureAccountKey\")\nazure_backups = vault.RaftSnapshotAgentConfig(\"azure_backups\",\n name=\"azure_backup\",\n interval_seconds=86400,\n retain=7,\n path_prefix=\"/\",\n storage_type=\"azure-blob\",\n azure_container_name=\"vault-blob\",\n azure_account_name=azure_account_name,\n azure_account_key=azure_account_key)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var azureAccountName = config.RequireObject\u003cdynamic\u003e(\"azureAccountName\");\n var azureAccountKey = config.RequireObject\u003cdynamic\u003e(\"azureAccountKey\");\n var azureBackups = new Vault.RaftSnapshotAgentConfig(\"azure_backups\", new()\n {\n Name = \"azure_backup\",\n IntervalSeconds = 86400,\n Retain = 7,\n PathPrefix = \"/\",\n StorageType = \"azure-blob\",\n AzureContainerName = \"vault-blob\",\n AzureAccountName = azureAccountName,\n AzureAccountKey = azureAccountKey,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v6/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcfg := config.New(ctx, \"\")\n\t\tazureAccountName := cfg.RequireObject(\"azureAccountName\")\n\t\tazureAccountKey := cfg.RequireObject(\"azureAccountKey\")\n\t\t_, err := vault.NewRaftSnapshotAgentConfig(ctx, \"azure_backups\", \u0026vault.RaftSnapshotAgentConfigArgs{\n\t\t\tName: pulumi.String(\"azure_backup\"),\n\t\t\tIntervalSeconds: pulumi.Int(86400),\n\t\t\tRetain: pulumi.Int(7),\n\t\t\tPathPrefix: pulumi.String(\"/\"),\n\t\t\tStorageType: pulumi.String(\"azure-blob\"),\n\t\t\tAzureContainerName: pulumi.String(\"vault-blob\"),\n\t\t\tAzureAccountName: pulumi.Any(azureAccountName),\n\t\t\tAzureAccountKey: pulumi.Any(azureAccountKey),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.RaftSnapshotAgentConfig;\nimport com.pulumi.vault.RaftSnapshotAgentConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var azureAccountName = config.get(\"azureAccountName\");\n final var azureAccountKey = config.get(\"azureAccountKey\");\n var azureBackups = new RaftSnapshotAgentConfig(\"azureBackups\", RaftSnapshotAgentConfigArgs.builder()\n .name(\"azure_backup\")\n .intervalSeconds(86400)\n .retain(7)\n .pathPrefix(\"/\")\n .storageType(\"azure-blob\")\n .azureContainerName(\"vault-blob\")\n .azureAccountName(azureAccountName)\n .azureAccountKey(azureAccountKey)\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n azureAccountName:\n type: dynamic\n azureAccountKey:\n type: dynamic\nresources:\n azureBackups:\n type: vault:RaftSnapshotAgentConfig\n name: azure_backups\n properties:\n name: azure_backup\n intervalSeconds: 86400 # 24h\n retain: 7\n pathPrefix: /\n storageType: azure-blob\n azureContainerName: vault-blob\n azureAccountName: ${azureAccountName}\n azureAccountKey: ${azureAccountKey}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nRaft Snapshot Agent Configurations can be imported using the `name`, e.g.\n\n```sh\n$ pulumi import vault:index/raftSnapshotAgentConfig:RaftSnapshotAgentConfig local local\n```\n", "properties": { "awsAccessKeyId": { "type": "string", @@ -19582,7 +19582,7 @@ }, "maxAge": { "type": "integer", - "description": "Specifies the allowable elapsed time in seconds since the last time \nthe user was actively authenticated with the OIDC provider.\n" + "description": "Specifies the allowable elapsed time in seconds since the last time\nthe user was actively authenticated with the OIDC provider.\n" }, "namespace": { "type": "string", @@ -19728,7 +19728,7 @@ }, "maxAge": { "type": "integer", - "description": "Specifies the allowable elapsed time in seconds since the last time \nthe user was actively authenticated with the OIDC provider.\n" + "description": "Specifies the allowable elapsed time in seconds since the last time\nthe user was actively authenticated with the OIDC provider.\n" }, "namespace": { "type": "string", @@ -19877,7 +19877,7 @@ }, "maxAge": { "type": "integer", - "description": "Specifies the allowable elapsed time in seconds since the last time \nthe user was actively authenticated with the OIDC provider.\n" + "description": "Specifies the allowable elapsed time in seconds since the last time\nthe user was actively authenticated with the OIDC provider.\n" }, "namespace": { "type": "string", @@ -21000,7 +21000,7 @@ }, "disableLocalCaJwt": { "type": "boolean", - "description": "Disable defaulting to the local CA certificate and \nservice account JWT when Vault is running in a Kubernetes pod.\n" + "description": "Disable defaulting to the local CA certificate and\nservice account JWT when Vault is running in a Kubernetes pod.\n" }, "externalEntropyAccess": { "type": "boolean", @@ -21012,11 +21012,11 @@ }, "kubernetesCaCert": { "type": "string", - "description": "A PEM-encoded CA certificate used by the \nsecrets engine to verify the Kubernetes API server certificate. Defaults to the local\npod’s CA if Vault is running in Kubernetes. Otherwise, defaults to the root CA set where\nVault is running.\n" + "description": "A PEM-encoded CA certificate used by the\nsecrets engine to verify the Kubernetes API server certificate. Defaults to the local\npod’s CA if Vault is running in Kubernetes. Otherwise, defaults to the root CA set where\nVault is running.\n" }, "kubernetesHost": { "type": "string", - "description": "The Kubernetes API URL to connect to. Required if the \nstandard pod environment variables `KUBERNETES_SERVICE_HOST` or `KUBERNETES_SERVICE_PORT`\nare not set on the host that Vault is running on.\n" + "description": "The Kubernetes API URL to connect to. Required if the\nstandard pod environment variables `KUBERNETES_SERVICE_HOST` or `KUBERNETES_SERVICE_PORT`\nare not set on the host that Vault is running on.\n" }, "listingVisibility": { "type": "string", @@ -21121,7 +21121,7 @@ }, "disableLocalCaJwt": { "type": "boolean", - "description": "Disable defaulting to the local CA certificate and \nservice account JWT when Vault is running in a Kubernetes pod.\n" + "description": "Disable defaulting to the local CA certificate and\nservice account JWT when Vault is running in a Kubernetes pod.\n" }, "externalEntropyAccess": { "type": "boolean", @@ -21134,11 +21134,11 @@ }, "kubernetesCaCert": { "type": "string", - "description": "A PEM-encoded CA certificate used by the \nsecrets engine to verify the Kubernetes API server certificate. Defaults to the local\npod’s CA if Vault is running in Kubernetes. Otherwise, defaults to the root CA set where\nVault is running.\n" + "description": "A PEM-encoded CA certificate used by the\nsecrets engine to verify the Kubernetes API server certificate. Defaults to the local\npod’s CA if Vault is running in Kubernetes. Otherwise, defaults to the root CA set where\nVault is running.\n" }, "kubernetesHost": { "type": "string", - "description": "The Kubernetes API URL to connect to. Required if the \nstandard pod environment variables `KUBERNETES_SERVICE_HOST` or `KUBERNETES_SERVICE_PORT`\nare not set on the host that Vault is running on.\n" + "description": "The Kubernetes API URL to connect to. Required if the\nstandard pod environment variables `KUBERNETES_SERVICE_HOST` or `KUBERNETES_SERVICE_PORT`\nare not set on the host that Vault is running on.\n" }, "listingVisibility": { "type": "string", @@ -21246,7 +21246,7 @@ }, "disableLocalCaJwt": { "type": "boolean", - "description": "Disable defaulting to the local CA certificate and \nservice account JWT when Vault is running in a Kubernetes pod.\n" + "description": "Disable defaulting to the local CA certificate and\nservice account JWT when Vault is running in a Kubernetes pod.\n" }, "externalEntropyAccess": { "type": "boolean", @@ -21259,11 +21259,11 @@ }, "kubernetesCaCert": { "type": "string", - "description": "A PEM-encoded CA certificate used by the \nsecrets engine to verify the Kubernetes API server certificate. Defaults to the local\npod’s CA if Vault is running in Kubernetes. Otherwise, defaults to the root CA set where\nVault is running.\n" + "description": "A PEM-encoded CA certificate used by the\nsecrets engine to verify the Kubernetes API server certificate. Defaults to the local\npod’s CA if Vault is running in Kubernetes. Otherwise, defaults to the root CA set where\nVault is running.\n" }, "kubernetesHost": { "type": "string", - "description": "The Kubernetes API URL to connect to. Required if the \nstandard pod environment variables `KUBERNETES_SERVICE_HOST` or `KUBERNETES_SERVICE_PORT`\nare not set on the host that Vault is running on.\n" + "description": "The Kubernetes API URL to connect to. Required if the\nstandard pod environment variables `KUBERNETES_SERVICE_HOST` or `KUBERNETES_SERVICE_PORT`\nare not set on the host that Vault is running on.\n" }, "listingVisibility": { "type": "string", @@ -21324,14 +21324,14 @@ "properties": { "allowedKubernetesNamespaceSelector": { "type": "string", - "description": "A label selector for Kubernetes namespaces \nin which credentials can be generated. Accepts either a JSON or YAML object. The value should be\nof type [LabelSelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.24/#labelselector-v1-meta).\nIf set with `allowed_kubernetes_namespace`, the conditions are `OR`ed.\n" + "description": "A label selector for Kubernetes namespaces\nin which credentials can be generated. Accepts either a JSON or YAML object. The value should be\nof type [LabelSelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.24/#labelselector-v1-meta).\nIf set with `allowed_kubernetes_namespace`, the conditions are `OR`ed.\n" }, "allowedKubernetesNamespaces": { "type": "array", "items": { "type": "string" }, - "description": "The list of Kubernetes namespaces this role \ncan generate credentials for. If set to `*` all namespaces are allowed. If set with\n`allowed_kubernetes_namespace_selector`, the conditions are `OR`ed.\n" + "description": "The list of Kubernetes namespaces this role\ncan generate credentials for. If set to `*` all namespaces are allowed. If set with\n`allowed_kubernetes_namespace_selector`, the conditions are `OR`ed.\n" }, "backend": { "type": "string", @@ -21342,26 +21342,26 @@ "additionalProperties": { "type": "string" }, - "description": "Additional annotations to apply to all generated \nKubernetes objects.\n" + "description": "Additional annotations to apply to all generated\nKubernetes objects.\n" }, "extraLabels": { "type": "object", "additionalProperties": { "type": "string" }, - "description": "Additional labels to apply to all generated Kubernetes \nobjects.\n\nThis resource also directly accepts all vault.Mount fields.\n" + "description": "Additional labels to apply to all generated Kubernetes\nobjects.\n\nThis resource also directly accepts all vault.Mount fields.\n" }, "generatedRoleRules": { "type": "string", - "description": "The Role or ClusterRole rules to use when generating \na role. Accepts either JSON or YAML formatted rules. Mutually exclusive with `service_account_name`\nand `kubernetes_role_name`. If set, the entire chain of Kubernetes objects will be generated\nwhen credentials are requested.\n" + "description": "The Role or ClusterRole rules to use when generating\na role. Accepts either JSON or YAML formatted rules. Mutually exclusive with `service_account_name`\nand `kubernetes_role_name`. If set, the entire chain of Kubernetes objects will be generated\nwhen credentials are requested.\n" }, "kubernetesRoleName": { "type": "string", - "description": "The pre-existing Role or ClusterRole to bind a \ngenerated service account to. Mutually exclusive with `service_account_name` and\n`generated_role_rules`. If set, Kubernetes token, service account, and role\nbinding objects will be created when credentials are requested.\n" + "description": "The pre-existing Role or ClusterRole to bind a\ngenerated service account to. Mutually exclusive with `service_account_name` and\n`generated_role_rules`. If set, Kubernetes token, service account, and role\nbinding objects will be created when credentials are requested.\n" }, "kubernetesRoleType": { "type": "string", - "description": "Specifies whether the Kubernetes role is a Role or \nClusterRole.\n" + "description": "Specifies whether the Kubernetes role is a Role or\nClusterRole.\n" }, "name": { "type": "string", @@ -21369,7 +21369,7 @@ }, "nameTemplate": { "type": "string", - "description": "The name template to use when generating service accounts, \nroles and role bindings. If unset, a default template is used.\n" + "description": "The name template to use when generating service accounts,\nroles and role bindings. If unset, a default template is used.\n" }, "namespace": { "type": "string", @@ -21395,14 +21395,14 @@ "inputProperties": { "allowedKubernetesNamespaceSelector": { "type": "string", - "description": "A label selector for Kubernetes namespaces \nin which credentials can be generated. Accepts either a JSON or YAML object. The value should be\nof type [LabelSelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.24/#labelselector-v1-meta).\nIf set with `allowed_kubernetes_namespace`, the conditions are `OR`ed.\n" + "description": "A label selector for Kubernetes namespaces\nin which credentials can be generated. Accepts either a JSON or YAML object. The value should be\nof type [LabelSelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.24/#labelselector-v1-meta).\nIf set with `allowed_kubernetes_namespace`, the conditions are `OR`ed.\n" }, "allowedKubernetesNamespaces": { "type": "array", "items": { "type": "string" }, - "description": "The list of Kubernetes namespaces this role \ncan generate credentials for. If set to `*` all namespaces are allowed. If set with\n`allowed_kubernetes_namespace_selector`, the conditions are `OR`ed.\n" + "description": "The list of Kubernetes namespaces this role\ncan generate credentials for. If set to `*` all namespaces are allowed. If set with\n`allowed_kubernetes_namespace_selector`, the conditions are `OR`ed.\n" }, "backend": { "type": "string", @@ -21414,26 +21414,26 @@ "additionalProperties": { "type": "string" }, - "description": "Additional annotations to apply to all generated \nKubernetes objects.\n" + "description": "Additional annotations to apply to all generated\nKubernetes objects.\n" }, "extraLabels": { "type": "object", "additionalProperties": { "type": "string" }, - "description": "Additional labels to apply to all generated Kubernetes \nobjects.\n\nThis resource also directly accepts all vault.Mount fields.\n" + "description": "Additional labels to apply to all generated Kubernetes\nobjects.\n\nThis resource also directly accepts all vault.Mount fields.\n" }, "generatedRoleRules": { "type": "string", - "description": "The Role or ClusterRole rules to use when generating \na role. Accepts either JSON or YAML formatted rules. Mutually exclusive with `service_account_name`\nand `kubernetes_role_name`. If set, the entire chain of Kubernetes objects will be generated\nwhen credentials are requested.\n" + "description": "The Role or ClusterRole rules to use when generating\na role. Accepts either JSON or YAML formatted rules. Mutually exclusive with `service_account_name`\nand `kubernetes_role_name`. If set, the entire chain of Kubernetes objects will be generated\nwhen credentials are requested.\n" }, "kubernetesRoleName": { "type": "string", - "description": "The pre-existing Role or ClusterRole to bind a \ngenerated service account to. Mutually exclusive with `service_account_name` and\n`generated_role_rules`. If set, Kubernetes token, service account, and role\nbinding objects will be created when credentials are requested.\n" + "description": "The pre-existing Role or ClusterRole to bind a\ngenerated service account to. Mutually exclusive with `service_account_name` and\n`generated_role_rules`. If set, Kubernetes token, service account, and role\nbinding objects will be created when credentials are requested.\n" }, "kubernetesRoleType": { "type": "string", - "description": "Specifies whether the Kubernetes role is a Role or \nClusterRole.\n" + "description": "Specifies whether the Kubernetes role is a Role or\nClusterRole.\n" }, "name": { "type": "string", @@ -21442,7 +21442,7 @@ }, "nameTemplate": { "type": "string", - "description": "The name template to use when generating service accounts, \nroles and role bindings. If unset, a default template is used.\n" + "description": "The name template to use when generating service accounts,\nroles and role bindings. If unset, a default template is used.\n" }, "namespace": { "type": "string", @@ -21470,14 +21470,14 @@ "properties": { "allowedKubernetesNamespaceSelector": { "type": "string", - "description": "A label selector for Kubernetes namespaces \nin which credentials can be generated. Accepts either a JSON or YAML object. The value should be\nof type [LabelSelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.24/#labelselector-v1-meta).\nIf set with `allowed_kubernetes_namespace`, the conditions are `OR`ed.\n" + "description": "A label selector for Kubernetes namespaces\nin which credentials can be generated. Accepts either a JSON or YAML object. The value should be\nof type [LabelSelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.24/#labelselector-v1-meta).\nIf set with `allowed_kubernetes_namespace`, the conditions are `OR`ed.\n" }, "allowedKubernetesNamespaces": { "type": "array", "items": { "type": "string" }, - "description": "The list of Kubernetes namespaces this role \ncan generate credentials for. If set to `*` all namespaces are allowed. If set with\n`allowed_kubernetes_namespace_selector`, the conditions are `OR`ed.\n" + "description": "The list of Kubernetes namespaces this role\ncan generate credentials for. If set to `*` all namespaces are allowed. If set with\n`allowed_kubernetes_namespace_selector`, the conditions are `OR`ed.\n" }, "backend": { "type": "string", @@ -21489,26 +21489,26 @@ "additionalProperties": { "type": "string" }, - "description": "Additional annotations to apply to all generated \nKubernetes objects.\n" + "description": "Additional annotations to apply to all generated\nKubernetes objects.\n" }, "extraLabels": { "type": "object", "additionalProperties": { "type": "string" }, - "description": "Additional labels to apply to all generated Kubernetes \nobjects.\n\nThis resource also directly accepts all vault.Mount fields.\n" + "description": "Additional labels to apply to all generated Kubernetes\nobjects.\n\nThis resource also directly accepts all vault.Mount fields.\n" }, "generatedRoleRules": { "type": "string", - "description": "The Role or ClusterRole rules to use when generating \na role. Accepts either JSON or YAML formatted rules. Mutually exclusive with `service_account_name`\nand `kubernetes_role_name`. If set, the entire chain of Kubernetes objects will be generated\nwhen credentials are requested.\n" + "description": "The Role or ClusterRole rules to use when generating\na role. Accepts either JSON or YAML formatted rules. Mutually exclusive with `service_account_name`\nand `kubernetes_role_name`. If set, the entire chain of Kubernetes objects will be generated\nwhen credentials are requested.\n" }, "kubernetesRoleName": { "type": "string", - "description": "The pre-existing Role or ClusterRole to bind a \ngenerated service account to. Mutually exclusive with `service_account_name` and\n`generated_role_rules`. If set, Kubernetes token, service account, and role\nbinding objects will be created when credentials are requested.\n" + "description": "The pre-existing Role or ClusterRole to bind a\ngenerated service account to. Mutually exclusive with `service_account_name` and\n`generated_role_rules`. If set, Kubernetes token, service account, and role\nbinding objects will be created when credentials are requested.\n" }, "kubernetesRoleType": { "type": "string", - "description": "Specifies whether the Kubernetes role is a Role or \nClusterRole.\n" + "description": "Specifies whether the Kubernetes role is a Role or\nClusterRole.\n" }, "name": { "type": "string", @@ -21517,7 +21517,7 @@ }, "nameTemplate": { "type": "string", - "description": "The name template to use when generating service accounts, \nroles and role bindings. If unset, a default template is used.\n" + "description": "The name template to use when generating service accounts,\nroles and role bindings. If unset, a default template is used.\n" }, "namespace": { "type": "string", @@ -23715,7 +23715,7 @@ }, "organizationId": { "type": "string", - "description": "Unique identifier for the organization to which the target API Key belongs. \nRequired if `project_id` is not set.\n" + "description": "Unique identifier for the organization to which the target API Key belongs.\nRequired if `project_id` is not set.\n" }, "projectId": { "type": "string", @@ -23780,7 +23780,7 @@ }, "organizationId": { "type": "string", - "description": "Unique identifier for the organization to which the target API Key belongs. \nRequired if `project_id` is not set.\n" + "description": "Unique identifier for the organization to which the target API Key belongs.\nRequired if `project_id` is not set.\n" }, "projectId": { "type": "string", @@ -23846,7 +23846,7 @@ }, "organizationId": { "type": "string", - "description": "Unique identifier for the organization to which the target API Key belongs. \nRequired if `project_id` is not set.\n" + "description": "Unique identifier for the organization to which the target API Key belongs.\nRequired if `project_id` is not set.\n" }, "projectId": { "type": "string", @@ -25277,7 +25277,7 @@ }, "enableDelta": { "type": "boolean", - "description": "Enables building of delta CRLs with up-to-date revocation information, \naugmenting the last complete CRL. **Vault 1.12+**\n" + "description": "Enables building of delta CRLs with up-to-date revocation information,\naugmenting the last complete CRL. **Vault 1.12+**\n" }, "expiry": { "type": "string", @@ -25293,7 +25293,7 @@ }, "ocspExpiry": { "type": "string", - "description": "The amount of time an OCSP response can be cached for, useful for OCSP stapling \nrefresh durations. **Vault 1.12+**\n" + "description": "The amount of time an OCSP response can be cached for, useful for OCSP stapling\nrefresh durations. **Vault 1.12+**\n" }, "unifiedCrl": { "type": "boolean", @@ -25341,7 +25341,7 @@ }, "enableDelta": { "type": "boolean", - "description": "Enables building of delta CRLs with up-to-date revocation information, \naugmenting the last complete CRL. **Vault 1.12+**\n" + "description": "Enables building of delta CRLs with up-to-date revocation information,\naugmenting the last complete CRL. **Vault 1.12+**\n" }, "expiry": { "type": "string", @@ -25358,7 +25358,7 @@ }, "ocspExpiry": { "type": "string", - "description": "The amount of time an OCSP response can be cached for, useful for OCSP stapling \nrefresh durations. **Vault 1.12+**\n" + "description": "The amount of time an OCSP response can be cached for, useful for OCSP stapling\nrefresh durations. **Vault 1.12+**\n" }, "unifiedCrl": { "type": "boolean", @@ -25402,7 +25402,7 @@ }, "enableDelta": { "type": "boolean", - "description": "Enables building of delta CRLs with up-to-date revocation information, \naugmenting the last complete CRL. **Vault 1.12+**\n" + "description": "Enables building of delta CRLs with up-to-date revocation information,\naugmenting the last complete CRL. **Vault 1.12+**\n" }, "expiry": { "type": "string", @@ -25419,7 +25419,7 @@ }, "ocspExpiry": { "type": "string", - "description": "The amount of time an OCSP response can be cached for, useful for OCSP stapling \nrefresh durations. **Vault 1.12+**\n" + "description": "The amount of time an OCSP response can be cached for, useful for OCSP stapling\nrefresh durations. **Vault 1.12+**\n" }, "unifiedCrl": { "type": "boolean", @@ -26204,7 +26204,7 @@ }, "keyBits": { "type": "integer", - "description": "Specifies the number of bits to use for the generated keys. \nAllowed values are 0 (universal default); with `key_type=rsa`, allowed values are:\n2048 (default), 3072, or 4096; with `key_type=ec`, allowed values are: 224, 256 (default),\n384, or 521; ignored with `key_type=ed25519`.\n" + "description": "Specifies the number of bits to use for the generated keys.\nAllowed values are 0 (universal default); with `key_type=rsa`, allowed values are:\n2048 (default), 3072, or 4096; with `key_type=ec`, allowed values are: 224, 256 (default),\n384, or 521; ignored with `key_type=ed25519`.\n" }, "keyId": { "type": "string", @@ -26212,7 +26212,7 @@ }, "keyName": { "type": "string", - "description": "When a new key is created with this request, optionally specifies the name for this. \nThe global ref `default` may not be used as a name.\n" + "description": "When a new key is created with this request, optionally specifies the name for this.\nThe global ref `default` may not be used as a name.\n" }, "keyType": { "type": "string", @@ -26250,12 +26250,12 @@ }, "keyBits": { "type": "integer", - "description": "Specifies the number of bits to use for the generated keys. \nAllowed values are 0 (universal default); with `key_type=rsa`, allowed values are:\n2048 (default), 3072, or 4096; with `key_type=ec`, allowed values are: 224, 256 (default),\n384, or 521; ignored with `key_type=ed25519`.\n", + "description": "Specifies the number of bits to use for the generated keys.\nAllowed values are 0 (universal default); with `key_type=rsa`, allowed values are:\n2048 (default), 3072, or 4096; with `key_type=ec`, allowed values are: 224, 256 (default),\n384, or 521; ignored with `key_type=ed25519`.\n", "willReplaceOnChanges": true }, "keyName": { "type": "string", - "description": "When a new key is created with this request, optionally specifies the name for this. \nThe global ref `default` may not be used as a name.\n" + "description": "When a new key is created with this request, optionally specifies the name for this.\nThe global ref `default` may not be used as a name.\n" }, "keyType": { "type": "string", @@ -26295,7 +26295,7 @@ }, "keyBits": { "type": "integer", - "description": "Specifies the number of bits to use for the generated keys. \nAllowed values are 0 (universal default); with `key_type=rsa`, allowed values are:\n2048 (default), 3072, or 4096; with `key_type=ec`, allowed values are: 224, 256 (default),\n384, or 521; ignored with `key_type=ed25519`.\n", + "description": "Specifies the number of bits to use for the generated keys.\nAllowed values are 0 (universal default); with `key_type=rsa`, allowed values are:\n2048 (default), 3072, or 4096; with `key_type=ec`, allowed values are: 224, 256 (default),\n384, or 521; ignored with `key_type=ed25519`.\n", "willReplaceOnChanges": true }, "keyId": { @@ -26304,7 +26304,7 @@ }, "keyName": { "type": "string", - "description": "When a new key is created with this request, optionally specifies the name for this. \nThe global ref `default` may not be used as a name.\n" + "description": "When a new key is created with this request, optionally specifies the name for this.\nThe global ref `default` may not be used as a name.\n" }, "keyType": { "type": "string", @@ -27607,7 +27607,7 @@ }, "certificateBundle": { "type": "string", - "description": "The concatenation of the intermediate CA and the issuing CA certificates (PEM encoded). \nRequires the `format` to be set to any of: pem, pem_bundle. The value will be empty for all other formats.\n" + "description": "The concatenation of the intermediate CA and the issuing CA certificates (PEM encoded).\nRequires the `format` to be set to any of: pem, pem_bundle. The value will be empty for all other formats.\n" }, "commonName": { "type": "string", @@ -27887,7 +27887,7 @@ }, "certificateBundle": { "type": "string", - "description": "The concatenation of the intermediate CA and the issuing CA certificates (PEM encoded). \nRequires the `format` to be set to any of: pem, pem_bundle. The value will be empty for all other formats.\n" + "description": "The concatenation of the intermediate CA and the issuing CA certificates (PEM encoded).\nRequires the `format` to be set to any of: pem, pem_bundle. The value will be empty for all other formats.\n" }, "commonName": { "type": "string", @@ -28631,7 +28631,7 @@ } }, "vault:saml/authBackend:AuthBackend": { - "description": "Manages a SAML Auth mount in a Vault server. See the [Vault\ndocumentation](https://www.vaultproject.io/docs/auth/saml/) for more\ninformation.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst test = new vault.saml.AuthBackend(\"test\", {\n path: \"saml\",\n idpMetadataUrl: \"https://company.okta.com/app/abc123eb9xnIfzlaf697/sso/saml/metadata\",\n entityId: \"https://my.vault/v1/auth/saml\",\n acsUrls: [\"https://my.vault.primary/v1/auth/saml/callback\"],\n defaultRole: \"admin\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ntest = vault.saml.AuthBackend(\"test\",\n path=\"saml\",\n idp_metadata_url=\"https://company.okta.com/app/abc123eb9xnIfzlaf697/sso/saml/metadata\",\n entity_id=\"https://my.vault/v1/auth/saml\",\n acs_urls=[\"https://my.vault.primary/v1/auth/saml/callback\"],\n default_role=\"admin\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Vault.Saml.AuthBackend(\"test\", new()\n {\n Path = \"saml\",\n IdpMetadataUrl = \"https://company.okta.com/app/abc123eb9xnIfzlaf697/sso/saml/metadata\",\n EntityId = \"https://my.vault/v1/auth/saml\",\n AcsUrls = new[]\n {\n \"https://my.vault.primary/v1/auth/saml/callback\",\n },\n DefaultRole = \"admin\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/saml\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := saml.NewAuthBackend(ctx, \"test\", \u0026saml.AuthBackendArgs{\n\t\t\tPath: pulumi.String(\"saml\"),\n\t\t\tIdpMetadataUrl: pulumi.String(\"https://company.okta.com/app/abc123eb9xnIfzlaf697/sso/saml/metadata\"),\n\t\t\tEntityId: pulumi.String(\"https://my.vault/v1/auth/saml\"),\n\t\t\tAcsUrls: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"https://my.vault.primary/v1/auth/saml/callback\"),\n\t\t\t},\n\t\t\tDefaultRole: pulumi.String(\"admin\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.saml.AuthBackend;\nimport com.pulumi.vault.saml.AuthBackendArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new AuthBackend(\"test\", AuthBackendArgs.builder()\n .path(\"saml\")\n .idpMetadataUrl(\"https://company.okta.com/app/abc123eb9xnIfzlaf697/sso/saml/metadata\")\n .entityId(\"https://my.vault/v1/auth/saml\")\n .acsUrls(\"https://my.vault.primary/v1/auth/saml/callback\")\n .defaultRole(\"admin\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: vault:saml:AuthBackend\n properties:\n path: saml\n idpMetadataUrl: https://company.okta.com/app/abc123eb9xnIfzlaf697/sso/saml/metadata\n entityId: https://my.vault/v1/auth/saml\n acsUrls:\n - https://my.vault.primary/v1/auth/saml/callback\n defaultRole: admin\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nSAML authentication mounts can be imported using the `path`, e.g.\n\n```sh\n$ pulumi import vault:saml/authBackend:AuthBackend example saml\n```\n", + "description": "layout: \"vault\"\npage_title: \"Vault: vault.saml.AuthBackend resource\"\nsidebar_current: \"docs-vault-saml-auth-backend\"\ndescription: |-\nManages SAML Auth mounts in Vault.\n\u003c!-- yaml: line 6: could not find expected ':' --\u003e\n\n# vault\\_saml\\_auth\\_backend\n\nManages a SAML Auth mount in a Vault server. See the [Vault\ndocumentation](https://www.vaultproject.io/docs/auth/saml/) for more\ninformation.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst test = new vault.saml.AuthBackend(\"test\", {\n path: \"saml\",\n idpMetadataUrl: \"https://company.okta.com/app/abc123eb9xnIfzlaf697/sso/saml/metadata\",\n entityId: \"https://my.vault/v1/auth/saml\",\n acsUrls: [\"https://my.vault.primary/v1/auth/saml/callback\"],\n defaultRole: \"admin\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ntest = vault.saml.AuthBackend(\"test\",\n path=\"saml\",\n idp_metadata_url=\"https://company.okta.com/app/abc123eb9xnIfzlaf697/sso/saml/metadata\",\n entity_id=\"https://my.vault/v1/auth/saml\",\n acs_urls=[\"https://my.vault.primary/v1/auth/saml/callback\"],\n default_role=\"admin\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Vault.Saml.AuthBackend(\"test\", new()\n {\n Path = \"saml\",\n IdpMetadataUrl = \"https://company.okta.com/app/abc123eb9xnIfzlaf697/sso/saml/metadata\",\n EntityId = \"https://my.vault/v1/auth/saml\",\n AcsUrls = new[]\n {\n \"https://my.vault.primary/v1/auth/saml/callback\",\n },\n DefaultRole = \"admin\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/saml\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := saml.NewAuthBackend(ctx, \"test\", \u0026saml.AuthBackendArgs{\n\t\t\tPath: pulumi.String(\"saml\"),\n\t\t\tIdpMetadataUrl: pulumi.String(\"https://company.okta.com/app/abc123eb9xnIfzlaf697/sso/saml/metadata\"),\n\t\t\tEntityId: pulumi.String(\"https://my.vault/v1/auth/saml\"),\n\t\t\tAcsUrls: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"https://my.vault.primary/v1/auth/saml/callback\"),\n\t\t\t},\n\t\t\tDefaultRole: pulumi.String(\"admin\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.saml.AuthBackend;\nimport com.pulumi.vault.saml.AuthBackendArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new AuthBackend(\"test\", AuthBackendArgs.builder()\n .path(\"saml\")\n .idpMetadataUrl(\"https://company.okta.com/app/abc123eb9xnIfzlaf697/sso/saml/metadata\")\n .entityId(\"https://my.vault/v1/auth/saml\")\n .acsUrls(\"https://my.vault.primary/v1/auth/saml/callback\")\n .defaultRole(\"admin\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: vault:saml:AuthBackend\n properties:\n path: saml\n idpMetadataUrl: https://company.okta.com/app/abc123eb9xnIfzlaf697/sso/saml/metadata\n entityId: https://my.vault/v1/auth/saml\n acsUrls:\n - https://my.vault.primary/v1/auth/saml/callback\n defaultRole: admin\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nSAML authentication mounts can be imported using the `path`, e.g.\n\n```sh\n$ pulumi import vault:saml/authBackend:AuthBackend example saml\n```\n", "properties": { "acsUrls": { "type": "array", @@ -28666,7 +28666,7 @@ }, "idpSsoUrl": { "type": "string", - "description": "The SSO URL of the identity provider. Mutually exclusive with \n`idp_metadata_url`.\n" + "description": "The SSO URL of the identity provider. Mutually exclusive with\n`idp_metadata_url`.\n" }, "namespace": { "type": "string", @@ -28720,7 +28720,7 @@ }, "idpSsoUrl": { "type": "string", - "description": "The SSO URL of the identity provider. Mutually exclusive with \n`idp_metadata_url`.\n" + "description": "The SSO URL of the identity provider. Mutually exclusive with\n`idp_metadata_url`.\n" }, "namespace": { "type": "string", @@ -28777,7 +28777,7 @@ }, "idpSsoUrl": { "type": "string", - "description": "The SSO URL of the identity provider. Mutually exclusive with \n`idp_metadata_url`.\n" + "description": "The SSO URL of the identity provider. Mutually exclusive with\n`idp_metadata_url`.\n" }, "namespace": { "type": "string", @@ -28798,7 +28798,7 @@ } }, "vault:saml/authBackendRole:AuthBackendRole": { - "description": "Manages an SAML auth backend role in a Vault server. See the [Vault\ndocumentation](https://www.vaultproject.io/docs/auth/saml.html) for more\ninformation.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst example = new vault.saml.AuthBackend(\"example\", {\n path: \"saml\",\n idpMetadataUrl: \"https://company.okta.com/app/abc123eb9xnIfzlaf697/sso/saml/metadata\",\n entityId: \"https://my.vault/v1/auth/saml\",\n acsUrls: [\"https://my.vault.primary/v1/auth/saml/callback\"],\n defaultRole: \"default-role\",\n});\nconst exampleAuthBackendRole = new vault.saml.AuthBackendRole(\"example\", {\n path: example.path,\n name: \"my-role\",\n groupsAttribute: \"groups\",\n boundAttributes: {\n group: \"admin\",\n },\n boundSubjects: [\"*example.com\"],\n tokenPolicies: [\"writer\"],\n tokenTtl: 86400,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nexample = vault.saml.AuthBackend(\"example\",\n path=\"saml\",\n idp_metadata_url=\"https://company.okta.com/app/abc123eb9xnIfzlaf697/sso/saml/metadata\",\n entity_id=\"https://my.vault/v1/auth/saml\",\n acs_urls=[\"https://my.vault.primary/v1/auth/saml/callback\"],\n default_role=\"default-role\")\nexample_auth_backend_role = vault.saml.AuthBackendRole(\"example\",\n path=example.path,\n name=\"my-role\",\n groups_attribute=\"groups\",\n bound_attributes={\n \"group\": \"admin\",\n },\n bound_subjects=[\"*example.com\"],\n token_policies=[\"writer\"],\n token_ttl=86400)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Vault.Saml.AuthBackend(\"example\", new()\n {\n Path = \"saml\",\n IdpMetadataUrl = \"https://company.okta.com/app/abc123eb9xnIfzlaf697/sso/saml/metadata\",\n EntityId = \"https://my.vault/v1/auth/saml\",\n AcsUrls = new[]\n {\n \"https://my.vault.primary/v1/auth/saml/callback\",\n },\n DefaultRole = \"default-role\",\n });\n\n var exampleAuthBackendRole = new Vault.Saml.AuthBackendRole(\"example\", new()\n {\n Path = example.Path,\n Name = \"my-role\",\n GroupsAttribute = \"groups\",\n BoundAttributes = \n {\n { \"group\", \"admin\" },\n },\n BoundSubjects = new[]\n {\n \"*example.com\",\n },\n TokenPolicies = new[]\n {\n \"writer\",\n },\n TokenTtl = 86400,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/saml\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := saml.NewAuthBackend(ctx, \"example\", \u0026saml.AuthBackendArgs{\n\t\t\tPath: pulumi.String(\"saml\"),\n\t\t\tIdpMetadataUrl: pulumi.String(\"https://company.okta.com/app/abc123eb9xnIfzlaf697/sso/saml/metadata\"),\n\t\t\tEntityId: pulumi.String(\"https://my.vault/v1/auth/saml\"),\n\t\t\tAcsUrls: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"https://my.vault.primary/v1/auth/saml/callback\"),\n\t\t\t},\n\t\t\tDefaultRole: pulumi.String(\"default-role\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = saml.NewAuthBackendRole(ctx, \"example\", \u0026saml.AuthBackendRoleArgs{\n\t\t\tPath: example.Path,\n\t\t\tName: pulumi.String(\"my-role\"),\n\t\t\tGroupsAttribute: pulumi.String(\"groups\"),\n\t\t\tBoundAttributes: pulumi.StringMap{\n\t\t\t\t\"group\": pulumi.String(\"admin\"),\n\t\t\t},\n\t\t\tBoundSubjects: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"*example.com\"),\n\t\t\t},\n\t\t\tTokenPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"writer\"),\n\t\t\t},\n\t\t\tTokenTtl: pulumi.Int(86400),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.saml.AuthBackend;\nimport com.pulumi.vault.saml.AuthBackendArgs;\nimport com.pulumi.vault.saml.AuthBackendRole;\nimport com.pulumi.vault.saml.AuthBackendRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AuthBackend(\"example\", AuthBackendArgs.builder()\n .path(\"saml\")\n .idpMetadataUrl(\"https://company.okta.com/app/abc123eb9xnIfzlaf697/sso/saml/metadata\")\n .entityId(\"https://my.vault/v1/auth/saml\")\n .acsUrls(\"https://my.vault.primary/v1/auth/saml/callback\")\n .defaultRole(\"default-role\")\n .build());\n\n var exampleAuthBackendRole = new AuthBackendRole(\"exampleAuthBackendRole\", AuthBackendRoleArgs.builder()\n .path(example.path())\n .name(\"my-role\")\n .groupsAttribute(\"groups\")\n .boundAttributes(Map.of(\"group\", \"admin\"))\n .boundSubjects(\"*example.com\")\n .tokenPolicies(\"writer\")\n .tokenTtl(86400)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: vault:saml:AuthBackend\n properties:\n path: saml\n idpMetadataUrl: https://company.okta.com/app/abc123eb9xnIfzlaf697/sso/saml/metadata\n entityId: https://my.vault/v1/auth/saml\n acsUrls:\n - https://my.vault.primary/v1/auth/saml/callback\n defaultRole: default-role\n exampleAuthBackendRole:\n type: vault:saml:AuthBackendRole\n name: example\n properties:\n path: ${example.path}\n name: my-role\n groupsAttribute: groups\n boundAttributes:\n group: admin\n boundSubjects:\n - '*example.com'\n tokenPolicies:\n - writer\n tokenTtl: 86400\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nSAML authentication backend roles can be imported using the `path`, e.g.\n\n```sh\n$ pulumi import vault:saml/authBackendRole:AuthBackendRole example auth/saml/role/my-role\n```\n", + "description": "layout: \"vault\"\npage_title: \"Vault: vault.saml.AuthBackendRole resource\"\nsidebar_current: \"docs-vault-resource-saml-auth-backend-role\"\ndescription: |-\nManages SAML auth backend roles in Vault.\n\u003c!-- yaml: line 6: could not find expected ':' --\u003e\n\n# vault\\_saml\\_auth\\_backend\\_role\n\nManages an SAML auth backend role in a Vault server. See the [Vault\ndocumentation](https://www.vaultproject.io/docs/auth/saml.html) for more\ninformation.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst example = new vault.saml.AuthBackend(\"example\", {\n path: \"saml\",\n idpMetadataUrl: \"https://company.okta.com/app/abc123eb9xnIfzlaf697/sso/saml/metadata\",\n entityId: \"https://my.vault/v1/auth/saml\",\n acsUrls: [\"https://my.vault.primary/v1/auth/saml/callback\"],\n defaultRole: \"default-role\",\n});\nconst exampleAuthBackendRole = new vault.saml.AuthBackendRole(\"example\", {\n path: example.path,\n name: \"my-role\",\n groupsAttribute: \"groups\",\n boundAttributes: {\n group: \"admin\",\n },\n boundSubjects: [\"*example.com\"],\n tokenPolicies: [\"writer\"],\n tokenTtl: 86400,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nexample = vault.saml.AuthBackend(\"example\",\n path=\"saml\",\n idp_metadata_url=\"https://company.okta.com/app/abc123eb9xnIfzlaf697/sso/saml/metadata\",\n entity_id=\"https://my.vault/v1/auth/saml\",\n acs_urls=[\"https://my.vault.primary/v1/auth/saml/callback\"],\n default_role=\"default-role\")\nexample_auth_backend_role = vault.saml.AuthBackendRole(\"example\",\n path=example.path,\n name=\"my-role\",\n groups_attribute=\"groups\",\n bound_attributes={\n \"group\": \"admin\",\n },\n bound_subjects=[\"*example.com\"],\n token_policies=[\"writer\"],\n token_ttl=86400)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Vault.Saml.AuthBackend(\"example\", new()\n {\n Path = \"saml\",\n IdpMetadataUrl = \"https://company.okta.com/app/abc123eb9xnIfzlaf697/sso/saml/metadata\",\n EntityId = \"https://my.vault/v1/auth/saml\",\n AcsUrls = new[]\n {\n \"https://my.vault.primary/v1/auth/saml/callback\",\n },\n DefaultRole = \"default-role\",\n });\n\n var exampleAuthBackendRole = new Vault.Saml.AuthBackendRole(\"example\", new()\n {\n Path = example.Path,\n Name = \"my-role\",\n GroupsAttribute = \"groups\",\n BoundAttributes = \n {\n { \"group\", \"admin\" },\n },\n BoundSubjects = new[]\n {\n \"*example.com\",\n },\n TokenPolicies = new[]\n {\n \"writer\",\n },\n TokenTtl = 86400,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/saml\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := saml.NewAuthBackend(ctx, \"example\", \u0026saml.AuthBackendArgs{\n\t\t\tPath: pulumi.String(\"saml\"),\n\t\t\tIdpMetadataUrl: pulumi.String(\"https://company.okta.com/app/abc123eb9xnIfzlaf697/sso/saml/metadata\"),\n\t\t\tEntityId: pulumi.String(\"https://my.vault/v1/auth/saml\"),\n\t\t\tAcsUrls: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"https://my.vault.primary/v1/auth/saml/callback\"),\n\t\t\t},\n\t\t\tDefaultRole: pulumi.String(\"default-role\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = saml.NewAuthBackendRole(ctx, \"example\", \u0026saml.AuthBackendRoleArgs{\n\t\t\tPath: example.Path,\n\t\t\tName: pulumi.String(\"my-role\"),\n\t\t\tGroupsAttribute: pulumi.String(\"groups\"),\n\t\t\tBoundAttributes: pulumi.StringMap{\n\t\t\t\t\"group\": pulumi.String(\"admin\"),\n\t\t\t},\n\t\t\tBoundSubjects: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"*example.com\"),\n\t\t\t},\n\t\t\tTokenPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"writer\"),\n\t\t\t},\n\t\t\tTokenTtl: pulumi.Int(86400),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.saml.AuthBackend;\nimport com.pulumi.vault.saml.AuthBackendArgs;\nimport com.pulumi.vault.saml.AuthBackendRole;\nimport com.pulumi.vault.saml.AuthBackendRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AuthBackend(\"example\", AuthBackendArgs.builder()\n .path(\"saml\")\n .idpMetadataUrl(\"https://company.okta.com/app/abc123eb9xnIfzlaf697/sso/saml/metadata\")\n .entityId(\"https://my.vault/v1/auth/saml\")\n .acsUrls(\"https://my.vault.primary/v1/auth/saml/callback\")\n .defaultRole(\"default-role\")\n .build());\n\n var exampleAuthBackendRole = new AuthBackendRole(\"exampleAuthBackendRole\", AuthBackendRoleArgs.builder()\n .path(example.path())\n .name(\"my-role\")\n .groupsAttribute(\"groups\")\n .boundAttributes(Map.of(\"group\", \"admin\"))\n .boundSubjects(\"*example.com\")\n .tokenPolicies(\"writer\")\n .tokenTtl(86400)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: vault:saml:AuthBackend\n properties:\n path: saml\n idpMetadataUrl: https://company.okta.com/app/abc123eb9xnIfzlaf697/sso/saml/metadata\n entityId: https://my.vault/v1/auth/saml\n acsUrls:\n - https://my.vault.primary/v1/auth/saml/callback\n defaultRole: default-role\n exampleAuthBackendRole:\n type: vault:saml:AuthBackendRole\n name: example\n properties:\n path: ${example.path}\n name: my-role\n groupsAttribute: groups\n boundAttributes:\n group: admin\n boundSubjects:\n - '*example.com'\n tokenPolicies:\n - writer\n tokenTtl: 86400\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nSAML authentication backend roles can be imported using the `path`, e.g.\n\n```sh\n$ pulumi import vault:saml/authBackendRole:AuthBackendRole example auth/saml/role/my-role\n```\n", "properties": { "boundAttributes": { "type": "object", @@ -29194,7 +29194,7 @@ }, "granularity": { "type": "string", - "description": "Determines what level of information is synced as a distinct resource \nat the destination. Supports `secret-path` and `secret-key`.\n" + "description": "Determines what level of information is synced as a distinct resource\nat the destination. Supports `secret-path` and `secret-key`.\n" }, "name": { "type": "string", @@ -29210,7 +29210,7 @@ }, "roleArn": { "type": "string", - "description": "Specifies a role to assume when connecting to AWS. When assuming a role, \nVault uses temporary STS credentials to authenticate. An initial session with the proper trust relationship must\nexist for Vault to be able to assume this role. The role can be in a different account.\nThe value is mutable as long as the new role targets the same AWS account ID. If not, the BE will return an error.\nIt is possible to provide both an access key pair and a role to assume.\n" + "description": "Specifies a role to assume when connecting to AWS. When assuming a role,\nVault uses temporary STS credentials to authenticate. An initial session with the proper trust relationship must\nexist for Vault to be able to assume this role. The role can be in a different account.\nThe value is mutable as long as the new role targets the same AWS account ID. If not, the BE will return an error.\nIt is possible to provide both an access key pair and a role to assume.\n" }, "secretAccessKey": { "type": "string", @@ -29249,7 +29249,7 @@ }, "granularity": { "type": "string", - "description": "Determines what level of information is synced as a distinct resource \nat the destination. Supports `secret-path` and `secret-key`.\n" + "description": "Determines what level of information is synced as a distinct resource\nat the destination. Supports `secret-path` and `secret-key`.\n" }, "name": { "type": "string", @@ -29268,7 +29268,7 @@ }, "roleArn": { "type": "string", - "description": "Specifies a role to assume when connecting to AWS. When assuming a role, \nVault uses temporary STS credentials to authenticate. An initial session with the proper trust relationship must\nexist for Vault to be able to assume this role. The role can be in a different account.\nThe value is mutable as long as the new role targets the same AWS account ID. If not, the BE will return an error.\nIt is possible to provide both an access key pair and a role to assume.\n" + "description": "Specifies a role to assume when connecting to AWS. When assuming a role,\nVault uses temporary STS credentials to authenticate. An initial session with the proper trust relationship must\nexist for Vault to be able to assume this role. The role can be in a different account.\nThe value is mutable as long as the new role targets the same AWS account ID. If not, the BE will return an error.\nIt is possible to provide both an access key pair and a role to assume.\n" }, "secretAccessKey": { "type": "string", @@ -29300,7 +29300,7 @@ }, "granularity": { "type": "string", - "description": "Determines what level of information is synced as a distinct resource \nat the destination. Supports `secret-path` and `secret-key`.\n" + "description": "Determines what level of information is synced as a distinct resource\nat the destination. Supports `secret-path` and `secret-key`.\n" }, "name": { "type": "string", @@ -29319,7 +29319,7 @@ }, "roleArn": { "type": "string", - "description": "Specifies a role to assume when connecting to AWS. When assuming a role, \nVault uses temporary STS credentials to authenticate. An initial session with the proper trust relationship must\nexist for Vault to be able to assume this role. The role can be in a different account.\nThe value is mutable as long as the new role targets the same AWS account ID. If not, the BE will return an error.\nIt is possible to provide both an access key pair and a role to assume.\n" + "description": "Specifies a role to assume when connecting to AWS. When assuming a role,\nVault uses temporary STS credentials to authenticate. An initial session with the proper trust relationship must\nexist for Vault to be able to assume this role. The role can be in a different account.\nThe value is mutable as long as the new role targets the same AWS account ID. If not, the BE will return an error.\nIt is possible to provide both an access key pair and a role to assume.\n" }, "secretAccessKey": { "type": "string", @@ -29509,7 +29509,7 @@ } }, "vault:secrets/syncConfig:SyncConfig": { - "description": "Configures the secret sync global config. \nThe config is global and can only be managed in the root namespace.\n\n\u003e **Important** The config is global so the vault.secrets.SyncConfig resource must not be defined\nmultiple times for the same Vault server. If multiple definition exists, the last one applied will be\neffective.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst globalConfig = new vault.secrets.SyncConfig(\"global_config\", {\n disabled: true,\n queueCapacity: 500000,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nglobal_config = vault.secrets.SyncConfig(\"global_config\",\n disabled=True,\n queue_capacity=500000)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var globalConfig = new Vault.Secrets.SyncConfig(\"global_config\", new()\n {\n Disabled = true,\n QueueCapacity = 500000,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/secrets\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := secrets.NewSyncConfig(ctx, \"global_config\", \u0026secrets.SyncConfigArgs{\n\t\t\tDisabled: pulumi.Bool(true),\n\t\t\tQueueCapacity: pulumi.Int(500000),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.secrets.SyncConfig;\nimport com.pulumi.vault.secrets.SyncConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var globalConfig = new SyncConfig(\"globalConfig\", SyncConfigArgs.builder()\n .disabled(true)\n .queueCapacity(500000)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n globalConfig:\n type: vault:secrets:SyncConfig\n name: global_config\n properties:\n disabled: true\n queueCapacity: 500000\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import vault:secrets/syncConfig:SyncConfig config global_config\n```\n", + "description": "Configures the secret sync global config.\nThe config is global and can only be managed in the root namespace.\n\n\u003e **Important** The config is global so the vault.secrets.SyncConfig resource must not be defined\nmultiple times for the same Vault server. If multiple definition exists, the last one applied will be\neffective.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst globalConfig = new vault.secrets.SyncConfig(\"global_config\", {\n disabled: true,\n queueCapacity: 500000,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nglobal_config = vault.secrets.SyncConfig(\"global_config\",\n disabled=True,\n queue_capacity=500000)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var globalConfig = new Vault.Secrets.SyncConfig(\"global_config\", new()\n {\n Disabled = true,\n QueueCapacity = 500000,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/secrets\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := secrets.NewSyncConfig(ctx, \"global_config\", \u0026secrets.SyncConfigArgs{\n\t\t\tDisabled: pulumi.Bool(true),\n\t\t\tQueueCapacity: pulumi.Int(500000),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.secrets.SyncConfig;\nimport com.pulumi.vault.secrets.SyncConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var globalConfig = new SyncConfig(\"globalConfig\", SyncConfigArgs.builder()\n .disabled(true)\n .queueCapacity(500000)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n globalConfig:\n type: vault:secrets:SyncConfig\n name: global_config\n properties:\n disabled: true\n queueCapacity: 500000\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import vault:secrets/syncConfig:SyncConfig config global_config\n```\n", "properties": { "disabled": { "type": "boolean", @@ -29698,7 +29698,7 @@ }, "appName": { "type": "string", - "description": "The user-defined name of the GitHub App configuration. This is a reference to the name used \non the new endpoint when configuring the GitHub app on the Vault Server. Can be modified.\nTakes precedence over the `access_token` field.\n" + "description": "The user-defined name of the GitHub App configuration. This is a reference to the name usedon the new endpoint when configuring the GitHub app on the Vault Server. Can be modified.\nTakes precedence over the `access_token` field.\n" }, "granularity": { "type": "string", @@ -29706,7 +29706,7 @@ }, "installationId": { "type": "integer", - "description": "The ID of the installation generated by GitHub when the app referenced by the `app_name` \nwas installed in the user’s GitHub account. Can be modified. Necessary if the `app_name` field is also provided.\n" + "description": "The ID of the installation generated by GitHub when the app referenced by the `app_name`\nwas installed in the user’s GitHub account. Can be modified. Necessary if the `app_name` field is also provided.\n" }, "name": { "type": "string", @@ -29746,7 +29746,7 @@ }, "appName": { "type": "string", - "description": "The user-defined name of the GitHub App configuration. This is a reference to the name used \non the new endpoint when configuring the GitHub app on the Vault Server. Can be modified.\nTakes precedence over the `access_token` field.\n" + "description": "The user-defined name of the GitHub App configuration. This is a reference to the name usedon the new endpoint when configuring the GitHub app on the Vault Server. Can be modified.\nTakes precedence over the `access_token` field.\n" }, "granularity": { "type": "string", @@ -29754,7 +29754,7 @@ }, "installationId": { "type": "integer", - "description": "The ID of the installation generated by GitHub when the app referenced by the `app_name` \nwas installed in the user’s GitHub account. Can be modified. Necessary if the `app_name` field is also provided.\n" + "description": "The ID of the installation generated by GitHub when the app referenced by the `app_name`\nwas installed in the user’s GitHub account. Can be modified. Necessary if the `app_name` field is also provided.\n" }, "name": { "type": "string", @@ -29791,7 +29791,7 @@ }, "appName": { "type": "string", - "description": "The user-defined name of the GitHub App configuration. This is a reference to the name used \non the new endpoint when configuring the GitHub app on the Vault Server. Can be modified.\nTakes precedence over the `access_token` field.\n" + "description": "The user-defined name of the GitHub App configuration. This is a reference to the name usedon the new endpoint when configuring the GitHub app on the Vault Server. Can be modified.\nTakes precedence over the `access_token` field.\n" }, "granularity": { "type": "string", @@ -29799,7 +29799,7 @@ }, "installationId": { "type": "integer", - "description": "The ID of the installation generated by GitHub when the app referenced by the `app_name` \nwas installed in the user’s GitHub account. Can be modified. Necessary if the `app_name` field is also provided.\n" + "description": "The ID of the installation generated by GitHub when the app referenced by the `app_name`\nwas installed in the user’s GitHub account. Can be modified. Necessary if the `app_name` field is also provided.\n" }, "name": { "type": "string", @@ -30237,7 +30237,7 @@ "items": { "$ref": "#/types/vault:ssh/SecretBackendRoleAllowedUserKeyConfig:SecretBackendRoleAllowedUserKeyConfig" }, - "description": "Set of configuration blocks to define allowed \nuser key configuration, like key type and their lengths. Can be specified multiple times.\n*See Configuration-Options for more info*\n" + "description": "Set of configuration blocks to define alloweduser key configuration, like key type and their lengths. Can be specified multiple times.*See Configuration-Options for more info*\n" }, "allowedUsers": { "type": "string", @@ -30362,7 +30362,7 @@ "items": { "$ref": "#/types/vault:ssh/SecretBackendRoleAllowedUserKeyConfig:SecretBackendRoleAllowedUserKeyConfig" }, - "description": "Set of configuration blocks to define allowed \nuser key configuration, like key type and their lengths. Can be specified multiple times.\n*See Configuration-Options for more info*\n" + "description": "Set of configuration blocks to define alloweduser key configuration, like key type and their lengths. Can be specified multiple times.*See Configuration-Options for more info*\n" }, "allowedUsers": { "type": "string", @@ -30486,7 +30486,7 @@ "items": { "$ref": "#/types/vault:ssh/SecretBackendRoleAllowedUserKeyConfig:SecretBackendRoleAllowedUserKeyConfig" }, - "description": "Set of configuration blocks to define allowed \nuser key configuration, like key type and their lengths. Can be specified multiple times.\n*See Configuration-Options for more info*\n" + "description": "Set of configuration blocks to define alloweduser key configuration, like key type and their lengths. Can be specified multiple times.*See Configuration-Options for more info*\n" }, "allowedUsers": { "type": "string", @@ -30683,7 +30683,7 @@ }, "leaseId": { "type": "string", - "description": "The lease associated with the token. Only user tokens will have a \nVault lease associated with them.\n", + "description": "The lease associated with the token. Only user tokens will have a\nVault lease associated with them.\n", "secret": true }, "namespace": { @@ -30709,7 +30709,7 @@ }, "tokenId": { "type": "string", - "description": "The public identifier for a specific token. It can be used \nto look up information about a token or to revoke a token.\n" + "description": "The public identifier for a specific token. It can be used\nto look up information about a token or to revoke a token.\n" } }, "required": [ @@ -30748,7 +30748,7 @@ }, "leaseId": { "type": "string", - "description": "The lease associated with the token. Only user tokens will have a \nVault lease associated with them.\n", + "description": "The lease associated with the token. Only user tokens will have a\nVault lease associated with them.\n", "secret": true }, "namespace": { @@ -30776,7 +30776,7 @@ }, "tokenId": { "type": "string", - "description": "The public identifier for a specific token. It can be used \nto look up information about a token or to revoke a token.\n" + "description": "The public identifier for a specific token. It can be used\nto look up information about a token or to revoke a token.\n" } }, "type": "object" @@ -30933,7 +30933,7 @@ }, "pathSuffix": { "type": "string", - "description": "Tokens created against this role will have the given suffix as part of their path in addition to the role name.\n\n\u003e Due to a bug the resource. This *will* cause all existing tokens issued by this role to be revoked.\n" + "description": "Tokens created against this role will have the given suffix as part of their path in addition to the role name.\n" }, "renewable": { "type": "boolean", @@ -31036,7 +31036,7 @@ }, "pathSuffix": { "type": "string", - "description": "Tokens created against this role will have the given suffix as part of their path in addition to the role name.\n\n\u003e Due to a bug the resource. This *will* cause all existing tokens issued by this role to be revoked.\n" + "description": "Tokens created against this role will have the given suffix as part of their path in addition to the role name.\n" }, "renewable": { "type": "boolean", @@ -31142,7 +31142,7 @@ }, "pathSuffix": { "type": "string", - "description": "Tokens created against this role will have the given suffix as part of their path in addition to the role name.\n\n\u003e Due to a bug the resource. This *will* cause all existing tokens issued by this role to be revoked.\n" + "description": "Tokens created against this role will have the given suffix as part of their path in addition to the role name.\n" }, "renewable": { "type": "boolean", @@ -31372,7 +31372,7 @@ } }, "vault:transform/template:Template": { - "description": "This resource supports the `/transform/template/{name}` Vault endpoint.\n\nIt creates or updates a template with the given name. If a template with the name does not exist,\nit will be created. If the template exists, it will be updated with the new attributes.\n\n\u003e Requires _Vault Enterprise with the Advanced Data Protection Transform Module_.\nSee [Transform Secrets Engine](https://www.vaultproject.io/docs/secrets/transform)\nfor more information.\n\n## Example Usage\n\nPlease note that the `pattern` below holds a regex. The regex shown\nis identical to the one in our [Setup](https://www.vaultproject.io/docs/secrets/transform#setup)\ndocs, `(\\d{4})-(\\d{4})-(\\d{4})-(\\d{4})`. However, due to HCL, the\nbackslashes must be escaped to appear correctly in Vault. For further\nassistance escaping your own custom regex, see String Literals.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst transform = new vault.Mount(\"transform\", {\n path: \"transform\",\n type: \"transform\",\n});\nconst numerics = new vault.transform.Alphabet(\"numerics\", {\n path: transform.path,\n name: \"numerics\",\n alphabet: \"0123456789\",\n});\nconst test = new vault.transform.Template(\"test\", {\n path: numerics.path,\n name: \"ccn\",\n type: \"regex\",\n pattern: \"(\\\\d{4})[- ](\\\\d{4})[- ](\\\\d{4})[- ](\\\\d{4})\",\n alphabet: \"numerics\",\n encodeFormat: \"$1-$2-$3-$4\",\n decodeFormats: {\n \"last-four-digits\": \"$4\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ntransform = vault.Mount(\"transform\",\n path=\"transform\",\n type=\"transform\")\nnumerics = vault.transform.Alphabet(\"numerics\",\n path=transform.path,\n name=\"numerics\",\n alphabet=\"0123456789\")\ntest = vault.transform.Template(\"test\",\n path=numerics.path,\n name=\"ccn\",\n type=\"regex\",\n pattern=\"(\\\\d{4})[- ](\\\\d{4})[- ](\\\\d{4})[- ](\\\\d{4})\",\n alphabet=\"numerics\",\n encode_format=\"$1-$2-$3-$4\",\n decode_formats={\n \"last-four-digits\": \"$4\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var transform = new Vault.Mount(\"transform\", new()\n {\n Path = \"transform\",\n Type = \"transform\",\n });\n\n var numerics = new Vault.Transform.Alphabet(\"numerics\", new()\n {\n Path = transform.Path,\n Name = \"numerics\",\n AlphabetSet = \"0123456789\",\n });\n\n var test = new Vault.Transform.Template(\"test\", new()\n {\n Path = numerics.Path,\n Name = \"ccn\",\n Type = \"regex\",\n Pattern = \"(\\\\d{4})[- ](\\\\d{4})[- ](\\\\d{4})[- ](\\\\d{4})\",\n Alphabet = \"numerics\",\n EncodeFormat = \"$1-$2-$3-$4\",\n DecodeFormats = \n {\n { \"last-four-digits\", \"$4\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v6/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/transform\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttransform, err := vault.NewMount(ctx, \"transform\", \u0026vault.MountArgs{\n\t\t\tPath: pulumi.String(\"transform\"),\n\t\t\tType: pulumi.String(\"transform\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tnumerics, err := transform.NewAlphabet(ctx, \"numerics\", \u0026transform.AlphabetArgs{\n\t\t\tPath: transform.Path,\n\t\t\tName: pulumi.String(\"numerics\"),\n\t\t\tAlphabet: pulumi.String(\"0123456789\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = transform.NewTemplate(ctx, \"test\", \u0026transform.TemplateArgs{\n\t\t\tPath: numerics.Path,\n\t\t\tName: pulumi.String(\"ccn\"),\n\t\t\tType: pulumi.String(\"regex\"),\n\t\t\tPattern: pulumi.String(\"(\\\\d{4})[- ](\\\\d{4})[- ](\\\\d{4})[- ](\\\\d{4})\"),\n\t\t\tAlphabet: pulumi.String(\"numerics\"),\n\t\t\tEncodeFormat: pulumi.String(\"$1-$2-$3-$4\"),\n\t\t\tDecodeFormats: pulumi.StringMap{\n\t\t\t\t\"last-four-digits\": pulumi.String(\"$4\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Mount;\nimport com.pulumi.vault.MountArgs;\nimport com.pulumi.vault.transform.Alphabet;\nimport com.pulumi.vault.transform.AlphabetArgs;\nimport com.pulumi.vault.transform.Template;\nimport com.pulumi.vault.transform.TemplateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var transform = new Mount(\"transform\", MountArgs.builder()\n .path(\"transform\")\n .type(\"transform\")\n .build());\n\n var numerics = new Alphabet(\"numerics\", AlphabetArgs.builder()\n .path(transform.path())\n .name(\"numerics\")\n .alphabet(\"0123456789\")\n .build());\n\n var test = new Template(\"test\", TemplateArgs.builder()\n .path(numerics.path())\n .name(\"ccn\")\n .type(\"regex\")\n .pattern(\"(\\\\d{4})[- ](\\\\d{4})[- ](\\\\d{4})[- ](\\\\d{4})\")\n .alphabet(\"numerics\")\n .encodeFormat(\"$1-$2-$3-$4\")\n .decodeFormats(Map.of(\"last-four-digits\", \"$4\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n transform:\n type: vault:Mount\n properties:\n path: transform\n type: transform\n numerics:\n type: vault:transform:Alphabet\n properties:\n path: ${transform.path}\n name: numerics\n alphabet: '0123456789'\n test:\n type: vault:transform:Template\n properties:\n path: ${numerics.path}\n name: ccn\n type: regex\n pattern: (\\d{4})[- ](\\d{4})[- ](\\d{4})[- ](\\d{4})\n alphabet: numerics\n encodeFormat: $1-$2-$3-$4\n decodeFormats:\n last-four-digits: $4\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", + "description": "This resource supports the `/transform/template/{name}` Vault endpoint.\n\nIt creates or updates a template with the given name. If a template with the name does not exist,\nit will be created. If the template exists, it will be updated with the new attributes.\n\n\u003e Requires *Vault Enterprise with the Advanced Data Protection Transform Module*.\nSee [Transform Secrets Engine](https://www.vaultproject.io/docs/secrets/transform)\nfor more information.\n\n## Example Usage\n\nPlease note that the `pattern` below holds a regex. The regex shown\nis identical to the one in our [Setup](https://www.vaultproject.io/docs/secrets/transform#setup)\ndocs, `(\\d{4})-(\\d{4})-(\\d{4})-(\\d{4})`. However, due to HCL, the\nbackslashes must be escaped to appear correctly in Vault. For further\nassistance escaping your own custom regex, see String Literals.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst transform = new vault.Mount(\"transform\", {\n path: \"transform\",\n type: \"transform\",\n});\nconst numerics = new vault.transform.Alphabet(\"numerics\", {\n path: transform.path,\n name: \"numerics\",\n alphabet: \"0123456789\",\n});\nconst test = new vault.transform.Template(\"test\", {\n path: numerics.path,\n name: \"ccn\",\n type: \"regex\",\n pattern: \"(\\\\d{4})[- ](\\\\d{4})[- ](\\\\d{4})[- ](\\\\d{4})\",\n alphabet: \"numerics\",\n encodeFormat: \"$1-$2-$3-$4\",\n decodeFormats: {\n \"last-four-digits\": \"$4\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ntransform = vault.Mount(\"transform\",\n path=\"transform\",\n type=\"transform\")\nnumerics = vault.transform.Alphabet(\"numerics\",\n path=transform.path,\n name=\"numerics\",\n alphabet=\"0123456789\")\ntest = vault.transform.Template(\"test\",\n path=numerics.path,\n name=\"ccn\",\n type=\"regex\",\n pattern=\"(\\\\d{4})[- ](\\\\d{4})[- ](\\\\d{4})[- ](\\\\d{4})\",\n alphabet=\"numerics\",\n encode_format=\"$1-$2-$3-$4\",\n decode_formats={\n \"last-four-digits\": \"$4\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var transform = new Vault.Mount(\"transform\", new()\n {\n Path = \"transform\",\n Type = \"transform\",\n });\n\n var numerics = new Vault.Transform.Alphabet(\"numerics\", new()\n {\n Path = transform.Path,\n Name = \"numerics\",\n AlphabetSet = \"0123456789\",\n });\n\n var test = new Vault.Transform.Template(\"test\", new()\n {\n Path = numerics.Path,\n Name = \"ccn\",\n Type = \"regex\",\n Pattern = \"(\\\\d{4})[- ](\\\\d{4})[- ](\\\\d{4})[- ](\\\\d{4})\",\n Alphabet = \"numerics\",\n EncodeFormat = \"$1-$2-$3-$4\",\n DecodeFormats = \n {\n { \"last-four-digits\", \"$4\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v6/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/transform\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttransform, err := vault.NewMount(ctx, \"transform\", \u0026vault.MountArgs{\n\t\t\tPath: pulumi.String(\"transform\"),\n\t\t\tType: pulumi.String(\"transform\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tnumerics, err := transform.NewAlphabet(ctx, \"numerics\", \u0026transform.AlphabetArgs{\n\t\t\tPath: transform.Path,\n\t\t\tName: pulumi.String(\"numerics\"),\n\t\t\tAlphabet: pulumi.String(\"0123456789\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = transform.NewTemplate(ctx, \"test\", \u0026transform.TemplateArgs{\n\t\t\tPath: numerics.Path,\n\t\t\tName: pulumi.String(\"ccn\"),\n\t\t\tType: pulumi.String(\"regex\"),\n\t\t\tPattern: pulumi.String(\"(\\\\d{4})[- ](\\\\d{4})[- ](\\\\d{4})[- ](\\\\d{4})\"),\n\t\t\tAlphabet: pulumi.String(\"numerics\"),\n\t\t\tEncodeFormat: pulumi.String(\"$1-$2-$3-$4\"),\n\t\t\tDecodeFormats: pulumi.StringMap{\n\t\t\t\t\"last-four-digits\": pulumi.String(\"$4\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Mount;\nimport com.pulumi.vault.MountArgs;\nimport com.pulumi.vault.transform.Alphabet;\nimport com.pulumi.vault.transform.AlphabetArgs;\nimport com.pulumi.vault.transform.Template;\nimport com.pulumi.vault.transform.TemplateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var transform = new Mount(\"transform\", MountArgs.builder()\n .path(\"transform\")\n .type(\"transform\")\n .build());\n\n var numerics = new Alphabet(\"numerics\", AlphabetArgs.builder()\n .path(transform.path())\n .name(\"numerics\")\n .alphabet(\"0123456789\")\n .build());\n\n var test = new Template(\"test\", TemplateArgs.builder()\n .path(numerics.path())\n .name(\"ccn\")\n .type(\"regex\")\n .pattern(\"(\\\\d{4})[- ](\\\\d{4})[- ](\\\\d{4})[- ](\\\\d{4})\")\n .alphabet(\"numerics\")\n .encodeFormat(\"$1-$2-$3-$4\")\n .decodeFormats(Map.of(\"last-four-digits\", \"$4\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n transform:\n type: vault:Mount\n properties:\n path: transform\n type: transform\n numerics:\n type: vault:transform:Alphabet\n properties:\n path: ${transform.path}\n name: numerics\n alphabet: '0123456789'\n test:\n type: vault:transform:Template\n properties:\n path: ${numerics.path}\n name: ccn\n type: regex\n pattern: (\\d{4})[- ](\\d{4})[- ](\\d{4})[- ](\\d{4})\n alphabet: numerics\n encodeFormat: $1-$2-$3-$4\n decodeFormats:\n last-four-digits: $4\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "alphabet": { "type": "string", @@ -32288,7 +32288,7 @@ } }, "vault:azure/getAccessCredentials:getAccessCredentials": { - "description": "## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst creds = vault.azure.getAccessCredentials({\n role: \"my-role\",\n validateCreds: true,\n numSequentialSuccesses: 8,\n numSecondsBetweenTests: 1,\n maxCredValidationSeconds: 300,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ncreds = vault.azure.get_access_credentials(role=\"my-role\",\n validate_creds=True,\n num_sequential_successes=8,\n num_seconds_between_tests=1,\n max_cred_validation_seconds=300)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var creds = Vault.Azure.GetAccessCredentials.Invoke(new()\n {\n Role = \"my-role\",\n ValidateCreds = true,\n NumSequentialSuccesses = 8,\n NumSecondsBetweenTests = 1,\n MaxCredValidationSeconds = 300,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/azure\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azure.GetAccessCredentials(ctx, \u0026azure.GetAccessCredentialsArgs{\n\t\t\tRole: \"my-role\",\n\t\t\tValidateCreds: pulumi.BoolRef(true),\n\t\t\tNumSequentialSuccesses: pulumi.IntRef(8),\n\t\t\tNumSecondsBetweenTests: pulumi.IntRef(1),\n\t\t\tMaxCredValidationSeconds: pulumi.IntRef(300),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.azure.AzureFunctions;\nimport com.pulumi.vault.azure.inputs.GetAccessCredentialsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var creds = AzureFunctions.getAccessCredentials(GetAccessCredentialsArgs.builder()\n .role(\"my-role\")\n .validateCreds(true)\n .numSequentialSuccesses(8)\n .numSecondsBetweenTests(1)\n .maxCredValidationSeconds(300)\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n creds:\n fn::invoke:\n Function: vault:azure:getAccessCredentials\n Arguments:\n role: my-role\n validateCreds: true\n numSequentialSuccesses: 8\n numSecondsBetweenTests: 1\n maxCredValidationSeconds: 300\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Caveats\n\nThe `validate_creds` option requires read-access to the `backend` config endpoint.\nIf the effective Vault role does not have the required permissions then valid values \nare required to be set for: `subscription_id`, `tenant_id`, `environment`.\n", + "description": "## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst creds = vault.azure.getAccessCredentials({\n role: \"my-role\",\n validateCreds: true,\n numSequentialSuccesses: 8,\n numSecondsBetweenTests: 1,\n maxCredValidationSeconds: 300,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ncreds = vault.azure.get_access_credentials(role=\"my-role\",\n validate_creds=True,\n num_sequential_successes=8,\n num_seconds_between_tests=1,\n max_cred_validation_seconds=300)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var creds = Vault.Azure.GetAccessCredentials.Invoke(new()\n {\n Role = \"my-role\",\n ValidateCreds = true,\n NumSequentialSuccesses = 8,\n NumSecondsBetweenTests = 1,\n MaxCredValidationSeconds = 300,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/azure\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azure.GetAccessCredentials(ctx, \u0026azure.GetAccessCredentialsArgs{\n\t\t\tRole: \"my-role\",\n\t\t\tValidateCreds: pulumi.BoolRef(true),\n\t\t\tNumSequentialSuccesses: pulumi.IntRef(8),\n\t\t\tNumSecondsBetweenTests: pulumi.IntRef(1),\n\t\t\tMaxCredValidationSeconds: pulumi.IntRef(300),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.azure.AzureFunctions;\nimport com.pulumi.vault.azure.inputs.GetAccessCredentialsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var creds = AzureFunctions.getAccessCredentials(GetAccessCredentialsArgs.builder()\n .role(\"my-role\")\n .validateCreds(true)\n .numSequentialSuccesses(8)\n .numSecondsBetweenTests(1)\n .maxCredValidationSeconds(300)\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n creds:\n fn::invoke:\n Function: vault:azure:getAccessCredentials\n Arguments:\n role: my-role\n validateCreds: true\n numSequentialSuccesses: 8\n numSecondsBetweenTests: 1\n maxCredValidationSeconds: 300\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Caveats\n\nThe `validate_creds` option requires read-access to the `backend` config endpoint.\nIf the effective Vault role does not have the required permissions then valid values\nare required to be set for: `subscription_id`, `tenant_id`, `environment`.\n", "inputs": { "description": "A collection of arguments for invoking getAccessCredentials.\n", "properties": { @@ -32298,11 +32298,11 @@ }, "environment": { "type": "string", - "description": "The Azure environment to use during credential validation.\nDefaults to the environment configured in the Vault backend.\nSome possible values: `AzurePublicCloud`, `AzureGovernmentCloud`\n*See the caveats section for more information on this field.*\n" + "description": "The Azure environment to use during credential validation.\nDefaults to the environment configured in the Vault backend.\nSome possible values: `AzurePublicCloud`, `AzureGovernmentCloud`*See the caveats section for more information on this field.*\n" }, "maxCredValidationSeconds": { "type": "integer", - "description": "If 'validate_creds' is true, \nthe number of seconds after which to give up validating credentials. Defaults\nto 300.\n" + "description": "If 'validate_creds' is true,\nthe number of seconds after which to give up validating credentials. Defaults\nto 300.\n" }, "namespace": { "type": "string", @@ -32311,11 +32311,11 @@ }, "numSecondsBetweenTests": { "type": "integer", - "description": "If 'validate_creds' is true, \nthe number of seconds to wait between each test of generated credentials.\nDefaults to 1.\n" + "description": "If 'validate_creds' is true,\nthe number of seconds to wait between each test of generated credentials.\nDefaults to 1.\n" }, "numSequentialSuccesses": { "type": "integer", - "description": "If 'validate_creds' is true, \nthe number of sequential successes required to validate generated\ncredentials. Defaults to 8.\n" + "description": "If 'validate_creds' is true,\nthe number of sequential successes required to validate generated\ncredentials. Defaults to 8.\n" }, "role": { "type": "string", @@ -32323,15 +32323,15 @@ }, "subscriptionId": { "type": "string", - "description": "The subscription ID to use during credential\nvalidation. Defaults to the subscription ID configured in the Vault `backend`.\n*See the caveats section for more information on this field.*\n" + "description": "The subscription ID to use during credential\nvalidation. Defaults to the subscription ID configured in the Vault `backend`.*See the caveats section for more information on this field.*\n" }, "tenantId": { "type": "string", - "description": "The tenant ID to use during credential validation.\nDefaults to the tenant ID configured in the Vault `backend`.\n*See the caveats section for more information on this field.*\n" + "description": "The tenant ID to use during credential validation.\nDefaults to the tenant ID configured in the Vault `backend`.*See the caveats section for more information on this field.*\n" }, "validateCreds": { "type": "boolean", - "description": "Whether generated credentials should be \nvalidated before being returned. Defaults to `false`, which returns\ncredentials without checking whether they have fully propagated throughout\nAzure Active Directory. Designating `true` activates testing.\n" + "description": "Whether generated credentials should be\nvalidated before being returned. Defaults to `false`, which returns\ncredentials without checking whether they have fully propagated throughout\nAzure Active Directory. Designating `true` activates testing.\n" } }, "type": "object", @@ -32608,7 +32608,7 @@ } }, "vault:generic/getSecret:getSecret": { - "description": "## Example Usage\n\n### Generic secret\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst rundeckAuth = vault.generic.getSecret({\n path: \"secret/rundeck_auth\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nrundeck_auth = vault.generic.get_secret(path=\"secret/rundeck_auth\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var rundeckAuth = Vault.Generic.GetSecret.Invoke(new()\n {\n Path = \"secret/rundeck_auth\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/generic\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := generic.LookupSecret(ctx, \u0026generic.LookupSecretArgs{\n\t\t\tPath: \"secret/rundeck_auth\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.generic.GenericFunctions;\nimport com.pulumi.vault.generic.inputs.GetSecretArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var rundeckAuth = GenericFunctions.getSecret(GetSecretArgs.builder()\n .path(\"secret/rundeck_auth\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n rundeckAuth:\n fn::invoke:\n Function: vault:generic:getSecret\n Arguments:\n path: secret/rundeck_auth\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### KV \n\nFor this example, consider `example` as a path for a KV engine.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nfunction notImplemented(message: string) {\n throw new Error(message);\n}\n\nconst exampleCreds = vault.generic.getSecret({\n path: \"example/creds\",\n});\nconst exampleTemplate = notImplemented(\"The template_file data resource is not yet supported.\");\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\n\ndef not_implemented(msg):\n raise NotImplementedError(msg)\n\nexample_creds = vault.generic.get_secret(path=\"example/creds\")\nexample_template = not_implemented(\"The template_file data resource is not yet supported.\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\n\t\nobject NotImplemented(string errorMessage) \n{\n throw new System.NotImplementedException(errorMessage);\n}\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleCreds = Vault.Generic.GetSecret.Invoke(new()\n {\n Path = \"example/creds\",\n });\n\n var exampleTemplate = NotImplemented(\"The template_file data resource is not yet supported.\");\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/generic\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc notImplemented(message string) pulumi.AnyOutput {\n\tpanic(message)\n}\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := generic.LookupSecret(ctx, \u0026generic.LookupSecretArgs{\n\t\t\tPath: \"example/creds\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_ = notImplemented(\"The template_file data resource is not yet supported.\")\n\t\treturn nil\n\t})\n}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Required Vault Capabilities\n\nUse of this resource requires the `read` capability on the given path.\n", + "description": "## Example Usage\n\n### Generic secret\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst rundeckAuth = vault.generic.getSecret({\n path: \"secret/rundeck_auth\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nrundeck_auth = vault.generic.get_secret(path=\"secret/rundeck_auth\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var rundeckAuth = Vault.Generic.GetSecret.Invoke(new()\n {\n Path = \"secret/rundeck_auth\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/generic\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := generic.LookupSecret(ctx, \u0026generic.LookupSecretArgs{\n\t\t\tPath: \"secret/rundeck_auth\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.generic.GenericFunctions;\nimport com.pulumi.vault.generic.inputs.GetSecretArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var rundeckAuth = GenericFunctions.getSecret(GetSecretArgs.builder()\n .path(\"secret/rundeck_auth\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n rundeckAuth:\n fn::invoke:\n Function: vault:generic:getSecret\n Arguments:\n path: secret/rundeck_auth\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### KV\n\nFor this example, consider `example` as a path for a KV engine.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nfunction notImplemented(message: string) {\n throw new Error(message);\n}\n\nconst exampleCreds = vault.generic.getSecret({\n path: \"example/creds\",\n});\nconst exampleTemplate = notImplemented(\"The template_file data resource is not yet supported.\");\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\n\ndef not_implemented(msg):\n raise NotImplementedError(msg)\n\nexample_creds = vault.generic.get_secret(path=\"example/creds\")\nexample_template = not_implemented(\"The template_file data resource is not yet supported.\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\n\t\nobject NotImplemented(string errorMessage) \n{\n throw new System.NotImplementedException(errorMessage);\n}\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleCreds = Vault.Generic.GetSecret.Invoke(new()\n {\n Path = \"example/creds\",\n });\n\n var exampleTemplate = NotImplemented(\"The template_file data resource is not yet supported.\");\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/generic\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc notImplemented(message string) pulumi.AnyOutput {\n\tpanic(message)\n}\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := generic.LookupSecret(ctx, \u0026generic.LookupSecretArgs{\n\t\t\tPath: \"example/creds\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_ = notImplemented(\"The template_file data resource is not yet supported.\")\n\t\treturn nil\n\t})\n}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Required Vault Capabilities\n\nUse of this resource requires the `read` capability on the given path.\n", "inputs": { "description": "A collection of arguments for invoking getSecret.\n", "properties": { @@ -33118,7 +33118,7 @@ "type": "string" }, "idTokenSigningAlgValuesSupporteds": { - "description": "The signing algorithms supported by \nthe provider.\n", + "description": "The signing algorithms supported by\nthe provider.\n", "items": { "type": "string" }, @@ -33139,7 +33139,7 @@ "type": "string" }, "requestUriParameterSupported": { - "description": "Specifies whether Request URI Parameter is \nsupported by the provider.\n", + "description": "Specifies whether Request URI Parameter is\nsupported by the provider.\n", "type": "boolean" }, "responseTypesSupporteds": { @@ -33226,7 +33226,7 @@ "type": "string" }, "keys": { - "description": "The public portion of keys for an OIDC provider. \nClients can use them to validate the authenticity of an identity token.\n", + "description": "The public portion of keys for an OIDC provider.\nClients can use them to validate the authenticity of an identity token.\n", "items": { "additionalProperties": { "type": "string" @@ -33503,7 +33503,7 @@ "description": "A collection of values returned by getNomadAccessToken.\n", "properties": { "accessorId": { - "description": "The public identifier for a specific token. It can be used \nto look up information about a token or to revoke a token.\n", + "description": "The public identifier for a specific token. It can be used\nto look up information about a token or to revoke a token.\n", "type": "string" }, "backend": { @@ -33943,15 +33943,15 @@ "properties": { "backend": { "type": "string", - "description": "The Kubernetes secret backend to generate service account \ntokens from.\n" + "description": "The Kubernetes secret backend to generate service account\ntokens from.\n" }, "clusterRoleBinding": { "type": "boolean", - "description": "If true, generate a ClusterRoleBinding to grant \npermissions across the whole cluster instead of within a namespace.\n" + "description": "If true, generate a ClusterRoleBinding to grant\npermissions across the whole cluster instead of within a namespace.\n" }, "kubernetesNamespace": { "type": "string", - "description": "The name of the Kubernetes namespace in which to \ngenerate the credentials.\n" + "description": "The name of the Kubernetes namespace in which to\ngenerate the credentials.\n" }, "namespace": { "type": "string", @@ -33960,11 +33960,11 @@ }, "role": { "type": "string", - "description": "The name of the Kubernetes secret backend role to generate service \naccount tokens from.\n" + "description": "The name of the Kubernetes secret backend role to generate service\naccount tokens from.\n" }, "ttl": { "type": "string", - "description": "The TTL of the generated Kubernetes service account token, specified in \nseconds or as a Go duration format string.\n" + "description": "The TTL of the generated Kubernetes service account token, specified in\nseconds or as a Go duration format string.\n" } }, "type": "object", @@ -34082,7 +34082,7 @@ "type": "string" }, "leaseDuration": { - "description": "The duration of the secret lease, in seconds. Once \nthis time has passed any plan generated with this data may fail to apply.\n", + "description": "The duration of the secret lease, in seconds. Once\nthis time has passed any plan generated with this data may fail to apply.\n", "type": "integer" }, "leaseId": { @@ -34090,7 +34090,7 @@ "type": "string" }, "leaseRenewable": { - "description": "True if the duration of this lease can be extended \nthrough renewal.\n", + "description": "True if the duration of this lease can be extended\nthrough renewal.\n", "type": "boolean" }, "namespace": { @@ -34136,7 +34136,7 @@ }, "version": { "type": "integer", - "description": "Specifies the version to return. If not \nset the latest version is returned.\n" + "description": "Specifies the version to return. If not\nset the latest version is returned.\n" } }, "type": "object", @@ -34719,7 +34719,7 @@ "type": "string" }, "manualChains": { - "description": "Chain of issuer references to build this issuer's computed \nCAChain field from, when non-empty.\n", + "description": "Chain of issuer references to build this issuer's computed\nCAChain field from, when non-empty.\n", "items": { "type": "string" }, diff --git a/provider/go.mod b/provider/go.mod index bec07cccd..cf7106bdb 100644 --- a/provider/go.mod +++ b/provider/go.mod @@ -1,12 +1,14 @@ module github.com/pulumi/pulumi-vault/provider/v6 -go 1.21.12 +go 1.22 + +toolchain go1.22.6 require ( github.com/hashicorp/terraform-provider-vault v0.0.0 github.com/pulumi/providertest v0.0.14 - github.com/pulumi/pulumi-terraform-bridge/v3 v3.89.1 - github.com/pulumi/pulumi/sdk/v3 v3.129.0 + github.com/pulumi/pulumi-terraform-bridge/v3 v3.89.2-0.20240903112845-b57b829e4fb3 + github.com/pulumi/pulumi/sdk/v3 v3.130.0 github.com/stretchr/testify v1.9.0 ) @@ -222,7 +224,7 @@ require ( github.com/pulumi/pulumi-java/pkg v0.14.0 // indirect github.com/pulumi/pulumi-terraform-bridge/x/muxer v0.0.8 // indirect github.com/pulumi/pulumi-yaml v1.9.2 // indirect - github.com/pulumi/pulumi/pkg/v3 v3.129.0 // indirect + github.com/pulumi/pulumi/pkg/v3 v3.130.0 // indirect github.com/pulumi/schema-tools v0.1.2 // indirect github.com/pulumi/terraform-diff-reader v0.0.2 // indirect github.com/rivo/uniseg v0.4.4 // indirect @@ -256,6 +258,7 @@ require ( github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect github.com/xeipuuv/gojsonschema v1.2.0 // indirect github.com/yuin/goldmark v1.7.4 // indirect + github.com/yuin/goldmark-meta v1.1.0 // indirect github.com/zclconf/go-cty v1.14.2 // indirect go.opencensus.io v0.24.0 // indirect go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.49.0 // indirect @@ -288,6 +291,7 @@ require ( gopkg.in/jcmturner/goidentity.v3 v3.0.0 // indirect gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 // indirect gopkg.in/warnings.v0 v0.1.2 // indirect + gopkg.in/yaml.v2 v2.4.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect k8s.io/utils v0.0.0-20240102154912-e7106e64919e // indirect lukechampine.com/frand v1.4.2 // indirect diff --git a/provider/go.sum b/provider/go.sum index 4df65d8e7..606dfba74 100644 --- a/provider/go.sum +++ b/provider/go.sum @@ -2857,16 +2857,16 @@ github.com/pulumi/providertest v0.0.14 h1:5QlAPAAs82jkQraHsJvq1xgVfC7xtW8sFJwv2p github.com/pulumi/providertest v0.0.14/go.mod h1:GcsqEGgSngwaNOD+kICJPIUQlnA911fGBU8HDlJvVL0= github.com/pulumi/pulumi-java/pkg v0.14.0 h1:CKL7lLF81Fq6VRhA5TNFsSMnHraTNCUzIhqCzYX8Wzk= github.com/pulumi/pulumi-java/pkg v0.14.0/go.mod h1:VybuJMWJtJc9ZNbt1kcYH4TbpocMx9mEi7YWL2Co99c= -github.com/pulumi/pulumi-terraform-bridge/v3 v3.89.1 h1:FLQknb6r3r/uaj1XLbouFF88eF1Fk0h4JOVS9kHKDRY= -github.com/pulumi/pulumi-terraform-bridge/v3 v3.89.1/go.mod h1:JAxygKR/XGW6zIv6iOP6sHAYjZ7OCtqU7j6Od1lUk38= +github.com/pulumi/pulumi-terraform-bridge/v3 v3.89.2-0.20240903112845-b57b829e4fb3 h1:nxvJ7DInpz9vc4OX3AgNauEg5BAj4Ktg1zyIQKR9m7U= +github.com/pulumi/pulumi-terraform-bridge/v3 v3.89.2-0.20240903112845-b57b829e4fb3/go.mod h1:5gU+5V5J+JYbKL+b5OECdNWRZ13hRfOywNRJtQMhQG4= github.com/pulumi/pulumi-terraform-bridge/x/muxer v0.0.8 h1:mav2tSitA9BPJPLLahKgepHyYsMzwaTm4cvp0dcTMYw= github.com/pulumi/pulumi-terraform-bridge/x/muxer v0.0.8/go.mod h1:qUYk2c9i/yqMGNj9/bQyXpS39BxNDSXYjVN1njnq0zY= github.com/pulumi/pulumi-yaml v1.9.2 h1:BCUuRPA1USmFXrExiHRU8yJ+OiphLYnroPxKRgGCJrs= github.com/pulumi/pulumi-yaml v1.9.2/go.mod h1:sIh/Oa/NLRGTojevh8D2/cPDPvo2j9iXegVDQIKKfw4= -github.com/pulumi/pulumi/pkg/v3 v3.129.0 h1:n4Jd4ctlvw3eqyHglb/yJKDtRqjOvdkCBfG5T+orU30= -github.com/pulumi/pulumi/pkg/v3 v3.129.0/go.mod h1:W3c7JgO064kUH5IfyQMCgmsAr5iwr3PO6KEeIQiO0dY= -github.com/pulumi/pulumi/sdk/v3 v3.129.0 h1:uZpTTwWTx7Mk8UT9FgatzxzArim47vZ6hzNCKvgvX6A= -github.com/pulumi/pulumi/sdk/v3 v3.129.0/go.mod h1:p1U24en3zt51agx+WlNboSOV8eLlPWYAkxMzVEXKbnY= +github.com/pulumi/pulumi/pkg/v3 v3.130.0 h1:lS51XeCnhg72LXkMiw2FP1cGP+Y85wYD3quWhCPD5+M= +github.com/pulumi/pulumi/pkg/v3 v3.130.0/go.mod h1:jhZ1Ug5Rl1qivexgEWvmwSWYIT/jRnKSFhLwwv6PrZ0= +github.com/pulumi/pulumi/sdk/v3 v3.130.0 h1:gGJNd+akPqhZ+vrsZmAjSNJn6kGJkitjjkwrmIQMmn8= +github.com/pulumi/pulumi/sdk/v3 v3.130.0/go.mod h1:p1U24en3zt51agx+WlNboSOV8eLlPWYAkxMzVEXKbnY= github.com/pulumi/schema-tools v0.1.2 h1:Fd9xvUjgck4NA+7/jSk7InqCUT4Kj940+EcnbQKpfZo= github.com/pulumi/schema-tools v0.1.2/go.mod h1:62lgj52Tzq11eqWTIaKd+EVyYAu5dEcDJxMhTjvMO/k= github.com/pulumi/terraform-diff-reader v0.0.2 h1:kTE4nEXU3/SYXESvAIem+wyHMI3abqkI3OhJ0G04LLI= @@ -3106,6 +3106,8 @@ github.com/yuin/goldmark v1.4.1/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1 github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= github.com/yuin/goldmark v1.7.4 h1:BDXOHExt+A7gwPCJgPIIq7ENvceR7we7rOS9TNoLZeg= github.com/yuin/goldmark v1.7.4/go.mod h1:uzxRWxtg69N339t3louHJ7+O03ezfj6PlliRlaOzY1E= +github.com/yuin/goldmark-meta v1.1.0 h1:pWw+JLHGZe8Rk0EGsMVssiNb/AaPMHfSRszZeUeiOUc= +github.com/yuin/goldmark-meta v1.1.0/go.mod h1:U4spWENafuA7Zyg+Lj5RqK/MF+ovMYtBvXi1lBb2VP0= github.com/yvasiyarov/go-metrics v0.0.0-20140926110328-57bccd1ccd43/go.mod h1:aX5oPXxHm3bOH+xeAttToC8pqch2ScQN/JoXYupl6xs= github.com/yvasiyarov/gorelic v0.0.0-20141212073537-a9bba5b9ab50/go.mod h1:NUSPSUX/bi6SeDMUh6brw0nXpxHnc96TguQh0+r/ssA= github.com/yvasiyarov/newrelic_platform_go v0.0.0-20140908184405-b21fdbd4370f/go.mod h1:GlGEuHIJweS1mbCqG+7vt2nvWLzLLnRHbXz5JKd/Qbg= diff --git a/sdk/dotnet/Audit.cs b/sdk/dotnet/Audit.cs index ff5820b9c..d20280b80 100644 --- a/sdk/dotnet/Audit.cs +++ b/sdk/dotnet/Audit.cs @@ -12,7 +12,7 @@ namespace Pulumi.Vault /// /// ## Example Usage /// - /// ### File Audit Device) + /// ### file audit device) /// /// ```csharp /// using System.Collections.Generic; @@ -34,7 +34,7 @@ namespace Pulumi.Vault /// }); /// ``` /// - /// ### Socket Audit Device) + /// ### socket audit device) /// /// ```csharp /// using System.Collections.Generic; diff --git a/sdk/dotnet/Aws/AuthBackendClient.cs b/sdk/dotnet/Aws/AuthBackendClient.cs index 6b1337283..e067056d5 100644 --- a/sdk/dotnet/Aws/AuthBackendClient.cs +++ b/sdk/dotnet/Aws/AuthBackendClient.cs @@ -107,7 +107,7 @@ public partial class AuthBackendClient : global::Pulumi.CustomResource public Output IamServerIdHeaderValue { get; private set; } = null!; /// - /// The audience claim value. Mutually exclusive with `access_key`. + /// The audience claim value. Mutually exclusive with `access_key`. /// Requires Vault 1.17+. *Available only for Vault Enterprise* /// [Output("identityTokenAudience")] @@ -121,7 +121,7 @@ public partial class AuthBackendClient : global::Pulumi.CustomResource public Output IdentityTokenTtl { get; private set; } = null!; /// - /// Number of max retries the client should use for recoverable errors. + /// Number of max retries the client should use for recoverable errors. /// The default `-1` falls back to the AWS SDK's default behavior. /// [Output("maxRetries")] @@ -158,14 +158,14 @@ public partial class AuthBackendClient : global::Pulumi.CustomResource public Output StsEndpoint { get; private set; } = null!; /// - /// Override the default region when making STS API + /// Override the default region when making STS API /// calls. The `sts_endpoint` argument must be set when using `sts_region`. /// [Output("stsRegion")] public Output StsRegion { get; private set; } = null!; /// - /// Available in Vault v1.15+. If set, + /// Available in Vault v1.15+. If set, /// overrides both `sts_endpoint` and `sts_region` to instead use the region /// specified in the client request headers for IAM-based authentication. /// This can be useful when you have client requests coming from different @@ -272,7 +272,7 @@ public Input? AccessKey public Input? IamServerIdHeaderValue { get; set; } /// - /// The audience claim value. Mutually exclusive with `access_key`. + /// The audience claim value. Mutually exclusive with `access_key`. /// Requires Vault 1.17+. *Available only for Vault Enterprise* /// [Input("identityTokenAudience")] @@ -286,7 +286,7 @@ public Input? AccessKey public Input? IdentityTokenTtl { get; set; } /// - /// Number of max retries the client should use for recoverable errors. + /// Number of max retries the client should use for recoverable errors. /// The default `-1` falls back to the AWS SDK's default behavior. /// [Input("maxRetries")] @@ -333,14 +333,14 @@ public Input? SecretKey public Input? StsEndpoint { get; set; } /// - /// Override the default region when making STS API + /// Override the default region when making STS API /// calls. The `sts_endpoint` argument must be set when using `sts_region`. /// [Input("stsRegion")] public Input? StsRegion { get; set; } /// - /// Available in Vault v1.15+. If set, + /// Available in Vault v1.15+. If set, /// overrides both `sts_endpoint` and `sts_region` to instead use the region /// specified in the client request headers for IAM-based authentication. /// This can be useful when you have client requests coming from different @@ -404,7 +404,7 @@ public Input? AccessKey public Input? IamServerIdHeaderValue { get; set; } /// - /// The audience claim value. Mutually exclusive with `access_key`. + /// The audience claim value. Mutually exclusive with `access_key`. /// Requires Vault 1.17+. *Available only for Vault Enterprise* /// [Input("identityTokenAudience")] @@ -418,7 +418,7 @@ public Input? AccessKey public Input? IdentityTokenTtl { get; set; } /// - /// Number of max retries the client should use for recoverable errors. + /// Number of max retries the client should use for recoverable errors. /// The default `-1` falls back to the AWS SDK's default behavior. /// [Input("maxRetries")] @@ -465,14 +465,14 @@ public Input? SecretKey public Input? StsEndpoint { get; set; } /// - /// Override the default region when making STS API + /// Override the default region when making STS API /// calls. The `sts_endpoint` argument must be set when using `sts_region`. /// [Input("stsRegion")] public Input? StsRegion { get; set; } /// - /// Available in Vault v1.15+. If set, + /// Available in Vault v1.15+. If set, /// overrides both `sts_endpoint` and `sts_region` to instead use the region /// specified in the client request headers for IAM-based authentication. /// This can be useful when you have client requests coming from different diff --git a/sdk/dotnet/Aws/SecretBackendRole.cs b/sdk/dotnet/Aws/SecretBackendRole.cs index b25e8e59e..cce033ec2 100644 --- a/sdk/dotnet/Aws/SecretBackendRole.cs +++ b/sdk/dotnet/Aws/SecretBackendRole.cs @@ -84,7 +84,7 @@ public partial class SecretBackendRole : global::Pulumi.CustomResource public Output DefaultStsTtl { get; private set; } = null!; /// - /// External ID to set for assume role creds. + /// External ID to set for assume role creds. /// Valid only when `credential_type` is set to `assumed_role`. /// [Output("externalId")] @@ -133,7 +133,7 @@ public partial class SecretBackendRole : global::Pulumi.CustomResource public Output Namespace { get; private set; } = null!; /// - /// The ARN of the AWS Permissions + /// The ARN of the AWS Permissions /// Boundary to attach to IAM users created in the role. Valid only when /// `credential_type` is `iam_user`. If not specified, then no permissions boundary /// policy will be attached. @@ -180,7 +180,7 @@ public partial class SecretBackendRole : global::Pulumi.CustomResource public Output?> SessionTags { get; private set; } = null!; /// - /// The path for the user name. Valid only when + /// The path for the user name. Valid only when /// `credential_type` is `iam_user`. Default is `/`. /// [Output("userPath")] @@ -258,7 +258,7 @@ public sealed class SecretBackendRoleArgs : global::Pulumi.ResourceArgs public Input? DefaultStsTtl { get; set; } /// - /// External ID to set for assume role creds. + /// External ID to set for assume role creds. /// Valid only when `credential_type` is set to `assumed_role`. /// [Input("externalId")] @@ -319,7 +319,7 @@ public InputMap IamTags public Input? Namespace { get; set; } /// - /// The ARN of the AWS Permissions + /// The ARN of the AWS Permissions /// Boundary to attach to IAM users created in the role. Valid only when /// `credential_type` is `iam_user`. If not specified, then no permissions boundary /// policy will be attached. @@ -384,7 +384,7 @@ public InputMap SessionTags } /// - /// The path for the user name. Valid only when + /// The path for the user name. Valid only when /// `credential_type` is `iam_user`. Default is `/`. /// [Input("userPath")] @@ -424,7 +424,7 @@ public sealed class SecretBackendRoleState : global::Pulumi.ResourceArgs public Input? DefaultStsTtl { get; set; } /// - /// External ID to set for assume role creds. + /// External ID to set for assume role creds. /// Valid only when `credential_type` is set to `assumed_role`. /// [Input("externalId")] @@ -485,7 +485,7 @@ public InputMap IamTags public Input? Namespace { get; set; } /// - /// The ARN of the AWS Permissions + /// The ARN of the AWS Permissions /// Boundary to attach to IAM users created in the role. Valid only when /// `credential_type` is `iam_user`. If not specified, then no permissions boundary /// policy will be attached. @@ -550,7 +550,7 @@ public InputMap SessionTags } /// - /// The path for the user name. Valid only when + /// The path for the user name. Valid only when /// `credential_type` is `iam_user`. Default is `/`. /// [Input("userPath")] diff --git a/sdk/dotnet/Azure/Backend.cs b/sdk/dotnet/Azure/Backend.cs index 353ff0483..9ce71c3e2 100644 --- a/sdk/dotnet/Azure/Backend.cs +++ b/sdk/dotnet/Azure/Backend.cs @@ -12,7 +12,7 @@ namespace Pulumi.Vault.Azure /// /// ## Example Usage /// - /// ### *Vault-1.9 And Above* + /// ### vault-1.9 and above /// /// You can setup the Azure secrets engine with Workload Identity Federation (WIF) for a secret-less configuration: /// ```csharp @@ -56,7 +56,7 @@ namespace Pulumi.Vault.Azure /// }); /// ``` /// - /// ### *Vault-1.8 And Below* + /// ### vault-1.8 and below /// /// ```csharp /// using System.Collections.Generic; diff --git a/sdk/dotnet/Azure/GetAccessCredentials.cs b/sdk/dotnet/Azure/GetAccessCredentials.cs index f58bc4820..13c582ccf 100644 --- a/sdk/dotnet/Azure/GetAccessCredentials.cs +++ b/sdk/dotnet/Azure/GetAccessCredentials.cs @@ -37,7 +37,7 @@ public static class GetAccessCredentials /// ## Caveats /// /// The `validate_creds` option requires read-access to the `backend` config endpoint. - /// If the effective Vault role does not have the required permissions then valid values + /// If the effective Vault role does not have the required permissions then valid values /// are required to be set for: `subscription_id`, `tenant_id`, `environment`. /// public static Task InvokeAsync(GetAccessCredentialsArgs args, InvokeOptions? options = null) @@ -69,7 +69,7 @@ public static Task InvokeAsync(GetAccessCredentialsA /// ## Caveats /// /// The `validate_creds` option requires read-access to the `backend` config endpoint. - /// If the effective Vault role does not have the required permissions then valid values + /// If the effective Vault role does not have the required permissions then valid values /// are required to be set for: `subscription_id`, `tenant_id`, `environment`. /// public static Output Invoke(GetAccessCredentialsInvokeArgs args, InvokeOptions? options = null) @@ -89,14 +89,13 @@ public sealed class GetAccessCredentialsArgs : global::Pulumi.InvokeArgs /// /// The Azure environment to use during credential validation. /// Defaults to the environment configured in the Vault backend. - /// Some possible values: `AzurePublicCloud`, `AzureGovernmentCloud` - /// *See the caveats section for more information on this field.* + /// Some possible values: `AzurePublicCloud`, `AzureGovernmentCloud`*See the caveats section for more information on this field.* /// [Input("environment")] public string? Environment { get; set; } /// - /// If 'validate_creds' is true, + /// If 'validate_creds' is true, /// the number of seconds after which to give up validating credentials. Defaults /// to 300. /// @@ -113,7 +112,7 @@ public sealed class GetAccessCredentialsArgs : global::Pulumi.InvokeArgs public string? Namespace { get; set; } /// - /// If 'validate_creds' is true, + /// If 'validate_creds' is true, /// the number of seconds to wait between each test of generated credentials. /// Defaults to 1. /// @@ -121,7 +120,7 @@ public sealed class GetAccessCredentialsArgs : global::Pulumi.InvokeArgs public int? NumSecondsBetweenTests { get; set; } /// - /// If 'validate_creds' is true, + /// If 'validate_creds' is true, /// the number of sequential successes required to validate generated /// credentials. Defaults to 8. /// @@ -137,22 +136,20 @@ public sealed class GetAccessCredentialsArgs : global::Pulumi.InvokeArgs /// /// The subscription ID to use during credential - /// validation. Defaults to the subscription ID configured in the Vault `backend`. - /// *See the caveats section for more information on this field.* + /// validation. Defaults to the subscription ID configured in the Vault `backend`.*See the caveats section for more information on this field.* /// [Input("subscriptionId")] public string? SubscriptionId { get; set; } /// /// The tenant ID to use during credential validation. - /// Defaults to the tenant ID configured in the Vault `backend`. - /// *See the caveats section for more information on this field.* + /// Defaults to the tenant ID configured in the Vault `backend`.*See the caveats section for more information on this field.* /// [Input("tenantId")] public string? TenantId { get; set; } /// - /// Whether generated credentials should be + /// Whether generated credentials should be /// validated before being returned. Defaults to `false`, which returns /// credentials without checking whether they have fully propagated throughout /// Azure Active Directory. Designating `true` activates testing. @@ -178,14 +175,13 @@ public sealed class GetAccessCredentialsInvokeArgs : global::Pulumi.InvokeArgs /// /// The Azure environment to use during credential validation. /// Defaults to the environment configured in the Vault backend. - /// Some possible values: `AzurePublicCloud`, `AzureGovernmentCloud` - /// *See the caveats section for more information on this field.* + /// Some possible values: `AzurePublicCloud`, `AzureGovernmentCloud`*See the caveats section for more information on this field.* /// [Input("environment")] public Input? Environment { get; set; } /// - /// If 'validate_creds' is true, + /// If 'validate_creds' is true, /// the number of seconds after which to give up validating credentials. Defaults /// to 300. /// @@ -202,7 +198,7 @@ public sealed class GetAccessCredentialsInvokeArgs : global::Pulumi.InvokeArgs public Input? Namespace { get; set; } /// - /// If 'validate_creds' is true, + /// If 'validate_creds' is true, /// the number of seconds to wait between each test of generated credentials. /// Defaults to 1. /// @@ -210,7 +206,7 @@ public sealed class GetAccessCredentialsInvokeArgs : global::Pulumi.InvokeArgs public Input? NumSecondsBetweenTests { get; set; } /// - /// If 'validate_creds' is true, + /// If 'validate_creds' is true, /// the number of sequential successes required to validate generated /// credentials. Defaults to 8. /// @@ -226,22 +222,20 @@ public sealed class GetAccessCredentialsInvokeArgs : global::Pulumi.InvokeArgs /// /// The subscription ID to use during credential - /// validation. Defaults to the subscription ID configured in the Vault `backend`. - /// *See the caveats section for more information on this field.* + /// validation. Defaults to the subscription ID configured in the Vault `backend`.*See the caveats section for more information on this field.* /// [Input("subscriptionId")] public Input? SubscriptionId { get; set; } /// /// The tenant ID to use during credential validation. - /// Defaults to the tenant ID configured in the Vault `backend`. - /// *See the caveats section for more information on this field.* + /// Defaults to the tenant ID configured in the Vault `backend`.*See the caveats section for more information on this field.* /// [Input("tenantId")] public Input? TenantId { get; set; } /// - /// Whether generated credentials should be + /// Whether generated credentials should be /// validated before being returned. Defaults to `false`, which returns /// credentials without checking whether they have fully propagated throughout /// Azure Active Directory. Designating `true` activates testing. diff --git a/sdk/dotnet/Consul/SecretBackend.cs b/sdk/dotnet/Consul/SecretBackend.cs index 160ba9cbc..1053bc35f 100644 --- a/sdk/dotnet/Consul/SecretBackend.cs +++ b/sdk/dotnet/Consul/SecretBackend.cs @@ -12,7 +12,7 @@ namespace Pulumi.Vault.Consul /// /// ## Example Usage /// - /// ### Creating a standard backend resource: + /// #### Creating a standard backend resource: /// ```csharp /// using System.Collections.Generic; /// using System.Linq; @@ -32,7 +32,7 @@ namespace Pulumi.Vault.Consul /// }); /// ``` /// - /// ### Creating a backend resource to bootstrap a new Consul instance: + /// #### Creating a backend resource to bootstrap a new Consul instance: /// ```csharp /// using System.Collections.Generic; /// using System.Linq; diff --git a/sdk/dotnet/Database/SecretsMount.cs b/sdk/dotnet/Database/SecretsMount.cs index bc0ac85a9..241f24a11 100644 --- a/sdk/dotnet/Database/SecretsMount.cs +++ b/sdk/dotnet/Database/SecretsMount.cs @@ -126,15 +126,13 @@ public partial class SecretsMount : global::Pulumi.CustomResource public Output> AuditNonHmacResponseKeys { get; private set; } = null!; /// - /// A nested block containing configuration options for Cassandra connections. - /// *See Configuration Options for more info* + /// A nested block containing configuration options for Cassandra connections.*See Configuration Options for more info* /// [Output("cassandras")] public Output> Cassandras { get; private set; } = null!; /// - /// A nested block containing configuration options for Couchbase connections. - /// *See Configuration Options for more info* + /// A nested block containing configuration options for Couchbase connections.*See Configuration Options for more info* /// [Output("couchbases")] public Output> Couchbases { get; private set; } = null!; @@ -158,8 +156,7 @@ public partial class SecretsMount : global::Pulumi.CustomResource public Output Description { get; private set; } = null!; /// - /// A nested block containing configuration options for Elasticsearch connections. - /// *See Configuration Options for more info* + /// A nested block containing configuration options for Elasticsearch connections.*See Configuration Options for more info* /// [Output("elasticsearches")] public Output> Elasticsearches { get; private set; } = null!; @@ -177,8 +174,7 @@ public partial class SecretsMount : global::Pulumi.CustomResource public Output ExternalEntropyAccess { get; private set; } = null!; /// - /// A nested block containing configuration options for SAP HanaDB connections. - /// *See Configuration Options for more info* + /// A nested block containing configuration options for SAP HanaDB connections.*See Configuration Options for more info* /// [Output("hanas")] public Output> Hanas { get; private set; } = null!; @@ -190,8 +186,7 @@ public partial class SecretsMount : global::Pulumi.CustomResource public Output IdentityTokenKey { get; private set; } = null!; /// - /// A nested block containing configuration options for InfluxDB connections. - /// *See Configuration Options for more info* + /// A nested block containing configuration options for InfluxDB connections.*See Configuration Options for more info* /// [Output("influxdbs")] public Output> Influxdbs { get; private set; } = null!; @@ -215,50 +210,43 @@ public partial class SecretsMount : global::Pulumi.CustomResource public Output MaxLeaseTtlSeconds { get; private set; } = null!; /// - /// A nested block containing configuration options for MongoDB Atlas connections. - /// *See Configuration Options for more info* + /// A nested block containing configuration options for MongoDB Atlas connections.*See Configuration Options for more info* /// [Output("mongodbatlas")] public Output> Mongodbatlas { get; private set; } = null!; /// - /// A nested block containing configuration options for MongoDB connections. - /// *See Configuration Options for more info* + /// A nested block containing configuration options for MongoDB connections.*See Configuration Options for more info* /// [Output("mongodbs")] public Output> Mongodbs { get; private set; } = null!; /// - /// A nested block containing configuration options for MSSQL connections. - /// *See Configuration Options for more info* + /// A nested block containing configuration options for MSSQL connections.*See Configuration Options for more info* /// [Output("mssqls")] public Output> Mssqls { get; private set; } = null!; /// - /// A nested block containing configuration options for Aurora MySQL connections. - /// *See Configuration Options for more info* + /// A nested block containing configuration options for Aurora MySQL connections.*See Configuration Options for more info* /// [Output("mysqlAuroras")] public Output> MysqlAuroras { get; private set; } = null!; /// - /// A nested block containing configuration options for legacy MySQL connections. - /// *See Configuration Options for more info* + /// A nested block containing configuration options for legacy MySQL connections.*See Configuration Options for more info* /// [Output("mysqlLegacies")] public Output> MysqlLegacies { get; private set; } = null!; /// - /// A nested block containing configuration options for RDS MySQL connections. - /// *See Configuration Options for more info* + /// A nested block containing configuration options for RDS MySQL connections.*See Configuration Options for more info* /// [Output("mysqlRds")] public Output> MysqlRds { get; private set; } = null!; /// - /// A nested block containing configuration options for MySQL connections. - /// *See Configuration Options for more info* + /// A nested block containing configuration options for MySQL connections.*See Configuration Options for more info* /// [Output("mysqls")] public Output> Mysqls { get; private set; } = null!; @@ -276,8 +264,7 @@ public partial class SecretsMount : global::Pulumi.CustomResource public Output?> Options { get; private set; } = null!; /// - /// A nested block containing configuration options for Oracle connections. - /// *See Configuration Options for more info* + /// A nested block containing configuration options for Oracle connections.*See Configuration Options for more info* /// [Output("oracles")] public Output> Oracles { get; private set; } = null!; @@ -301,29 +288,25 @@ public partial class SecretsMount : global::Pulumi.CustomResource public Output PluginVersion { get; private set; } = null!; /// - /// A nested block containing configuration options for PostgreSQL connections. - /// *See Configuration Options for more info* + /// A nested block containing configuration options for PostgreSQL connections.*See Configuration Options for more info* /// [Output("postgresqls")] public Output> Postgresqls { get; private set; } = null!; /// - /// A nested block containing configuration options for Redis connections. - /// *See Configuration Options for more info* + /// A nested block containing configuration options for Redis connections.*See Configuration Options for more info* /// [Output("redis")] public Output> Redis { get; private set; } = null!; /// - /// A nested block containing configuration options for Redis ElastiCache connections. - /// *See Configuration Options for more info* + /// A nested block containing configuration options for Redis ElastiCache connections.*See Configuration Options for more info* /// [Output("redisElasticaches")] public Output> RedisElasticaches { get; private set; } = null!; /// - /// A nested block containing configuration options for AWS Redshift connections. - /// *See Configuration Options for more info* + /// A nested block containing configuration options for AWS Redshift connections.*See Configuration Options for more info* /// [Output("redshifts")] public Output> Redshifts { get; private set; } = null!; @@ -335,8 +318,7 @@ public partial class SecretsMount : global::Pulumi.CustomResource public Output SealWrap { get; private set; } = null!; /// - /// A nested block containing configuration options for Snowflake connections. - /// *See Configuration Options for more info* + /// A nested block containing configuration options for Snowflake connections.*See Configuration Options for more info* /// [Output("snowflakes")] public Output> Snowflakes { get; private set; } = null!; @@ -441,8 +423,7 @@ public InputList AuditNonHmacResponseKeys private InputList? _cassandras; /// - /// A nested block containing configuration options for Cassandra connections. - /// *See Configuration Options for more info* + /// A nested block containing configuration options for Cassandra connections.*See Configuration Options for more info* /// public InputList Cassandras { @@ -454,8 +435,7 @@ public InputList Cassandras private InputList? _couchbases; /// - /// A nested block containing configuration options for Couchbase connections. - /// *See Configuration Options for more info* + /// A nested block containing configuration options for Couchbase connections.*See Configuration Options for more info* /// public InputList Couchbases { @@ -491,8 +471,7 @@ public InputList DelegatedAuthAccessors private InputList? _elasticsearches; /// - /// A nested block containing configuration options for Elasticsearch connections. - /// *See Configuration Options for more info* + /// A nested block containing configuration options for Elasticsearch connections.*See Configuration Options for more info* /// public InputList Elasticsearches { @@ -510,8 +489,7 @@ public InputList Elasticsearches private InputList? _hanas; /// - /// A nested block containing configuration options for SAP HanaDB connections. - /// *See Configuration Options for more info* + /// A nested block containing configuration options for SAP HanaDB connections.*See Configuration Options for more info* /// public InputList Hanas { @@ -529,8 +507,7 @@ public InputList Hanas private InputList? _influxdbs; /// - /// A nested block containing configuration options for InfluxDB connections. - /// *See Configuration Options for more info* + /// A nested block containing configuration options for InfluxDB connections.*See Configuration Options for more info* /// public InputList Influxdbs { @@ -560,8 +537,7 @@ public InputList Influxdbs private InputList? _mongodbatlas; /// - /// A nested block containing configuration options for MongoDB Atlas connections. - /// *See Configuration Options for more info* + /// A nested block containing configuration options for MongoDB Atlas connections.*See Configuration Options for more info* /// public InputList Mongodbatlas { @@ -573,8 +549,7 @@ public InputList Mongodbatlas private InputList? _mongodbs; /// - /// A nested block containing configuration options for MongoDB connections. - /// *See Configuration Options for more info* + /// A nested block containing configuration options for MongoDB connections.*See Configuration Options for more info* /// public InputList Mongodbs { @@ -586,8 +561,7 @@ public InputList Mongodbs private InputList? _mssqls; /// - /// A nested block containing configuration options for MSSQL connections. - /// *See Configuration Options for more info* + /// A nested block containing configuration options for MSSQL connections.*See Configuration Options for more info* /// public InputList Mssqls { @@ -599,8 +573,7 @@ public InputList Mssqls private InputList? _mysqlAuroras; /// - /// A nested block containing configuration options for Aurora MySQL connections. - /// *See Configuration Options for more info* + /// A nested block containing configuration options for Aurora MySQL connections.*See Configuration Options for more info* /// public InputList MysqlAuroras { @@ -612,8 +585,7 @@ public InputList MysqlAuroras private InputList? _mysqlLegacies; /// - /// A nested block containing configuration options for legacy MySQL connections. - /// *See Configuration Options for more info* + /// A nested block containing configuration options for legacy MySQL connections.*See Configuration Options for more info* /// public InputList MysqlLegacies { @@ -625,8 +597,7 @@ public InputList MysqlLegacies private InputList? _mysqlRds; /// - /// A nested block containing configuration options for RDS MySQL connections. - /// *See Configuration Options for more info* + /// A nested block containing configuration options for RDS MySQL connections.*See Configuration Options for more info* /// public InputList MysqlRds { @@ -638,8 +609,7 @@ public InputList MysqlRds private InputList? _mysqls; /// - /// A nested block containing configuration options for MySQL connections. - /// *See Configuration Options for more info* + /// A nested block containing configuration options for MySQL connections.*See Configuration Options for more info* /// public InputList Mysqls { @@ -669,8 +639,7 @@ public InputMap Options private InputList? _oracles; /// - /// A nested block containing configuration options for Oracle connections. - /// *See Configuration Options for more info* + /// A nested block containing configuration options for Oracle connections.*See Configuration Options for more info* /// public InputList Oracles { @@ -706,8 +675,7 @@ public InputList PassthroughRequestHeaders private InputList? _postgresqls; /// - /// A nested block containing configuration options for PostgreSQL connections. - /// *See Configuration Options for more info* + /// A nested block containing configuration options for PostgreSQL connections.*See Configuration Options for more info* /// public InputList Postgresqls { @@ -719,8 +687,7 @@ public InputList Postgresqls private InputList? _redis; /// - /// A nested block containing configuration options for Redis connections. - /// *See Configuration Options for more info* + /// A nested block containing configuration options for Redis connections.*See Configuration Options for more info* /// public InputList Redis { @@ -732,8 +699,7 @@ public InputList Redis private InputList? _redisElasticaches; /// - /// A nested block containing configuration options for Redis ElastiCache connections. - /// *See Configuration Options for more info* + /// A nested block containing configuration options for Redis ElastiCache connections.*See Configuration Options for more info* /// public InputList RedisElasticaches { @@ -745,8 +711,7 @@ public InputList RedisElasticaches private InputList? _redshifts; /// - /// A nested block containing configuration options for AWS Redshift connections. - /// *See Configuration Options for more info* + /// A nested block containing configuration options for AWS Redshift connections.*See Configuration Options for more info* /// public InputList Redshifts { @@ -764,8 +729,7 @@ public InputList Redshifts private InputList? _snowflakes; /// - /// A nested block containing configuration options for Snowflake connections. - /// *See Configuration Options for more info* + /// A nested block containing configuration options for Snowflake connections.*See Configuration Options for more info* /// public InputList Snowflakes { @@ -841,8 +805,7 @@ public InputList AuditNonHmacResponseKeys private InputList? _cassandras; /// - /// A nested block containing configuration options for Cassandra connections. - /// *See Configuration Options for more info* + /// A nested block containing configuration options for Cassandra connections.*See Configuration Options for more info* /// public InputList Cassandras { @@ -854,8 +817,7 @@ public InputList Cassandras private InputList? _couchbases; /// - /// A nested block containing configuration options for Couchbase connections. - /// *See Configuration Options for more info* + /// A nested block containing configuration options for Couchbase connections.*See Configuration Options for more info* /// public InputList Couchbases { @@ -891,8 +853,7 @@ public InputList DelegatedAuthAccessors private InputList? _elasticsearches; /// - /// A nested block containing configuration options for Elasticsearch connections. - /// *See Configuration Options for more info* + /// A nested block containing configuration options for Elasticsearch connections.*See Configuration Options for more info* /// public InputList Elasticsearches { @@ -916,8 +877,7 @@ public InputList Elasticsearches private InputList? _hanas; /// - /// A nested block containing configuration options for SAP HanaDB connections. - /// *See Configuration Options for more info* + /// A nested block containing configuration options for SAP HanaDB connections.*See Configuration Options for more info* /// public InputList Hanas { @@ -935,8 +895,7 @@ public InputList Hanas private InputList? _influxdbs; /// - /// A nested block containing configuration options for InfluxDB connections. - /// *See Configuration Options for more info* + /// A nested block containing configuration options for InfluxDB connections.*See Configuration Options for more info* /// public InputList Influxdbs { @@ -966,8 +925,7 @@ public InputList Influxdbs private InputList? _mongodbatlas; /// - /// A nested block containing configuration options for MongoDB Atlas connections. - /// *See Configuration Options for more info* + /// A nested block containing configuration options for MongoDB Atlas connections.*See Configuration Options for more info* /// public InputList Mongodbatlas { @@ -979,8 +937,7 @@ public InputList Mongodbatlas private InputList? _mongodbs; /// - /// A nested block containing configuration options for MongoDB connections. - /// *See Configuration Options for more info* + /// A nested block containing configuration options for MongoDB connections.*See Configuration Options for more info* /// public InputList Mongodbs { @@ -992,8 +949,7 @@ public InputList Mongodbs private InputList? _mssqls; /// - /// A nested block containing configuration options for MSSQL connections. - /// *See Configuration Options for more info* + /// A nested block containing configuration options for MSSQL connections.*See Configuration Options for more info* /// public InputList Mssqls { @@ -1005,8 +961,7 @@ public InputList Mssqls private InputList? _mysqlAuroras; /// - /// A nested block containing configuration options for Aurora MySQL connections. - /// *See Configuration Options for more info* + /// A nested block containing configuration options for Aurora MySQL connections.*See Configuration Options for more info* /// public InputList MysqlAuroras { @@ -1018,8 +973,7 @@ public InputList MysqlAuroras private InputList? _mysqlLegacies; /// - /// A nested block containing configuration options for legacy MySQL connections. - /// *See Configuration Options for more info* + /// A nested block containing configuration options for legacy MySQL connections.*See Configuration Options for more info* /// public InputList MysqlLegacies { @@ -1031,8 +985,7 @@ public InputList MysqlLegacies private InputList? _mysqlRds; /// - /// A nested block containing configuration options for RDS MySQL connections. - /// *See Configuration Options for more info* + /// A nested block containing configuration options for RDS MySQL connections.*See Configuration Options for more info* /// public InputList MysqlRds { @@ -1044,8 +997,7 @@ public InputList MysqlRds private InputList? _mysqls; /// - /// A nested block containing configuration options for MySQL connections. - /// *See Configuration Options for more info* + /// A nested block containing configuration options for MySQL connections.*See Configuration Options for more info* /// public InputList Mysqls { @@ -1075,8 +1027,7 @@ public InputMap Options private InputList? _oracles; /// - /// A nested block containing configuration options for Oracle connections. - /// *See Configuration Options for more info* + /// A nested block containing configuration options for Oracle connections.*See Configuration Options for more info* /// public InputList Oracles { @@ -1112,8 +1063,7 @@ public InputList PassthroughRequestHeaders private InputList? _postgresqls; /// - /// A nested block containing configuration options for PostgreSQL connections. - /// *See Configuration Options for more info* + /// A nested block containing configuration options for PostgreSQL connections.*See Configuration Options for more info* /// public InputList Postgresqls { @@ -1125,8 +1075,7 @@ public InputList Postgresqls private InputList? _redis; /// - /// A nested block containing configuration options for Redis connections. - /// *See Configuration Options for more info* + /// A nested block containing configuration options for Redis connections.*See Configuration Options for more info* /// public InputList Redis { @@ -1138,8 +1087,7 @@ public InputList Redis private InputList? _redisElasticaches; /// - /// A nested block containing configuration options for Redis ElastiCache connections. - /// *See Configuration Options for more info* + /// A nested block containing configuration options for Redis ElastiCache connections.*See Configuration Options for more info* /// public InputList RedisElasticaches { @@ -1151,8 +1099,7 @@ public InputList RedisElasticaches private InputList? _redshifts; /// - /// A nested block containing configuration options for AWS Redshift connections. - /// *See Configuration Options for more info* + /// A nested block containing configuration options for AWS Redshift connections.*See Configuration Options for more info* /// public InputList Redshifts { @@ -1170,8 +1117,7 @@ public InputList Redshifts private InputList? _snowflakes; /// - /// A nested block containing configuration options for Snowflake connections. - /// *See Configuration Options for more info* + /// A nested block containing configuration options for Snowflake connections.*See Configuration Options for more info* /// public InputList Snowflakes { diff --git a/sdk/dotnet/Gcp/Inputs/AuthBackendTuneArgs.cs b/sdk/dotnet/Gcp/Inputs/AuthBackendTuneArgs.cs index 3d8fcf654..854bd8649 100644 --- a/sdk/dotnet/Gcp/Inputs/AuthBackendTuneArgs.cs +++ b/sdk/dotnet/Gcp/Inputs/AuthBackendTuneArgs.cs @@ -91,7 +91,6 @@ public InputList PassthroughRequestHeaders /// Specifies the type of tokens that should be returned by /// the mount. Valid values are "default-service", "default-batch", "service", "batch". /// - /// /// For more details on the usage of each argument consult the [Vault GCP API documentation](https://www.vaultproject.io/api-docs/auth/gcp#configure). /// [Input("tokenType")] diff --git a/sdk/dotnet/Gcp/Inputs/AuthBackendTuneGetArgs.cs b/sdk/dotnet/Gcp/Inputs/AuthBackendTuneGetArgs.cs index fdba1280c..aec27473f 100644 --- a/sdk/dotnet/Gcp/Inputs/AuthBackendTuneGetArgs.cs +++ b/sdk/dotnet/Gcp/Inputs/AuthBackendTuneGetArgs.cs @@ -91,7 +91,6 @@ public InputList PassthroughRequestHeaders /// Specifies the type of tokens that should be returned by /// the mount. Valid values are "default-service", "default-batch", "service", "batch". /// - /// /// For more details on the usage of each argument consult the [Vault GCP API documentation](https://www.vaultproject.io/api-docs/auth/gcp#configure). /// [Input("tokenType")] diff --git a/sdk/dotnet/Gcp/Outputs/AuthBackendTune.cs b/sdk/dotnet/Gcp/Outputs/AuthBackendTune.cs index 33a6c2029..a961d1ede 100644 --- a/sdk/dotnet/Gcp/Outputs/AuthBackendTune.cs +++ b/sdk/dotnet/Gcp/Outputs/AuthBackendTune.cs @@ -54,7 +54,6 @@ public sealed class AuthBackendTune /// Specifies the type of tokens that should be returned by /// the mount. Valid values are "default-service", "default-batch", "service", "batch". /// - /// /// For more details on the usage of each argument consult the [Vault GCP API documentation](https://www.vaultproject.io/api-docs/auth/gcp#configure). /// public readonly string? TokenType; diff --git a/sdk/dotnet/Generic/GetSecret.cs b/sdk/dotnet/Generic/GetSecret.cs index a6ee9b94c..fc63a7584 100644 --- a/sdk/dotnet/Generic/GetSecret.cs +++ b/sdk/dotnet/Generic/GetSecret.cs @@ -32,7 +32,7 @@ public static class GetSecret /// }); /// ``` /// - /// ### KV + /// ### KV /// /// For this example, consider `example` as a path for a KV engine. /// @@ -88,7 +88,7 @@ public static Task InvokeAsync(GetSecretArgs args, InvokeOption /// }); /// ``` /// - /// ### KV + /// ### KV /// /// For this example, consider `example` as a path for a KV engine. /// diff --git a/sdk/dotnet/GetNomadAccessToken.cs b/sdk/dotnet/GetNomadAccessToken.cs index a3bfc2fcb..5c1940250 100644 --- a/sdk/dotnet/GetNomadAccessToken.cs +++ b/sdk/dotnet/GetNomadAccessToken.cs @@ -168,7 +168,7 @@ public GetNomadAccessTokenInvokeArgs() public sealed class GetNomadAccessTokenResult { /// - /// The public identifier for a specific token. It can be used + /// The public identifier for a specific token. It can be used /// to look up information about a token or to revoke a token. /// public readonly string AccessorId; diff --git a/sdk/dotnet/Identity/GetOidcOpenidConfig.cs b/sdk/dotnet/Identity/GetOidcOpenidConfig.cs index e4e6404a1..aeb663163 100644 --- a/sdk/dotnet/Identity/GetOidcOpenidConfig.cs +++ b/sdk/dotnet/Identity/GetOidcOpenidConfig.cs @@ -188,7 +188,7 @@ public sealed class GetOidcOpenidConfigResult /// public readonly string Id; /// - /// The signing algorithms supported by + /// The signing algorithms supported by /// the provider. /// public readonly ImmutableArray IdTokenSigningAlgValuesSupporteds; @@ -203,7 +203,7 @@ public sealed class GetOidcOpenidConfigResult public readonly string Name; public readonly string? Namespace; /// - /// Specifies whether Request URI Parameter is + /// Specifies whether Request URI Parameter is /// supported by the provider. /// public readonly bool RequestUriParameterSupported; diff --git a/sdk/dotnet/Identity/GetOidcPublicKeys.cs b/sdk/dotnet/Identity/GetOidcPublicKeys.cs index 7d27b4df9..a87ec64b1 100644 --- a/sdk/dotnet/Identity/GetOidcPublicKeys.cs +++ b/sdk/dotnet/Identity/GetOidcPublicKeys.cs @@ -180,7 +180,7 @@ public sealed class GetOidcPublicKeysResult /// public readonly string Id; /// - /// The public portion of keys for an OIDC provider. + /// The public portion of keys for an OIDC provider. /// Clients can use them to validate the authenticity of an identity token. /// public readonly ImmutableArray> Keys; diff --git a/sdk/dotnet/Identity/GroupMemberGroupIds.cs b/sdk/dotnet/Identity/GroupMemberGroupIds.cs index 033e248c1..d923f28b9 100644 --- a/sdk/dotnet/Identity/GroupMemberGroupIds.cs +++ b/sdk/dotnet/Identity/GroupMemberGroupIds.cs @@ -10,6 +10,15 @@ namespace Pulumi.Vault.Identity { /// + /// layout: "vault" + /// page_title: "Vault: vault.identity.GroupMemberGroupIds resource" + /// sidebar_current: "docs-vault-resource-identity-group-member-group-ids" + /// description: |- + /// Manages member groups for an Identity Group for Vault. + /// <!-- yaml: line 6: could not find expected ':' --> + /// + /// # vault\_identity\_group\_member\_group\_ids + /// /// Manages member groups for an Identity Group for Vault. The /// [Identity secrets engine](https://www.vaultproject.io/docs/secrets/identity/index.html) /// is the identity management solution for Vault. diff --git a/sdk/dotnet/Identity/OidcClient.cs b/sdk/dotnet/Identity/OidcClient.cs index 81f20117a..873f39406 100644 --- a/sdk/dotnet/Identity/OidcClient.cs +++ b/sdk/dotnet/Identity/OidcClient.cs @@ -100,7 +100,7 @@ public partial class OidcClient : global::Pulumi.CustomResource public Output ClientType { get; private set; } = null!; /// - /// The time-to-live for ID tokens obtained by the client. + /// The time-to-live for ID tokens obtained by the client. /// The value should be less than the `verification_ttl` on the key. /// [Output("idTokenTtl")] @@ -130,7 +130,7 @@ public partial class OidcClient : global::Pulumi.CustomResource public Output Namespace { get; private set; } = null!; /// - /// Redirection URI values used by the client. + /// Redirection URI values used by the client. /// One of these values must exactly match the `redirect_uri` parameter value /// used in each authentication request. /// @@ -213,7 +213,7 @@ public InputList Assignments public Input? ClientType { get; set; } /// - /// The time-to-live for ID tokens obtained by the client. + /// The time-to-live for ID tokens obtained by the client. /// The value should be less than the `verification_ttl` on the key. /// [Input("idTokenTtl")] @@ -246,7 +246,7 @@ public InputList Assignments private InputList? _redirectUris; /// - /// Redirection URI values used by the client. + /// Redirection URI values used by the client. /// One of these values must exactly match the `redirect_uri` parameter value /// used in each authentication request. /// @@ -313,7 +313,7 @@ public Input? ClientSecret public Input? ClientType { get; set; } /// - /// The time-to-live for ID tokens obtained by the client. + /// The time-to-live for ID tokens obtained by the client. /// The value should be less than the `verification_ttl` on the key. /// [Input("idTokenTtl")] @@ -346,7 +346,7 @@ public Input? ClientSecret private InputList? _redirectUris; /// - /// Redirection URI values used by the client. + /// Redirection URI values used by the client. /// One of these values must exactly match the `redirect_uri` parameter value /// used in each authentication request. /// diff --git a/sdk/dotnet/Identity/OidcProvider.cs b/sdk/dotnet/Identity/OidcProvider.cs index b28eed62a..1b4f397da 100644 --- a/sdk/dotnet/Identity/OidcProvider.cs +++ b/sdk/dotnet/Identity/OidcProvider.cs @@ -106,7 +106,7 @@ namespace Pulumi.Vault.Identity public partial class OidcProvider : global::Pulumi.CustomResource { /// - /// The client IDs that are permitted to use the provider. + /// The client IDs that are permitted to use the provider. /// If empty, no clients are allowed. If `*`, all clients are allowed. /// [Output("allowedClientIds")] @@ -203,7 +203,7 @@ public sealed class OidcProviderArgs : global::Pulumi.ResourceArgs private InputList? _allowedClientIds; /// - /// The client IDs that are permitted to use the provider. + /// The client IDs that are permitted to use the provider. /// If empty, no clients are allowed. If `*`, all clients are allowed. /// public InputList AllowedClientIds @@ -263,7 +263,7 @@ public sealed class OidcProviderState : global::Pulumi.ResourceArgs private InputList? _allowedClientIds; /// - /// The client IDs that are permitted to use the provider. + /// The client IDs that are permitted to use the provider. /// If empty, no clients are allowed. If `*`, all clients are allowed. /// public InputList AllowedClientIds diff --git a/sdk/dotnet/Jwt/AuthBackendRole.cs b/sdk/dotnet/Jwt/AuthBackendRole.cs index 68ab988b6..8fbd99576 100644 --- a/sdk/dotnet/Jwt/AuthBackendRole.cs +++ b/sdk/dotnet/Jwt/AuthBackendRole.cs @@ -187,7 +187,7 @@ public partial class AuthBackendRole : global::Pulumi.CustomResource public Output GroupsClaim { get; private set; } = null!; /// - /// Specifies the allowable elapsed time in seconds since the last time + /// Specifies the allowable elapsed time in seconds since the last time /// the user was actively authenticated with the OIDC provider. /// [Output("maxAge")] @@ -461,7 +461,7 @@ public InputMap ClaimMappings public Input? GroupsClaim { get; set; } /// - /// Specifies the allowable elapsed time in seconds since the last time + /// Specifies the allowable elapsed time in seconds since the last time /// the user was actively authenticated with the OIDC provider. /// [Input("maxAge")] @@ -715,7 +715,7 @@ public InputMap ClaimMappings public Input? GroupsClaim { get; set; } /// - /// Specifies the allowable elapsed time in seconds since the last time + /// Specifies the allowable elapsed time in seconds since the last time /// the user was actively authenticated with the OIDC provider. /// [Input("maxAge")] diff --git a/sdk/dotnet/Kubernetes/GetServiceAccountToken.cs b/sdk/dotnet/Kubernetes/GetServiceAccountToken.cs index f71b4b230..778a98c39 100644 --- a/sdk/dotnet/Kubernetes/GetServiceAccountToken.cs +++ b/sdk/dotnet/Kubernetes/GetServiceAccountToken.cs @@ -148,21 +148,21 @@ public static Output Invoke(GetServiceAccountToken public sealed class GetServiceAccountTokenArgs : global::Pulumi.InvokeArgs { /// - /// The Kubernetes secret backend to generate service account + /// The Kubernetes secret backend to generate service account /// tokens from. /// [Input("backend", required: true)] public string Backend { get; set; } = null!; /// - /// If true, generate a ClusterRoleBinding to grant + /// If true, generate a ClusterRoleBinding to grant /// permissions across the whole cluster instead of within a namespace. /// [Input("clusterRoleBinding")] public bool? ClusterRoleBinding { get; set; } /// - /// The name of the Kubernetes namespace in which to + /// The name of the Kubernetes namespace in which to /// generate the credentials. /// [Input("kubernetesNamespace", required: true)] @@ -178,14 +178,14 @@ public sealed class GetServiceAccountTokenArgs : global::Pulumi.InvokeArgs public string? Namespace { get; set; } /// - /// The name of the Kubernetes secret backend role to generate service + /// The name of the Kubernetes secret backend role to generate service /// account tokens from. /// [Input("role", required: true)] public string Role { get; set; } = null!; /// - /// The TTL of the generated Kubernetes service account token, specified in + /// The TTL of the generated Kubernetes service account token, specified in /// seconds or as a Go duration format string. /// [Input("ttl")] @@ -200,21 +200,21 @@ public GetServiceAccountTokenArgs() public sealed class GetServiceAccountTokenInvokeArgs : global::Pulumi.InvokeArgs { /// - /// The Kubernetes secret backend to generate service account + /// The Kubernetes secret backend to generate service account /// tokens from. /// [Input("backend", required: true)] public Input Backend { get; set; } = null!; /// - /// If true, generate a ClusterRoleBinding to grant + /// If true, generate a ClusterRoleBinding to grant /// permissions across the whole cluster instead of within a namespace. /// [Input("clusterRoleBinding")] public Input? ClusterRoleBinding { get; set; } /// - /// The name of the Kubernetes namespace in which to + /// The name of the Kubernetes namespace in which to /// generate the credentials. /// [Input("kubernetesNamespace", required: true)] @@ -230,14 +230,14 @@ public sealed class GetServiceAccountTokenInvokeArgs : global::Pulumi.InvokeArgs public Input? Namespace { get; set; } /// - /// The name of the Kubernetes secret backend role to generate service + /// The name of the Kubernetes secret backend role to generate service /// account tokens from. /// [Input("role", required: true)] public Input Role { get; set; } = null!; /// - /// The TTL of the generated Kubernetes service account token, specified in + /// The TTL of the generated Kubernetes service account token, specified in /// seconds or as a Go duration format string. /// [Input("ttl")] diff --git a/sdk/dotnet/Kubernetes/SecretBackend.cs b/sdk/dotnet/Kubernetes/SecretBackend.cs index 998389697..159bfd1d5 100644 --- a/sdk/dotnet/Kubernetes/SecretBackend.cs +++ b/sdk/dotnet/Kubernetes/SecretBackend.cs @@ -102,7 +102,7 @@ public partial class SecretBackend : global::Pulumi.CustomResource public Output Description { get; private set; } = null!; /// - /// Disable defaulting to the local CA certificate and + /// Disable defaulting to the local CA certificate and /// service account JWT when Vault is running in a Kubernetes pod. /// [Output("disableLocalCaJwt")] @@ -121,7 +121,7 @@ public partial class SecretBackend : global::Pulumi.CustomResource public Output IdentityTokenKey { get; private set; } = null!; /// - /// A PEM-encoded CA certificate used by the + /// A PEM-encoded CA certificate used by the /// secrets engine to verify the Kubernetes API server certificate. Defaults to the local /// pod’s CA if Vault is running in Kubernetes. Otherwise, defaults to the root CA set where /// Vault is running. @@ -130,7 +130,7 @@ public partial class SecretBackend : global::Pulumi.CustomResource public Output KubernetesCaCert { get; private set; } = null!; /// - /// The Kubernetes API URL to connect to. Required if the + /// The Kubernetes API URL to connect to. Required if the /// standard pod environment variables `KUBERNETES_SERVICE_HOST` or `KUBERNETES_SERVICE_PORT` /// are not set on the host that Vault is running on. /// @@ -325,7 +325,7 @@ public InputList DelegatedAuthAccessors public Input? Description { get; set; } /// - /// Disable defaulting to the local CA certificate and + /// Disable defaulting to the local CA certificate and /// service account JWT when Vault is running in a Kubernetes pod. /// [Input("disableLocalCaJwt")] @@ -344,7 +344,7 @@ public InputList DelegatedAuthAccessors public Input? IdentityTokenKey { get; set; } /// - /// A PEM-encoded CA certificate used by the + /// A PEM-encoded CA certificate used by the /// secrets engine to verify the Kubernetes API server certificate. Defaults to the local /// pod’s CA if Vault is running in Kubernetes. Otherwise, defaults to the root CA set where /// Vault is running. @@ -353,7 +353,7 @@ public InputList DelegatedAuthAccessors public Input? KubernetesCaCert { get; set; } /// - /// The Kubernetes API URL to connect to. Required if the + /// The Kubernetes API URL to connect to. Required if the /// standard pod environment variables `KUBERNETES_SERVICE_HOST` or `KUBERNETES_SERVICE_PORT` /// are not set on the host that Vault is running on. /// @@ -534,7 +534,7 @@ public InputList DelegatedAuthAccessors public Input? Description { get; set; } /// - /// Disable defaulting to the local CA certificate and + /// Disable defaulting to the local CA certificate and /// service account JWT when Vault is running in a Kubernetes pod. /// [Input("disableLocalCaJwt")] @@ -553,7 +553,7 @@ public InputList DelegatedAuthAccessors public Input? IdentityTokenKey { get; set; } /// - /// A PEM-encoded CA certificate used by the + /// A PEM-encoded CA certificate used by the /// secrets engine to verify the Kubernetes API server certificate. Defaults to the local /// pod’s CA if Vault is running in Kubernetes. Otherwise, defaults to the root CA set where /// Vault is running. @@ -562,7 +562,7 @@ public InputList DelegatedAuthAccessors public Input? KubernetesCaCert { get; set; } /// - /// The Kubernetes API URL to connect to. Required if the + /// The Kubernetes API URL to connect to. Required if the /// standard pod environment variables `KUBERNETES_SERVICE_HOST` or `KUBERNETES_SERVICE_PORT` /// are not set on the host that Vault is running on. /// diff --git a/sdk/dotnet/Kubernetes/SecretBackendRole.cs b/sdk/dotnet/Kubernetes/SecretBackendRole.cs index b8863a1de..39f3203d6 100644 --- a/sdk/dotnet/Kubernetes/SecretBackendRole.cs +++ b/sdk/dotnet/Kubernetes/SecretBackendRole.cs @@ -190,7 +190,7 @@ namespace Pulumi.Vault.Kubernetes public partial class SecretBackendRole : global::Pulumi.CustomResource { /// - /// A label selector for Kubernetes namespaces + /// A label selector for Kubernetes namespaces /// in which credentials can be generated. Accepts either a JSON or YAML object. The value should be /// of type [LabelSelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.24/#labelselector-v1-meta). /// If set with `allowed_kubernetes_namespace`, the conditions are `OR`ed. @@ -199,7 +199,7 @@ public partial class SecretBackendRole : global::Pulumi.CustomResource public Output AllowedKubernetesNamespaceSelector { get; private set; } = null!; /// - /// The list of Kubernetes namespaces this role + /// The list of Kubernetes namespaces this role /// can generate credentials for. If set to `*` all namespaces are allowed. If set with /// `allowed_kubernetes_namespace_selector`, the conditions are `OR`ed. /// @@ -214,14 +214,14 @@ public partial class SecretBackendRole : global::Pulumi.CustomResource public Output Backend { get; private set; } = null!; /// - /// Additional annotations to apply to all generated + /// Additional annotations to apply to all generated /// Kubernetes objects. /// [Output("extraAnnotations")] public Output?> ExtraAnnotations { get; private set; } = null!; /// - /// Additional labels to apply to all generated Kubernetes + /// Additional labels to apply to all generated Kubernetes /// objects. /// /// This resource also directly accepts all vault.Mount fields. @@ -230,7 +230,7 @@ public partial class SecretBackendRole : global::Pulumi.CustomResource public Output?> ExtraLabels { get; private set; } = null!; /// - /// The Role or ClusterRole rules to use when generating + /// The Role or ClusterRole rules to use when generating /// a role. Accepts either JSON or YAML formatted rules. Mutually exclusive with `service_account_name` /// and `kubernetes_role_name`. If set, the entire chain of Kubernetes objects will be generated /// when credentials are requested. @@ -239,7 +239,7 @@ public partial class SecretBackendRole : global::Pulumi.CustomResource public Output GeneratedRoleRules { get; private set; } = null!; /// - /// The pre-existing Role or ClusterRole to bind a + /// The pre-existing Role or ClusterRole to bind a /// generated service account to. Mutually exclusive with `service_account_name` and /// `generated_role_rules`. If set, Kubernetes token, service account, and role /// binding objects will be created when credentials are requested. @@ -248,7 +248,7 @@ public partial class SecretBackendRole : global::Pulumi.CustomResource public Output KubernetesRoleName { get; private set; } = null!; /// - /// Specifies whether the Kubernetes role is a Role or + /// Specifies whether the Kubernetes role is a Role or /// ClusterRole. /// [Output("kubernetesRoleType")] @@ -261,7 +261,7 @@ public partial class SecretBackendRole : global::Pulumi.CustomResource public Output Name { get; private set; } = null!; /// - /// The name template to use when generating service accounts, + /// The name template to use when generating service accounts, /// roles and role bindings. If unset, a default template is used. /// [Output("nameTemplate")] @@ -343,7 +343,7 @@ public static SecretBackendRole Get(string name, Input id, SecretBackend public sealed class SecretBackendRoleArgs : global::Pulumi.ResourceArgs { /// - /// A label selector for Kubernetes namespaces + /// A label selector for Kubernetes namespaces /// in which credentials can be generated. Accepts either a JSON or YAML object. The value should be /// of type [LabelSelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.24/#labelselector-v1-meta). /// If set with `allowed_kubernetes_namespace`, the conditions are `OR`ed. @@ -355,7 +355,7 @@ public sealed class SecretBackendRoleArgs : global::Pulumi.ResourceArgs private InputList? _allowedKubernetesNamespaces; /// - /// The list of Kubernetes namespaces this role + /// The list of Kubernetes namespaces this role /// can generate credentials for. If set to `*` all namespaces are allowed. If set with /// `allowed_kubernetes_namespace_selector`, the conditions are `OR`ed. /// @@ -376,7 +376,7 @@ public InputList AllowedKubernetesNamespaces private InputMap? _extraAnnotations; /// - /// Additional annotations to apply to all generated + /// Additional annotations to apply to all generated /// Kubernetes objects. /// public InputMap ExtraAnnotations @@ -389,7 +389,7 @@ public InputMap ExtraAnnotations private InputMap? _extraLabels; /// - /// Additional labels to apply to all generated Kubernetes + /// Additional labels to apply to all generated Kubernetes /// objects. /// /// This resource also directly accepts all vault.Mount fields. @@ -401,7 +401,7 @@ public InputMap ExtraLabels } /// - /// The Role or ClusterRole rules to use when generating + /// The Role or ClusterRole rules to use when generating /// a role. Accepts either JSON or YAML formatted rules. Mutually exclusive with `service_account_name` /// and `kubernetes_role_name`. If set, the entire chain of Kubernetes objects will be generated /// when credentials are requested. @@ -410,7 +410,7 @@ public InputMap ExtraLabels public Input? GeneratedRoleRules { get; set; } /// - /// The pre-existing Role or ClusterRole to bind a + /// The pre-existing Role or ClusterRole to bind a /// generated service account to. Mutually exclusive with `service_account_name` and /// `generated_role_rules`. If set, Kubernetes token, service account, and role /// binding objects will be created when credentials are requested. @@ -419,7 +419,7 @@ public InputMap ExtraLabels public Input? KubernetesRoleName { get; set; } /// - /// Specifies whether the Kubernetes role is a Role or + /// Specifies whether the Kubernetes role is a Role or /// ClusterRole. /// [Input("kubernetesRoleType")] @@ -432,7 +432,7 @@ public InputMap ExtraLabels public Input? Name { get; set; } /// - /// The name template to use when generating service accounts, + /// The name template to use when generating service accounts, /// roles and role bindings. If unset, a default template is used. /// [Input("nameTemplate")] @@ -476,7 +476,7 @@ public SecretBackendRoleArgs() public sealed class SecretBackendRoleState : global::Pulumi.ResourceArgs { /// - /// A label selector for Kubernetes namespaces + /// A label selector for Kubernetes namespaces /// in which credentials can be generated. Accepts either a JSON or YAML object. The value should be /// of type [LabelSelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.24/#labelselector-v1-meta). /// If set with `allowed_kubernetes_namespace`, the conditions are `OR`ed. @@ -488,7 +488,7 @@ public sealed class SecretBackendRoleState : global::Pulumi.ResourceArgs private InputList? _allowedKubernetesNamespaces; /// - /// The list of Kubernetes namespaces this role + /// The list of Kubernetes namespaces this role /// can generate credentials for. If set to `*` all namespaces are allowed. If set with /// `allowed_kubernetes_namespace_selector`, the conditions are `OR`ed. /// @@ -509,7 +509,7 @@ public InputList AllowedKubernetesNamespaces private InputMap? _extraAnnotations; /// - /// Additional annotations to apply to all generated + /// Additional annotations to apply to all generated /// Kubernetes objects. /// public InputMap ExtraAnnotations @@ -522,7 +522,7 @@ public InputMap ExtraAnnotations private InputMap? _extraLabels; /// - /// Additional labels to apply to all generated Kubernetes + /// Additional labels to apply to all generated Kubernetes /// objects. /// /// This resource also directly accepts all vault.Mount fields. @@ -534,7 +534,7 @@ public InputMap ExtraLabels } /// - /// The Role or ClusterRole rules to use when generating + /// The Role or ClusterRole rules to use when generating /// a role. Accepts either JSON or YAML formatted rules. Mutually exclusive with `service_account_name` /// and `kubernetes_role_name`. If set, the entire chain of Kubernetes objects will be generated /// when credentials are requested. @@ -543,7 +543,7 @@ public InputMap ExtraLabels public Input? GeneratedRoleRules { get; set; } /// - /// The pre-existing Role or ClusterRole to bind a + /// The pre-existing Role or ClusterRole to bind a /// generated service account to. Mutually exclusive with `service_account_name` and /// `generated_role_rules`. If set, Kubernetes token, service account, and role /// binding objects will be created when credentials are requested. @@ -552,7 +552,7 @@ public InputMap ExtraLabels public Input? KubernetesRoleName { get; set; } /// - /// Specifies whether the Kubernetes role is a Role or + /// Specifies whether the Kubernetes role is a Role or /// ClusterRole. /// [Input("kubernetesRoleType")] @@ -565,7 +565,7 @@ public InputMap ExtraLabels public Input? Name { get; set; } /// - /// The name template to use when generating service accounts, + /// The name template to use when generating service accounts, /// roles and role bindings. If unset, a default template is used. /// [Input("nameTemplate")] diff --git a/sdk/dotnet/MfaOkta.cs b/sdk/dotnet/MfaOkta.cs index 27615c784..17cf36fa1 100644 --- a/sdk/dotnet/MfaOkta.cs +++ b/sdk/dotnet/MfaOkta.cs @@ -60,14 +60,14 @@ public partial class MfaOkta : global::Pulumi.CustomResource public Output ApiToken { get; private set; } = null!; /// - /// `(string)` - If set, will be used as the base domain for API requests. Examples are `okta.com`, + /// `(string)` - If set, will be used as the base domain for API requests. Examples are `okta.com`, /// `oktapreview.com`, and `okta-emea.com`. /// [Output("baseUrl")] public Output BaseUrl { get; private set; } = null!; /// - /// `(string: <required>)` - The mount to tie this method to for use in automatic mappings. + /// `(string: <required>)` - The mount to tie this method to for use in automatic mappings. /// The mapping will use the Name field of Aliases associated with this mount as the username in the mapping. /// [Output("mountAccessor")] @@ -95,14 +95,14 @@ public partial class MfaOkta : global::Pulumi.CustomResource public Output OrgName { get; private set; } = null!; /// - /// `(string: <required>)` - If set to true, the username will only match the + /// `(string: <required>)` - If set to true, the username will only match the /// primary email for the account. /// [Output("primaryEmail")] public Output PrimaryEmail { get; private set; } = null!; /// - /// `(string)` - A format string for mapping Identity names to MFA method names. + /// `(string)` - A format string for mapping Identity names to MFA method names. /// Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`. /// If blank, the Alias's Name field will be used as-is. Currently-supported mappings: /// - alias.name: The name returned by the mount configured via the `mount_accessor` parameter @@ -180,14 +180,14 @@ public Input? ApiToken } /// - /// `(string)` - If set, will be used as the base domain for API requests. Examples are `okta.com`, + /// `(string)` - If set, will be used as the base domain for API requests. Examples are `okta.com`, /// `oktapreview.com`, and `okta-emea.com`. /// [Input("baseUrl")] public Input? BaseUrl { get; set; } /// - /// `(string: <required>)` - The mount to tie this method to for use in automatic mappings. + /// `(string: <required>)` - The mount to tie this method to for use in automatic mappings. /// The mapping will use the Name field of Aliases associated with this mount as the username in the mapping. /// [Input("mountAccessor", required: true)] @@ -215,14 +215,14 @@ public Input? ApiToken public Input OrgName { get; set; } = null!; /// - /// `(string: <required>)` - If set to true, the username will only match the + /// `(string: <required>)` - If set to true, the username will only match the /// primary email for the account. /// [Input("primaryEmail")] public Input? PrimaryEmail { get; set; } /// - /// `(string)` - A format string for mapping Identity names to MFA method names. + /// `(string)` - A format string for mapping Identity names to MFA method names. /// Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`. /// If blank, the Alias's Name field will be used as-is. Currently-supported mappings: /// - alias.name: The name returned by the mount configured via the `mount_accessor` parameter @@ -258,14 +258,14 @@ public Input? ApiToken } /// - /// `(string)` - If set, will be used as the base domain for API requests. Examples are `okta.com`, + /// `(string)` - If set, will be used as the base domain for API requests. Examples are `okta.com`, /// `oktapreview.com`, and `okta-emea.com`. /// [Input("baseUrl")] public Input? BaseUrl { get; set; } /// - /// `(string: <required>)` - The mount to tie this method to for use in automatic mappings. + /// `(string: <required>)` - The mount to tie this method to for use in automatic mappings. /// The mapping will use the Name field of Aliases associated with this mount as the username in the mapping. /// [Input("mountAccessor")] @@ -293,14 +293,14 @@ public Input? ApiToken public Input? OrgName { get; set; } /// - /// `(string: <required>)` - If set to true, the username will only match the + /// `(string: <required>)` - If set to true, the username will only match the /// primary email for the account. /// [Input("primaryEmail")] public Input? PrimaryEmail { get; set; } /// - /// `(string)` - A format string for mapping Identity names to MFA method names. + /// `(string)` - A format string for mapping Identity names to MFA method names. /// Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`. /// If blank, the Alias's Name field will be used as-is. Currently-supported mappings: /// - alias.name: The name returned by the mount configured via the `mount_accessor` parameter diff --git a/sdk/dotnet/MfaPingid.cs b/sdk/dotnet/MfaPingid.cs index 327ba066c..d83d8fa36 100644 --- a/sdk/dotnet/MfaPingid.cs +++ b/sdk/dotnet/MfaPingid.cs @@ -73,7 +73,7 @@ public partial class MfaPingid : global::Pulumi.CustomResource public Output IdpUrl { get; private set; } = null!; /// - /// `(string: <required>)` - The mount to tie this method to for use in automatic mappings. + /// `(string: <required>)` - The mount to tie this method to for use in automatic mappings. /// The mapping will use the Name field of Aliases associated with this mount as the username in the mapping. /// [Output("mountAccessor")] @@ -126,7 +126,7 @@ public partial class MfaPingid : global::Pulumi.CustomResource public Output UseSignature { get; private set; } = null!; /// - /// `(string)` - A format string for mapping Identity names to MFA method names. + /// `(string)` - A format string for mapping Identity names to MFA method names. /// Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`. /// If blank, the Alias's Name field will be used as-is. Currently-supported mappings: /// - alias.name: The name returned by the mount configured via the `mount_accessor` parameter @@ -184,7 +184,7 @@ public static MfaPingid Get(string name, Input id, MfaPingidState? state public sealed class MfaPingidArgs : global::Pulumi.ResourceArgs { /// - /// `(string: <required>)` - The mount to tie this method to for use in automatic mappings. + /// `(string: <required>)` - The mount to tie this method to for use in automatic mappings. /// The mapping will use the Name field of Aliases associated with this mount as the username in the mapping. /// [Input("mountAccessor", required: true)] @@ -213,7 +213,7 @@ public sealed class MfaPingidArgs : global::Pulumi.ResourceArgs public Input SettingsFileBase64 { get; set; } = null!; /// - /// `(string)` - A format string for mapping Identity names to MFA method names. + /// `(string)` - A format string for mapping Identity names to MFA method names. /// Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`. /// If blank, the Alias's Name field will be used as-is. Currently-supported mappings: /// - alias.name: The name returned by the mount configured via the `mount_accessor` parameter @@ -251,7 +251,7 @@ public sealed class MfaPingidState : global::Pulumi.ResourceArgs public Input? IdpUrl { get; set; } /// - /// `(string: <required>)` - The mount to tie this method to for use in automatic mappings. + /// `(string: <required>)` - The mount to tie this method to for use in automatic mappings. /// The mapping will use the Name field of Aliases associated with this mount as the username in the mapping. /// [Input("mountAccessor")] @@ -304,7 +304,7 @@ public sealed class MfaPingidState : global::Pulumi.ResourceArgs public Input? UseSignature { get; set; } /// - /// `(string)` - A format string for mapping Identity names to MFA method names. + /// `(string)` - A format string for mapping Identity names to MFA method names. /// Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`. /// If blank, the Alias's Name field will be used as-is. Currently-supported mappings: /// - alias.name: The name returned by the mount configured via the `mount_accessor` parameter diff --git a/sdk/dotnet/MongoDBAtlas/SecretRole.cs b/sdk/dotnet/MongoDBAtlas/SecretRole.cs index 77dd3d356..39220b267 100644 --- a/sdk/dotnet/MongoDBAtlas/SecretRole.cs +++ b/sdk/dotnet/MongoDBAtlas/SecretRole.cs @@ -109,7 +109,7 @@ public partial class SecretRole : global::Pulumi.CustomResource public Output Namespace { get; private set; } = null!; /// - /// Unique identifier for the organization to which the target API Key belongs. + /// Unique identifier for the organization to which the target API Key belongs. /// Required if `project_id` is not set. /// [Output("organizationId")] @@ -238,7 +238,7 @@ public InputList IpAddresses public Input? Namespace { get; set; } /// - /// Unique identifier for the organization to which the target API Key belongs. + /// Unique identifier for the organization to which the target API Key belongs. /// Required if `project_id` is not set. /// [Input("organizationId")] @@ -341,7 +341,7 @@ public InputList IpAddresses public Input? Namespace { get; set; } /// - /// Unique identifier for the organization to which the target API Key belongs. + /// Unique identifier for the organization to which the target API Key belongs. /// Required if `project_id` is not set. /// [Input("organizationId")] diff --git a/sdk/dotnet/NomadSecretRole.cs b/sdk/dotnet/NomadSecretRole.cs index 9da44b4c6..81f6bcbe6 100644 --- a/sdk/dotnet/NomadSecretRole.cs +++ b/sdk/dotnet/NomadSecretRole.cs @@ -62,7 +62,7 @@ public partial class NomadSecretRole : global::Pulumi.CustomResource public Output Backend { get; private set; } = null!; /// - /// Specifies if the generated token should be global. Defaults to + /// Specifies if the generated token should be global. Defaults to /// false. /// [Output("global")] @@ -78,7 +78,7 @@ public partial class NomadSecretRole : global::Pulumi.CustomResource public Output Namespace { get; private set; } = null!; /// - /// List of policies attached to the generated token. This setting is only used + /// List of policies attached to the generated token. This setting is only used /// when `type` is 'client'. /// [Output("policies")] @@ -92,7 +92,7 @@ public partial class NomadSecretRole : global::Pulumi.CustomResource public Output Role { get; private set; } = null!; /// - /// Specifies the type of token to create when using this role. Valid + /// Specifies the type of token to create when using this role. Valid /// settings are 'client' and 'management'. Defaults to 'client'. /// [Output("type")] @@ -151,7 +151,7 @@ public sealed class NomadSecretRoleArgs : global::Pulumi.ResourceArgs public Input Backend { get; set; } = null!; /// - /// Specifies if the generated token should be global. Defaults to + /// Specifies if the generated token should be global. Defaults to /// false. /// [Input("global")] @@ -170,7 +170,7 @@ public sealed class NomadSecretRoleArgs : global::Pulumi.ResourceArgs private InputList? _policies; /// - /// List of policies attached to the generated token. This setting is only used + /// List of policies attached to the generated token. This setting is only used /// when `type` is 'client'. /// public InputList Policies @@ -187,7 +187,7 @@ public InputList Policies public Input Role { get; set; } = null!; /// - /// Specifies the type of token to create when using this role. Valid + /// Specifies the type of token to create when using this role. Valid /// settings are 'client' and 'management'. Defaults to 'client'. /// [Input("type")] @@ -208,7 +208,7 @@ public sealed class NomadSecretRoleState : global::Pulumi.ResourceArgs public Input? Backend { get; set; } /// - /// Specifies if the generated token should be global. Defaults to + /// Specifies if the generated token should be global. Defaults to /// false. /// [Input("global")] @@ -227,7 +227,7 @@ public sealed class NomadSecretRoleState : global::Pulumi.ResourceArgs private InputList? _policies; /// - /// List of policies attached to the generated token. This setting is only used + /// List of policies attached to the generated token. This setting is only used /// when `type` is 'client'. /// public InputList Policies @@ -244,7 +244,7 @@ public InputList Policies public Input? Role { get; set; } /// - /// Specifies the type of token to create when using this role. Valid + /// Specifies the type of token to create when using this role. Valid /// settings are 'client' and 'management'. Defaults to 'client'. /// [Input("type")] diff --git a/sdk/dotnet/PkiSecret/GetBackendIssuer.cs b/sdk/dotnet/PkiSecret/GetBackendIssuer.cs index 20e1b15fc..5fbed9749 100644 --- a/sdk/dotnet/PkiSecret/GetBackendIssuer.cs +++ b/sdk/dotnet/PkiSecret/GetBackendIssuer.cs @@ -186,7 +186,7 @@ public sealed class GetBackendIssuerResult /// public readonly string LeafNotAfterBehavior; /// - /// Chain of issuer references to build this issuer's computed + /// Chain of issuer references to build this issuer's computed /// CAChain field from, when non-empty. /// public readonly ImmutableArray ManualChains; diff --git a/sdk/dotnet/PkiSecret/SecretBackendCrlConfig.cs b/sdk/dotnet/PkiSecret/SecretBackendCrlConfig.cs index 7dd1e0ff7..8a608040b 100644 --- a/sdk/dotnet/PkiSecret/SecretBackendCrlConfig.cs +++ b/sdk/dotnet/PkiSecret/SecretBackendCrlConfig.cs @@ -80,7 +80,7 @@ public partial class SecretBackendCrlConfig : global::Pulumi.CustomResource public Output Disable { get; private set; } = null!; /// - /// Enables building of delta CRLs with up-to-date revocation information, + /// Enables building of delta CRLs with up-to-date revocation information, /// augmenting the last complete CRL. **Vault 1.12+** /// [Output("enableDelta")] @@ -108,7 +108,7 @@ public partial class SecretBackendCrlConfig : global::Pulumi.CustomResource public Output OcspDisable { get; private set; } = null!; /// - /// The amount of time an OCSP response can be cached for, useful for OCSP stapling + /// The amount of time an OCSP response can be cached for, useful for OCSP stapling /// refresh durations. **Vault 1.12+** /// [Output("ocspExpiry")] @@ -210,7 +210,7 @@ public sealed class SecretBackendCrlConfigArgs : global::Pulumi.ResourceArgs public Input? Disable { get; set; } /// - /// Enables building of delta CRLs with up-to-date revocation information, + /// Enables building of delta CRLs with up-to-date revocation information, /// augmenting the last complete CRL. **Vault 1.12+** /// [Input("enableDelta")] @@ -238,7 +238,7 @@ public sealed class SecretBackendCrlConfigArgs : global::Pulumi.ResourceArgs public Input? OcspDisable { get; set; } /// - /// The amount of time an OCSP response can be cached for, useful for OCSP stapling + /// The amount of time an OCSP response can be cached for, useful for OCSP stapling /// refresh durations. **Vault 1.12+** /// [Input("ocspExpiry")] @@ -302,7 +302,7 @@ public sealed class SecretBackendCrlConfigState : global::Pulumi.ResourceArgs public Input? Disable { get; set; } /// - /// Enables building of delta CRLs with up-to-date revocation information, + /// Enables building of delta CRLs with up-to-date revocation information, /// augmenting the last complete CRL. **Vault 1.12+** /// [Input("enableDelta")] @@ -330,7 +330,7 @@ public sealed class SecretBackendCrlConfigState : global::Pulumi.ResourceArgs public Input? OcspDisable { get; set; } /// - /// The amount of time an OCSP response can be cached for, useful for OCSP stapling + /// The amount of time an OCSP response can be cached for, useful for OCSP stapling /// refresh durations. **Vault 1.12+** /// [Input("ocspExpiry")] diff --git a/sdk/dotnet/PkiSecret/SecretBackendKey.cs b/sdk/dotnet/PkiSecret/SecretBackendKey.cs index eddd2e47f..7fc0c1eb8 100644 --- a/sdk/dotnet/PkiSecret/SecretBackendKey.cs +++ b/sdk/dotnet/PkiSecret/SecretBackendKey.cs @@ -30,7 +30,7 @@ public partial class SecretBackendKey : global::Pulumi.CustomResource public Output Backend { get; private set; } = null!; /// - /// Specifies the number of bits to use for the generated keys. + /// Specifies the number of bits to use for the generated keys. /// Allowed values are 0 (universal default); with `key_type=rsa`, allowed values are: /// 2048 (default), 3072, or 4096; with `key_type=ec`, allowed values are: 224, 256 (default), /// 384, or 521; ignored with `key_type=ed25519`. @@ -45,7 +45,7 @@ public partial class SecretBackendKey : global::Pulumi.CustomResource public Output KeyId { get; private set; } = null!; /// - /// When a new key is created with this request, optionally specifies the name for this. + /// When a new key is created with this request, optionally specifies the name for this. /// The global ref `default` may not be used as a name. /// [Output("keyName")] @@ -137,7 +137,7 @@ public sealed class SecretBackendKeyArgs : global::Pulumi.ResourceArgs public Input Backend { get; set; } = null!; /// - /// Specifies the number of bits to use for the generated keys. + /// Specifies the number of bits to use for the generated keys. /// Allowed values are 0 (universal default); with `key_type=rsa`, allowed values are: /// 2048 (default), 3072, or 4096; with `key_type=ec`, allowed values are: 224, 256 (default), /// 384, or 521; ignored with `key_type=ed25519`. @@ -146,7 +146,7 @@ public sealed class SecretBackendKeyArgs : global::Pulumi.ResourceArgs public Input? KeyBits { get; set; } /// - /// When a new key is created with this request, optionally specifies the name for this. + /// When a new key is created with this request, optionally specifies the name for this. /// The global ref `default` may not be used as a name. /// [Input("keyName")] @@ -200,7 +200,7 @@ public sealed class SecretBackendKeyState : global::Pulumi.ResourceArgs public Input? Backend { get; set; } /// - /// Specifies the number of bits to use for the generated keys. + /// Specifies the number of bits to use for the generated keys. /// Allowed values are 0 (universal default); with `key_type=rsa`, allowed values are: /// 2048 (default), 3072, or 4096; with `key_type=ec`, allowed values are: 224, 256 (default), /// 384, or 521; ignored with `key_type=ed25519`. @@ -215,7 +215,7 @@ public sealed class SecretBackendKeyState : global::Pulumi.ResourceArgs public Input? KeyId { get; set; } /// - /// When a new key is created with this request, optionally specifies the name for this. + /// When a new key is created with this request, optionally specifies the name for this. /// The global ref `default` may not be used as a name. /// [Input("keyName")] diff --git a/sdk/dotnet/PkiSecret/SecretBackendRootSignIntermediate.cs b/sdk/dotnet/PkiSecret/SecretBackendRootSignIntermediate.cs index 82e5b8707..251e90e50 100644 --- a/sdk/dotnet/PkiSecret/SecretBackendRootSignIntermediate.cs +++ b/sdk/dotnet/PkiSecret/SecretBackendRootSignIntermediate.cs @@ -69,7 +69,7 @@ public partial class SecretBackendRootSignIntermediate : global::Pulumi.CustomRe public Output Certificate { get; private set; } = null!; /// - /// The concatenation of the intermediate CA and the issuing CA certificates (PEM encoded). + /// The concatenation of the intermediate CA and the issuing CA certificates (PEM encoded). /// Requires the `format` to be set to any of: pem, pem_bundle. The value will be empty for all other formats. /// [Output("certificateBundle")] @@ -484,7 +484,7 @@ public InputList CaChains public Input? Certificate { get; set; } /// - /// The concatenation of the intermediate CA and the issuing CA certificates (PEM encoded). + /// The concatenation of the intermediate CA and the issuing CA certificates (PEM encoded). /// Requires the `format` to be set to any of: pem, pem_bundle. The value will be empty for all other formats. /// [Input("certificateBundle")] diff --git a/sdk/dotnet/RaftAutopilot.cs b/sdk/dotnet/RaftAutopilot.cs index 1142d61a6..9e00e0c91 100644 --- a/sdk/dotnet/RaftAutopilot.cs +++ b/sdk/dotnet/RaftAutopilot.cs @@ -57,7 +57,7 @@ public partial class RaftAutopilot : global::Pulumi.CustomResource public Output CleanupDeadServers { get; private set; } = null!; /// - /// Limit the amount of time a + /// Limit the amount of time a /// server can go without leader contact before being considered failed. This only takes /// effect when `cleanup_dead_servers` is set. /// @@ -71,21 +71,21 @@ public partial class RaftAutopilot : global::Pulumi.CustomResource public Output DisableUpgradeMigration { get; private set; } = null!; /// - /// Limit the amount of time a server can go + /// Limit the amount of time a server can go /// without leader contact before being considered unhealthy. /// [Output("lastContactThreshold")] public Output LastContactThreshold { get; private set; } = null!; /// - /// Maximum number of log entries in the Raft log + /// Maximum number of log entries in the Raft log /// that a server can be behind its leader before being considered unhealthy. /// [Output("maxTrailingLogs")] public Output MaxTrailingLogs { get; private set; } = null!; /// - /// Minimum number of servers allowed in a cluster before + /// Minimum number of servers allowed in a cluster before /// autopilot can prune dead servers. This should at least be 3. Applicable only for /// voting nodes. /// @@ -102,7 +102,7 @@ public partial class RaftAutopilot : global::Pulumi.CustomResource public Output Namespace { get; private set; } = null!; /// - /// Minimum amount of time a server must be + /// Minimum amount of time a server must be /// stable in the 'healthy' state before being added to the cluster. /// [Output("serverStabilizationTime")] @@ -162,7 +162,7 @@ public sealed class RaftAutopilotArgs : global::Pulumi.ResourceArgs public Input? CleanupDeadServers { get; set; } /// - /// Limit the amount of time a + /// Limit the amount of time a /// server can go without leader contact before being considered failed. This only takes /// effect when `cleanup_dead_servers` is set. /// @@ -176,21 +176,21 @@ public sealed class RaftAutopilotArgs : global::Pulumi.ResourceArgs public Input? DisableUpgradeMigration { get; set; } /// - /// Limit the amount of time a server can go + /// Limit the amount of time a server can go /// without leader contact before being considered unhealthy. /// [Input("lastContactThreshold")] public Input? LastContactThreshold { get; set; } /// - /// Maximum number of log entries in the Raft log + /// Maximum number of log entries in the Raft log /// that a server can be behind its leader before being considered unhealthy. /// [Input("maxTrailingLogs")] public Input? MaxTrailingLogs { get; set; } /// - /// Minimum number of servers allowed in a cluster before + /// Minimum number of servers allowed in a cluster before /// autopilot can prune dead servers. This should at least be 3. Applicable only for /// voting nodes. /// @@ -207,7 +207,7 @@ public sealed class RaftAutopilotArgs : global::Pulumi.ResourceArgs public Input? Namespace { get; set; } /// - /// Minimum amount of time a server must be + /// Minimum amount of time a server must be /// stable in the 'healthy' state before being added to the cluster. /// [Input("serverStabilizationTime")] @@ -229,7 +229,7 @@ public sealed class RaftAutopilotState : global::Pulumi.ResourceArgs public Input? CleanupDeadServers { get; set; } /// - /// Limit the amount of time a + /// Limit the amount of time a /// server can go without leader contact before being considered failed. This only takes /// effect when `cleanup_dead_servers` is set. /// @@ -243,21 +243,21 @@ public sealed class RaftAutopilotState : global::Pulumi.ResourceArgs public Input? DisableUpgradeMigration { get; set; } /// - /// Limit the amount of time a server can go + /// Limit the amount of time a server can go /// without leader contact before being considered unhealthy. /// [Input("lastContactThreshold")] public Input? LastContactThreshold { get; set; } /// - /// Maximum number of log entries in the Raft log + /// Maximum number of log entries in the Raft log /// that a server can be behind its leader before being considered unhealthy. /// [Input("maxTrailingLogs")] public Input? MaxTrailingLogs { get; set; } /// - /// Minimum number of servers allowed in a cluster before + /// Minimum number of servers allowed in a cluster before /// autopilot can prune dead servers. This should at least be 3. Applicable only for /// voting nodes. /// @@ -274,7 +274,7 @@ public sealed class RaftAutopilotState : global::Pulumi.ResourceArgs public Input? Namespace { get; set; } /// - /// Minimum amount of time a server must be + /// Minimum amount of time a server must be /// stable in the 'healthy' state before being added to the cluster. /// [Input("serverStabilizationTime")] diff --git a/sdk/dotnet/RaftSnapshotAgentConfig.cs b/sdk/dotnet/RaftSnapshotAgentConfig.cs index 38c17b6ac..881761fbe 100644 --- a/sdk/dotnet/RaftSnapshotAgentConfig.cs +++ b/sdk/dotnet/RaftSnapshotAgentConfig.cs @@ -12,7 +12,7 @@ namespace Pulumi.Vault /// /// ## Example Usage /// - /// ### Local Storage + /// #### Local Storage /// ```csharp /// using System.Collections.Generic; /// using System.Linq; @@ -34,7 +34,7 @@ namespace Pulumi.Vault /// }); /// ``` /// - /// ### AWS S3 + /// #### AWS S3 /// ```csharp /// using System.Collections.Generic; /// using System.Linq; @@ -66,7 +66,7 @@ namespace Pulumi.Vault /// }); /// ``` /// - /// ### Azure BLOB + /// #### Azure BLOB /// /// ```csharp /// using System.Collections.Generic; diff --git a/sdk/dotnet/Saml/AuthBackend.cs b/sdk/dotnet/Saml/AuthBackend.cs index dfd1b2784..43650d9b9 100644 --- a/sdk/dotnet/Saml/AuthBackend.cs +++ b/sdk/dotnet/Saml/AuthBackend.cs @@ -10,6 +10,15 @@ namespace Pulumi.Vault.Saml { /// + /// layout: "vault" + /// page_title: "Vault: vault.saml.AuthBackend resource" + /// sidebar_current: "docs-vault-saml-auth-backend" + /// description: |- + /// Manages SAML Auth mounts in Vault. + /// <!-- yaml: line 6: could not find expected ':' --> + /// + /// # vault\_saml\_auth\_backend + /// /// Manages a SAML Auth mount in a Vault server. See the [Vault /// documentation](https://www.vaultproject.io/docs/auth/saml/) for more /// information. @@ -97,7 +106,7 @@ public partial class AuthBackend : global::Pulumi.CustomResource public Output IdpMetadataUrl { get; private set; } = null!; /// - /// The SSO URL of the identity provider. Mutually exclusive with + /// The SSO URL of the identity provider. Mutually exclusive with /// `idp_metadata_url`. /// [Output("idpSsoUrl")] @@ -226,7 +235,7 @@ public InputList AcsUrls public Input? IdpMetadataUrl { get; set; } /// - /// The SSO URL of the identity provider. Mutually exclusive with + /// The SSO URL of the identity provider. Mutually exclusive with /// `idp_metadata_url`. /// [Input("idpSsoUrl")] @@ -317,7 +326,7 @@ public InputList AcsUrls public Input? IdpMetadataUrl { get; set; } /// - /// The SSO URL of the identity provider. Mutually exclusive with + /// The SSO URL of the identity provider. Mutually exclusive with /// `idp_metadata_url`. /// [Input("idpSsoUrl")] diff --git a/sdk/dotnet/Saml/AuthBackendRole.cs b/sdk/dotnet/Saml/AuthBackendRole.cs index a8f4dd2a2..60958bce6 100644 --- a/sdk/dotnet/Saml/AuthBackendRole.cs +++ b/sdk/dotnet/Saml/AuthBackendRole.cs @@ -10,6 +10,15 @@ namespace Pulumi.Vault.Saml { /// + /// layout: "vault" + /// page_title: "Vault: vault.saml.AuthBackendRole resource" + /// sidebar_current: "docs-vault-resource-saml-auth-backend-role" + /// description: |- + /// Manages SAML auth backend roles in Vault. + /// <!-- yaml: line 6: could not find expected ':' --> + /// + /// # vault\_saml\_auth\_backend\_role + /// /// Manages an SAML auth backend role in a Vault server. See the [Vault /// documentation](https://www.vaultproject.io/docs/auth/saml.html) for more /// information. diff --git a/sdk/dotnet/Secrets/SyncAwsDestination.cs b/sdk/dotnet/Secrets/SyncAwsDestination.cs index 7ecdf5479..f4ace352e 100644 --- a/sdk/dotnet/Secrets/SyncAwsDestination.cs +++ b/sdk/dotnet/Secrets/SyncAwsDestination.cs @@ -74,7 +74,7 @@ public partial class SyncAwsDestination : global::Pulumi.CustomResource public Output ExternalId { get; private set; } = null!; /// - /// Determines what level of information is synced as a distinct resource + /// Determines what level of information is synced as a distinct resource /// at the destination. Supports `secret-path` and `secret-key`. /// [Output("granularity")] @@ -103,7 +103,7 @@ public partial class SyncAwsDestination : global::Pulumi.CustomResource public Output Region { get; private set; } = null!; /// - /// Specifies a role to assume when connecting to AWS. When assuming a role, + /// Specifies a role to assume when connecting to AWS. When assuming a role, /// Vault uses temporary STS credentials to authenticate. An initial session with the proper trust relationship must /// exist for Vault to be able to assume this role. The role can be in a different account. /// The value is mutable as long as the new role targets the same AWS account ID. If not, the BE will return an error. @@ -214,7 +214,7 @@ public InputMap CustomTags public Input? ExternalId { get; set; } /// - /// Determines what level of information is synced as a distinct resource + /// Determines what level of information is synced as a distinct resource /// at the destination. Supports `secret-path` and `secret-key`. /// [Input("granularity")] @@ -243,7 +243,7 @@ public InputMap CustomTags public Input? Region { get; set; } /// - /// Specifies a role to assume when connecting to AWS. When assuming a role, + /// Specifies a role to assume when connecting to AWS. When assuming a role, /// Vault uses temporary STS credentials to authenticate. An initial session with the proper trust relationship must /// exist for Vault to be able to assume this role. The role can be in a different account. /// The value is mutable as long as the new role targets the same AWS account ID. If not, the BE will return an error. @@ -316,7 +316,7 @@ public InputMap CustomTags public Input? ExternalId { get; set; } /// - /// Determines what level of information is synced as a distinct resource + /// Determines what level of information is synced as a distinct resource /// at the destination. Supports `secret-path` and `secret-key`. /// [Input("granularity")] @@ -345,7 +345,7 @@ public InputMap CustomTags public Input? Region { get; set; } /// - /// Specifies a role to assume when connecting to AWS. When assuming a role, + /// Specifies a role to assume when connecting to AWS. When assuming a role, /// Vault uses temporary STS credentials to authenticate. An initial session with the proper trust relationship must /// exist for Vault to be able to assume this role. The role can be in a different account. /// The value is mutable as long as the new role targets the same AWS account ID. If not, the BE will return an error. diff --git a/sdk/dotnet/Secrets/SyncGhDestination.cs b/sdk/dotnet/Secrets/SyncGhDestination.cs index c13fa6491..13a4391a6 100644 --- a/sdk/dotnet/Secrets/SyncGhDestination.cs +++ b/sdk/dotnet/Secrets/SyncGhDestination.cs @@ -52,8 +52,7 @@ public partial class SyncGhDestination : global::Pulumi.CustomResource public Output AccessToken { get; private set; } = null!; /// - /// The user-defined name of the GitHub App configuration. This is a reference to the name used - /// on the new endpoint when configuring the GitHub app on the Vault Server. Can be modified. + /// The user-defined name of the GitHub App configuration. This is a reference to the name usedon the new endpoint when configuring the GitHub app on the Vault Server. Can be modified. /// Takes precedence over the `access_token` field. /// [Output("appName")] @@ -67,7 +66,7 @@ public partial class SyncGhDestination : global::Pulumi.CustomResource public Output Granularity { get; private set; } = null!; /// - /// The ID of the installation generated by GitHub when the app referenced by the `app_name` + /// The ID of the installation generated by GitHub when the app referenced by the `app_name` /// was installed in the user’s GitHub account. Can be modified. Necessary if the `app_name` field is also provided. /// [Output("installationId")] @@ -185,8 +184,7 @@ public Input? AccessToken } /// - /// The user-defined name of the GitHub App configuration. This is a reference to the name used - /// on the new endpoint when configuring the GitHub app on the Vault Server. Can be modified. + /// The user-defined name of the GitHub App configuration. This is a reference to the name usedon the new endpoint when configuring the GitHub app on the Vault Server. Can be modified. /// Takes precedence over the `access_token` field. /// [Input("appName")] @@ -200,7 +198,7 @@ public Input? AccessToken public Input? Granularity { get; set; } /// - /// The ID of the installation generated by GitHub when the app referenced by the `app_name` + /// The ID of the installation generated by GitHub when the app referenced by the `app_name` /// was installed in the user’s GitHub account. Can be modified. Necessary if the `app_name` field is also provided. /// [Input("installationId")] @@ -270,8 +268,7 @@ public Input? AccessToken } /// - /// The user-defined name of the GitHub App configuration. This is a reference to the name used - /// on the new endpoint when configuring the GitHub app on the Vault Server. Can be modified. + /// The user-defined name of the GitHub App configuration. This is a reference to the name usedon the new endpoint when configuring the GitHub app on the Vault Server. Can be modified. /// Takes precedence over the `access_token` field. /// [Input("appName")] @@ -285,7 +282,7 @@ public Input? AccessToken public Input? Granularity { get; set; } /// - /// The ID of the installation generated by GitHub when the app referenced by the `app_name` + /// The ID of the installation generated by GitHub when the app referenced by the `app_name` /// was installed in the user’s GitHub account. Can be modified. Necessary if the `app_name` field is also provided. /// [Input("installationId")] diff --git a/sdk/dotnet/Ssh/SecretBackendRole.cs b/sdk/dotnet/Ssh/SecretBackendRole.cs index cf5d006f0..ca263a9a5 100644 --- a/sdk/dotnet/Ssh/SecretBackendRole.cs +++ b/sdk/dotnet/Ssh/SecretBackendRole.cs @@ -122,9 +122,7 @@ public partial class SecretBackendRole : global::Pulumi.CustomResource public Output AllowedExtensions { get; private set; } = null!; /// - /// Set of configuration blocks to define allowed - /// user key configuration, like key type and their lengths. Can be specified multiple times. - /// *See Configuration-Options for more info* + /// Set of configuration blocks to define alloweduser key configuration, like key type and their lengths. Can be specified multiple times.*See Configuration-Options for more info* /// [Output("allowedUserKeyConfigs")] public Output> AllowedUserKeyConfigs { get; private set; } = null!; @@ -333,9 +331,7 @@ public sealed class SecretBackendRoleArgs : global::Pulumi.ResourceArgs private InputList? _allowedUserKeyConfigs; /// - /// Set of configuration blocks to define allowed - /// user key configuration, like key type and their lengths. Can be specified multiple times. - /// *See Configuration-Options for more info* + /// Set of configuration blocks to define alloweduser key configuration, like key type and their lengths. Can be specified multiple times.*See Configuration-Options for more info* /// public InputList AllowedUserKeyConfigs { @@ -521,9 +517,7 @@ public sealed class SecretBackendRoleState : global::Pulumi.ResourceArgs private InputList? _allowedUserKeyConfigs; /// - /// Set of configuration blocks to define allowed - /// user key configuration, like key type and their lengths. Can be specified multiple times. - /// *See Configuration-Options for more info* + /// Set of configuration blocks to define alloweduser key configuration, like key type and their lengths. Can be specified multiple times.*See Configuration-Options for more info* /// public InputList AllowedUserKeyConfigs { diff --git a/sdk/dotnet/TerraformCloud/SecretCreds.cs b/sdk/dotnet/TerraformCloud/SecretCreds.cs index c227835d7..4455826a7 100644 --- a/sdk/dotnet/TerraformCloud/SecretCreds.cs +++ b/sdk/dotnet/TerraformCloud/SecretCreds.cs @@ -51,7 +51,7 @@ public partial class SecretCreds : global::Pulumi.CustomResource public Output Backend { get; private set; } = null!; /// - /// The lease associated with the token. Only user tokens will have a + /// The lease associated with the token. Only user tokens will have a /// Vault lease associated with them. /// [Output("leaseId")] @@ -92,7 +92,7 @@ public partial class SecretCreds : global::Pulumi.CustomResource public Output Token { get; private set; } = null!; /// - /// The public identifier for a specific token. It can be used + /// The public identifier for a specific token. It can be used /// to look up information about a token or to revoke a token. /// [Output("tokenId")] @@ -182,7 +182,7 @@ public sealed class SecretCredsState : global::Pulumi.ResourceArgs private Input? _leaseId; /// - /// The lease associated with the token. Only user tokens will have a + /// The lease associated with the token. Only user tokens will have a /// Vault lease associated with them. /// public Input? LeaseId @@ -240,7 +240,7 @@ public Input? Token } /// - /// The public identifier for a specific token. It can be used + /// The public identifier for a specific token. It can be used /// to look up information about a token or to revoke a token. /// [Input("tokenId")] diff --git a/sdk/dotnet/TokenAuth/AuthBackendRole.cs b/sdk/dotnet/TokenAuth/AuthBackendRole.cs index fa8757c85..463e9f813 100644 --- a/sdk/dotnet/TokenAuth/AuthBackendRole.cs +++ b/sdk/dotnet/TokenAuth/AuthBackendRole.cs @@ -108,8 +108,6 @@ public partial class AuthBackendRole : global::Pulumi.CustomResource /// /// Tokens created against this role will have the given suffix as part of their path in addition to the role name. - /// - /// > Due to a bug the resource. This *will* cause all existing tokens issued by this role to be revoked. /// [Output("pathSuffix")] public Output PathSuffix { get; private set; } = null!; @@ -303,8 +301,6 @@ public InputList DisallowedPoliciesGlobs /// /// Tokens created against this role will have the given suffix as part of their path in addition to the role name. - /// - /// > Due to a bug the resource. This *will* cause all existing tokens issued by this role to be revoked. /// [Input("pathSuffix")] public Input? PathSuffix { get; set; } @@ -472,8 +468,6 @@ public InputList DisallowedPoliciesGlobs /// /// Tokens created against this role will have the given suffix as part of their path in addition to the role name. - /// - /// > Due to a bug the resource. This *will* cause all existing tokens issued by this role to be revoked. /// [Input("pathSuffix")] public Input? PathSuffix { get; set; } diff --git a/sdk/dotnet/Transform/Template.cs b/sdk/dotnet/Transform/Template.cs index b7d899a0c..cd71627d0 100644 --- a/sdk/dotnet/Transform/Template.cs +++ b/sdk/dotnet/Transform/Template.cs @@ -15,7 +15,7 @@ namespace Pulumi.Vault.Transform /// It creates or updates a template with the given name. If a template with the name does not exist, /// it will be created. If the template exists, it will be updated with the new attributes. /// - /// > Requires _Vault Enterprise with the Advanced Data Protection Transform Module_. + /// > Requires *Vault Enterprise with the Advanced Data Protection Transform Module*. /// See [Transform Secrets Engine](https://www.vaultproject.io/docs/secrets/transform) /// for more information. /// diff --git a/sdk/dotnet/kv/GetSecret.cs b/sdk/dotnet/kv/GetSecret.cs index 99843d003..9ad984dc7 100644 --- a/sdk/dotnet/kv/GetSecret.cs +++ b/sdk/dotnet/kv/GetSecret.cs @@ -176,7 +176,7 @@ public sealed class GetSecretResult /// public readonly string Id; /// - /// The duration of the secret lease, in seconds. Once + /// The duration of the secret lease, in seconds. Once /// this time has passed any plan generated with this data may fail to apply. /// public readonly int LeaseDuration; @@ -185,7 +185,7 @@ public sealed class GetSecretResult /// public readonly string LeaseId; /// - /// True if the duration of this lease can be extended + /// True if the duration of this lease can be extended /// through renewal. /// public readonly bool LeaseRenewable; diff --git a/sdk/dotnet/kv/GetSecretSubkeysV2.cs b/sdk/dotnet/kv/GetSecretSubkeysV2.cs index 36d6c8d53..512b4bff9 100644 --- a/sdk/dotnet/kv/GetSecretSubkeysV2.cs +++ b/sdk/dotnet/kv/GetSecretSubkeysV2.cs @@ -149,7 +149,7 @@ public sealed class GetSecretSubkeysV2Args : global::Pulumi.InvokeArgs public string? Namespace { get; set; } /// - /// Specifies the version to return. If not + /// Specifies the version to return. If not /// set the latest version is returned. /// [Input("version")] @@ -197,7 +197,7 @@ public sealed class GetSecretSubkeysV2InvokeArgs : global::Pulumi.InvokeArgs public Input? Namespace { get; set; } /// - /// Specifies the version to return. If not + /// Specifies the version to return. If not /// set the latest version is returned. /// [Input("version")] diff --git a/sdk/go.mod b/sdk/go.mod index 06f395188..16d17bb01 100644 --- a/sdk/go.mod +++ b/sdk/go.mod @@ -4,7 +4,7 @@ go 1.21 require ( github.com/blang/semver v3.5.1+incompatible - github.com/pulumi/pulumi/sdk/v3 v3.129.0 + github.com/pulumi/pulumi/sdk/v3 v3.130.0 ) require ( diff --git a/sdk/go.sum b/sdk/go.sum index 07e28f48e..db4a0a8c8 100644 --- a/sdk/go.sum +++ b/sdk/go.sum @@ -150,8 +150,8 @@ github.com/pulumi/appdash v0.0.0-20231130102222-75f619a67231 h1:vkHw5I/plNdTr435 github.com/pulumi/appdash v0.0.0-20231130102222-75f619a67231/go.mod h1:murToZ2N9hNJzewjHBgfFdXhZKjY3z5cYC1VXk+lbFE= github.com/pulumi/esc v0.9.1 h1:HH5eEv8sgyxSpY5a8yePyqFXzA8cvBvapfH8457+mIs= github.com/pulumi/esc v0.9.1/go.mod h1:oEJ6bOsjYlQUpjf70GiX+CXn3VBmpwFDxUTlmtUN84c= -github.com/pulumi/pulumi/sdk/v3 v3.129.0 h1:uZpTTwWTx7Mk8UT9FgatzxzArim47vZ6hzNCKvgvX6A= -github.com/pulumi/pulumi/sdk/v3 v3.129.0/go.mod h1:p1U24en3zt51agx+WlNboSOV8eLlPWYAkxMzVEXKbnY= +github.com/pulumi/pulumi/sdk/v3 v3.130.0 h1:gGJNd+akPqhZ+vrsZmAjSNJn6kGJkitjjkwrmIQMmn8= +github.com/pulumi/pulumi/sdk/v3 v3.130.0/go.mod h1:p1U24en3zt51agx+WlNboSOV8eLlPWYAkxMzVEXKbnY= github.com/rivo/uniseg v0.1.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= github.com/rivo/uniseg v0.4.4 h1:8TfxU8dW6PdqD27gjM8MVNuicgxIjxpm4K7x4jp8sis= diff --git a/sdk/go/vault/audit.go b/sdk/go/vault/audit.go index ae3ab7ca1..bcb2d8d42 100644 --- a/sdk/go/vault/audit.go +++ b/sdk/go/vault/audit.go @@ -14,7 +14,7 @@ import ( // ## Example Usage // -// ### File Audit Device) +// ### file audit device) // // ```go // package main @@ -43,7 +43,7 @@ import ( // // ``` // -// ### Socket Audit Device) +// ### socket audit device) // // ```go // package main diff --git a/sdk/go/vault/azure/backend.go b/sdk/go/vault/azure/backend.go index 5ebe34600..d5f80d2db 100644 --- a/sdk/go/vault/azure/backend.go +++ b/sdk/go/vault/azure/backend.go @@ -14,7 +14,7 @@ import ( // ## Example Usage // -// ### *Vault-1.9 And Above* +// ### vault-1.9 and above // // You can setup the Azure secrets engine with Workload Identity Federation (WIF) for a secret-less configuration: // ```go @@ -74,7 +74,7 @@ import ( // // ``` // -// ### *Vault-1.8 And Below* +// ### vault-1.8 and below // // ```go // package main diff --git a/sdk/go/vault/azure/getAccessCredentials.go b/sdk/go/vault/azure/getAccessCredentials.go index 025123281..449bb4ad5 100644 --- a/sdk/go/vault/azure/getAccessCredentials.go +++ b/sdk/go/vault/azure/getAccessCredentials.go @@ -63,8 +63,7 @@ type GetAccessCredentialsArgs struct { Backend string `pulumi:"backend"` // The Azure environment to use during credential validation. // Defaults to the environment configured in the Vault backend. - // Some possible values: `AzurePublicCloud`, `AzureGovernmentCloud` - // *See the caveats section for more information on this field.* + // Some possible values: `AzurePublicCloud`, `AzureGovernmentCloud`*See the caveats section for more information on this field.* Environment *string `pulumi:"environment"` // If 'validate_creds' is true, // the number of seconds after which to give up validating credentials. Defaults @@ -87,12 +86,10 @@ type GetAccessCredentialsArgs struct { // credentials from, with no leading or trailing `/`s. Role string `pulumi:"role"` // The subscription ID to use during credential - // validation. Defaults to the subscription ID configured in the Vault `backend`. - // *See the caveats section for more information on this field.* + // validation. Defaults to the subscription ID configured in the Vault `backend`.*See the caveats section for more information on this field.* SubscriptionId *string `pulumi:"subscriptionId"` // The tenant ID to use during credential validation. - // Defaults to the tenant ID configured in the Vault `backend`. - // *See the caveats section for more information on this field.* + // Defaults to the tenant ID configured in the Vault `backend`.*See the caveats section for more information on this field.* TenantId *string `pulumi:"tenantId"` // Whether generated credentials should be // validated before being returned. Defaults to `false`, which returns @@ -149,8 +146,7 @@ type GetAccessCredentialsOutputArgs struct { Backend pulumi.StringInput `pulumi:"backend"` // The Azure environment to use during credential validation. // Defaults to the environment configured in the Vault backend. - // Some possible values: `AzurePublicCloud`, `AzureGovernmentCloud` - // *See the caveats section for more information on this field.* + // Some possible values: `AzurePublicCloud`, `AzureGovernmentCloud`*See the caveats section for more information on this field.* Environment pulumi.StringPtrInput `pulumi:"environment"` // If 'validate_creds' is true, // the number of seconds after which to give up validating credentials. Defaults @@ -173,12 +169,10 @@ type GetAccessCredentialsOutputArgs struct { // credentials from, with no leading or trailing `/`s. Role pulumi.StringInput `pulumi:"role"` // The subscription ID to use during credential - // validation. Defaults to the subscription ID configured in the Vault `backend`. - // *See the caveats section for more information on this field.* + // validation. Defaults to the subscription ID configured in the Vault `backend`.*See the caveats section for more information on this field.* SubscriptionId pulumi.StringPtrInput `pulumi:"subscriptionId"` // The tenant ID to use during credential validation. - // Defaults to the tenant ID configured in the Vault `backend`. - // *See the caveats section for more information on this field.* + // Defaults to the tenant ID configured in the Vault `backend`.*See the caveats section for more information on this field.* TenantId pulumi.StringPtrInput `pulumi:"tenantId"` // Whether generated credentials should be // validated before being returned. Defaults to `false`, which returns diff --git a/sdk/go/vault/consul/secretBackend.go b/sdk/go/vault/consul/secretBackend.go index 997308eb1..c9d99bf6c 100644 --- a/sdk/go/vault/consul/secretBackend.go +++ b/sdk/go/vault/consul/secretBackend.go @@ -14,7 +14,7 @@ import ( // ## Example Usage // -// ### Creating a standard backend resource: +// #### Creating a standard backend resource: // ```go // package main // @@ -42,7 +42,7 @@ import ( // // ``` // -// ### Creating a backend resource to bootstrap a new Consul instance: +// #### Creating a backend resource to bootstrap a new Consul instance: // ```go // package main // diff --git a/sdk/go/vault/database/secretsMount.go b/sdk/go/vault/database/secretsMount.go index e7bb88e84..d07d610b9 100644 --- a/sdk/go/vault/database/secretsMount.go +++ b/sdk/go/vault/database/secretsMount.go @@ -112,11 +112,9 @@ type SecretsMount struct { AuditNonHmacRequestKeys pulumi.StringArrayOutput `pulumi:"auditNonHmacRequestKeys"` // Specifies the list of keys that will not be HMAC'd by audit devices in the response data object. AuditNonHmacResponseKeys pulumi.StringArrayOutput `pulumi:"auditNonHmacResponseKeys"` - // A nested block containing configuration options for Cassandra connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for Cassandra connections.*See Configuration Options for more info* Cassandras SecretsMountCassandraArrayOutput `pulumi:"cassandras"` - // A nested block containing configuration options for Couchbase connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for Couchbase connections.*See Configuration Options for more info* Couchbases SecretsMountCouchbaseArrayOutput `pulumi:"couchbases"` // Default lease duration for tokens and secrets in seconds DefaultLeaseTtlSeconds pulumi.IntOutput `pulumi:"defaultLeaseTtlSeconds"` @@ -124,20 +122,17 @@ type SecretsMount struct { DelegatedAuthAccessors pulumi.StringArrayOutput `pulumi:"delegatedAuthAccessors"` // Human-friendly description of the mount Description pulumi.StringPtrOutput `pulumi:"description"` - // A nested block containing configuration options for Elasticsearch connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for Elasticsearch connections.*See Configuration Options for more info* Elasticsearches SecretsMountElasticsearchArrayOutput `pulumi:"elasticsearches"` // The total number of database secrets engines configured. EngineCount pulumi.IntOutput `pulumi:"engineCount"` // Boolean flag that can be explicitly set to true to enable the secrets engine to access Vault's external entropy source ExternalEntropyAccess pulumi.BoolPtrOutput `pulumi:"externalEntropyAccess"` - // A nested block containing configuration options for SAP HanaDB connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for SAP HanaDB connections.*See Configuration Options for more info* Hanas SecretsMountHanaArrayOutput `pulumi:"hanas"` // The key to use for signing plugin workload identity tokens IdentityTokenKey pulumi.StringPtrOutput `pulumi:"identityTokenKey"` - // A nested block containing configuration options for InfluxDB connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for InfluxDB connections.*See Configuration Options for more info* Influxdbs SecretsMountInfluxdbArrayOutput `pulumi:"influxdbs"` // Specifies whether to show this mount in the UI-specific listing endpoint ListingVisibility pulumi.StringPtrOutput `pulumi:"listingVisibility"` @@ -145,33 +140,25 @@ type SecretsMount struct { Local pulumi.BoolPtrOutput `pulumi:"local"` // Maximum possible lease duration for tokens and secrets in seconds MaxLeaseTtlSeconds pulumi.IntOutput `pulumi:"maxLeaseTtlSeconds"` - // A nested block containing configuration options for MongoDB Atlas connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for MongoDB Atlas connections.*See Configuration Options for more info* Mongodbatlas SecretsMountMongodbatlaArrayOutput `pulumi:"mongodbatlas"` - // A nested block containing configuration options for MongoDB connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for MongoDB connections.*See Configuration Options for more info* Mongodbs SecretsMountMongodbArrayOutput `pulumi:"mongodbs"` - // A nested block containing configuration options for MSSQL connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for MSSQL connections.*See Configuration Options for more info* Mssqls SecretsMountMssqlArrayOutput `pulumi:"mssqls"` - // A nested block containing configuration options for Aurora MySQL connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for Aurora MySQL connections.*See Configuration Options for more info* MysqlAuroras SecretsMountMysqlAuroraArrayOutput `pulumi:"mysqlAuroras"` - // A nested block containing configuration options for legacy MySQL connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for legacy MySQL connections.*See Configuration Options for more info* MysqlLegacies SecretsMountMysqlLegacyArrayOutput `pulumi:"mysqlLegacies"` - // A nested block containing configuration options for RDS MySQL connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for RDS MySQL connections.*See Configuration Options for more info* MysqlRds SecretsMountMysqlRdArrayOutput `pulumi:"mysqlRds"` - // A nested block containing configuration options for MySQL connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for MySQL connections.*See Configuration Options for more info* Mysqls SecretsMountMysqlArrayOutput `pulumi:"mysqls"` // Target namespace. (requires Enterprise) Namespace pulumi.StringPtrOutput `pulumi:"namespace"` // Specifies mount type specific options that are passed to the backend Options pulumi.StringMapOutput `pulumi:"options"` - // A nested block containing configuration options for Oracle connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for Oracle connections.*See Configuration Options for more info* Oracles SecretsMountOracleArrayOutput `pulumi:"oracles"` // List of headers to allow and pass from the request to the plugin PassthroughRequestHeaders pulumi.StringArrayOutput `pulumi:"passthroughRequestHeaders"` @@ -179,22 +166,17 @@ type SecretsMount struct { Path pulumi.StringOutput `pulumi:"path"` // Specifies the semantic version of the plugin to use, e.g. 'v1.0.0' PluginVersion pulumi.StringPtrOutput `pulumi:"pluginVersion"` - // A nested block containing configuration options for PostgreSQL connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for PostgreSQL connections.*See Configuration Options for more info* Postgresqls SecretsMountPostgresqlArrayOutput `pulumi:"postgresqls"` - // A nested block containing configuration options for Redis connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for Redis connections.*See Configuration Options for more info* Redis SecretsMountRediArrayOutput `pulumi:"redis"` - // A nested block containing configuration options for Redis ElastiCache connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for Redis ElastiCache connections.*See Configuration Options for more info* RedisElasticaches SecretsMountRedisElasticachArrayOutput `pulumi:"redisElasticaches"` - // A nested block containing configuration options for AWS Redshift connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for AWS Redshift connections.*See Configuration Options for more info* Redshifts SecretsMountRedshiftArrayOutput `pulumi:"redshifts"` // Boolean flag that can be explicitly set to true to enable seal wrapping for the mount, causing values stored by the mount to be wrapped by the seal's encryption capability SealWrap pulumi.BoolOutput `pulumi:"sealWrap"` - // A nested block containing configuration options for Snowflake connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for Snowflake connections.*See Configuration Options for more info* Snowflakes SecretsMountSnowflakeArrayOutput `pulumi:"snowflakes"` } @@ -243,11 +225,9 @@ type secretsMountState struct { AuditNonHmacRequestKeys []string `pulumi:"auditNonHmacRequestKeys"` // Specifies the list of keys that will not be HMAC'd by audit devices in the response data object. AuditNonHmacResponseKeys []string `pulumi:"auditNonHmacResponseKeys"` - // A nested block containing configuration options for Cassandra connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for Cassandra connections.*See Configuration Options for more info* Cassandras []SecretsMountCassandra `pulumi:"cassandras"` - // A nested block containing configuration options for Couchbase connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for Couchbase connections.*See Configuration Options for more info* Couchbases []SecretsMountCouchbase `pulumi:"couchbases"` // Default lease duration for tokens and secrets in seconds DefaultLeaseTtlSeconds *int `pulumi:"defaultLeaseTtlSeconds"` @@ -255,20 +235,17 @@ type secretsMountState struct { DelegatedAuthAccessors []string `pulumi:"delegatedAuthAccessors"` // Human-friendly description of the mount Description *string `pulumi:"description"` - // A nested block containing configuration options for Elasticsearch connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for Elasticsearch connections.*See Configuration Options for more info* Elasticsearches []SecretsMountElasticsearch `pulumi:"elasticsearches"` // The total number of database secrets engines configured. EngineCount *int `pulumi:"engineCount"` // Boolean flag that can be explicitly set to true to enable the secrets engine to access Vault's external entropy source ExternalEntropyAccess *bool `pulumi:"externalEntropyAccess"` - // A nested block containing configuration options for SAP HanaDB connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for SAP HanaDB connections.*See Configuration Options for more info* Hanas []SecretsMountHana `pulumi:"hanas"` // The key to use for signing plugin workload identity tokens IdentityTokenKey *string `pulumi:"identityTokenKey"` - // A nested block containing configuration options for InfluxDB connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for InfluxDB connections.*See Configuration Options for more info* Influxdbs []SecretsMountInfluxdb `pulumi:"influxdbs"` // Specifies whether to show this mount in the UI-specific listing endpoint ListingVisibility *string `pulumi:"listingVisibility"` @@ -276,33 +253,25 @@ type secretsMountState struct { Local *bool `pulumi:"local"` // Maximum possible lease duration for tokens and secrets in seconds MaxLeaseTtlSeconds *int `pulumi:"maxLeaseTtlSeconds"` - // A nested block containing configuration options for MongoDB Atlas connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for MongoDB Atlas connections.*See Configuration Options for more info* Mongodbatlas []SecretsMountMongodbatla `pulumi:"mongodbatlas"` - // A nested block containing configuration options for MongoDB connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for MongoDB connections.*See Configuration Options for more info* Mongodbs []SecretsMountMongodb `pulumi:"mongodbs"` - // A nested block containing configuration options for MSSQL connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for MSSQL connections.*See Configuration Options for more info* Mssqls []SecretsMountMssql `pulumi:"mssqls"` - // A nested block containing configuration options for Aurora MySQL connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for Aurora MySQL connections.*See Configuration Options for more info* MysqlAuroras []SecretsMountMysqlAurora `pulumi:"mysqlAuroras"` - // A nested block containing configuration options for legacy MySQL connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for legacy MySQL connections.*See Configuration Options for more info* MysqlLegacies []SecretsMountMysqlLegacy `pulumi:"mysqlLegacies"` - // A nested block containing configuration options for RDS MySQL connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for RDS MySQL connections.*See Configuration Options for more info* MysqlRds []SecretsMountMysqlRd `pulumi:"mysqlRds"` - // A nested block containing configuration options for MySQL connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for MySQL connections.*See Configuration Options for more info* Mysqls []SecretsMountMysql `pulumi:"mysqls"` // Target namespace. (requires Enterprise) Namespace *string `pulumi:"namespace"` // Specifies mount type specific options that are passed to the backend Options map[string]string `pulumi:"options"` - // A nested block containing configuration options for Oracle connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for Oracle connections.*See Configuration Options for more info* Oracles []SecretsMountOracle `pulumi:"oracles"` // List of headers to allow and pass from the request to the plugin PassthroughRequestHeaders []string `pulumi:"passthroughRequestHeaders"` @@ -310,22 +279,17 @@ type secretsMountState struct { Path *string `pulumi:"path"` // Specifies the semantic version of the plugin to use, e.g. 'v1.0.0' PluginVersion *string `pulumi:"pluginVersion"` - // A nested block containing configuration options for PostgreSQL connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for PostgreSQL connections.*See Configuration Options for more info* Postgresqls []SecretsMountPostgresql `pulumi:"postgresqls"` - // A nested block containing configuration options for Redis connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for Redis connections.*See Configuration Options for more info* Redis []SecretsMountRedi `pulumi:"redis"` - // A nested block containing configuration options for Redis ElastiCache connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for Redis ElastiCache connections.*See Configuration Options for more info* RedisElasticaches []SecretsMountRedisElasticach `pulumi:"redisElasticaches"` - // A nested block containing configuration options for AWS Redshift connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for AWS Redshift connections.*See Configuration Options for more info* Redshifts []SecretsMountRedshift `pulumi:"redshifts"` // Boolean flag that can be explicitly set to true to enable seal wrapping for the mount, causing values stored by the mount to be wrapped by the seal's encryption capability SealWrap *bool `pulumi:"sealWrap"` - // A nested block containing configuration options for Snowflake connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for Snowflake connections.*See Configuration Options for more info* Snowflakes []SecretsMountSnowflake `pulumi:"snowflakes"` } @@ -342,11 +306,9 @@ type SecretsMountState struct { AuditNonHmacRequestKeys pulumi.StringArrayInput // Specifies the list of keys that will not be HMAC'd by audit devices in the response data object. AuditNonHmacResponseKeys pulumi.StringArrayInput - // A nested block containing configuration options for Cassandra connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for Cassandra connections.*See Configuration Options for more info* Cassandras SecretsMountCassandraArrayInput - // A nested block containing configuration options for Couchbase connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for Couchbase connections.*See Configuration Options for more info* Couchbases SecretsMountCouchbaseArrayInput // Default lease duration for tokens and secrets in seconds DefaultLeaseTtlSeconds pulumi.IntPtrInput @@ -354,20 +316,17 @@ type SecretsMountState struct { DelegatedAuthAccessors pulumi.StringArrayInput // Human-friendly description of the mount Description pulumi.StringPtrInput - // A nested block containing configuration options for Elasticsearch connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for Elasticsearch connections.*See Configuration Options for more info* Elasticsearches SecretsMountElasticsearchArrayInput // The total number of database secrets engines configured. EngineCount pulumi.IntPtrInput // Boolean flag that can be explicitly set to true to enable the secrets engine to access Vault's external entropy source ExternalEntropyAccess pulumi.BoolPtrInput - // A nested block containing configuration options for SAP HanaDB connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for SAP HanaDB connections.*See Configuration Options for more info* Hanas SecretsMountHanaArrayInput // The key to use for signing plugin workload identity tokens IdentityTokenKey pulumi.StringPtrInput - // A nested block containing configuration options for InfluxDB connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for InfluxDB connections.*See Configuration Options for more info* Influxdbs SecretsMountInfluxdbArrayInput // Specifies whether to show this mount in the UI-specific listing endpoint ListingVisibility pulumi.StringPtrInput @@ -375,33 +334,25 @@ type SecretsMountState struct { Local pulumi.BoolPtrInput // Maximum possible lease duration for tokens and secrets in seconds MaxLeaseTtlSeconds pulumi.IntPtrInput - // A nested block containing configuration options for MongoDB Atlas connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for MongoDB Atlas connections.*See Configuration Options for more info* Mongodbatlas SecretsMountMongodbatlaArrayInput - // A nested block containing configuration options for MongoDB connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for MongoDB connections.*See Configuration Options for more info* Mongodbs SecretsMountMongodbArrayInput - // A nested block containing configuration options for MSSQL connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for MSSQL connections.*See Configuration Options for more info* Mssqls SecretsMountMssqlArrayInput - // A nested block containing configuration options for Aurora MySQL connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for Aurora MySQL connections.*See Configuration Options for more info* MysqlAuroras SecretsMountMysqlAuroraArrayInput - // A nested block containing configuration options for legacy MySQL connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for legacy MySQL connections.*See Configuration Options for more info* MysqlLegacies SecretsMountMysqlLegacyArrayInput - // A nested block containing configuration options for RDS MySQL connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for RDS MySQL connections.*See Configuration Options for more info* MysqlRds SecretsMountMysqlRdArrayInput - // A nested block containing configuration options for MySQL connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for MySQL connections.*See Configuration Options for more info* Mysqls SecretsMountMysqlArrayInput // Target namespace. (requires Enterprise) Namespace pulumi.StringPtrInput // Specifies mount type specific options that are passed to the backend Options pulumi.StringMapInput - // A nested block containing configuration options for Oracle connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for Oracle connections.*See Configuration Options for more info* Oracles SecretsMountOracleArrayInput // List of headers to allow and pass from the request to the plugin PassthroughRequestHeaders pulumi.StringArrayInput @@ -409,22 +360,17 @@ type SecretsMountState struct { Path pulumi.StringPtrInput // Specifies the semantic version of the plugin to use, e.g. 'v1.0.0' PluginVersion pulumi.StringPtrInput - // A nested block containing configuration options for PostgreSQL connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for PostgreSQL connections.*See Configuration Options for more info* Postgresqls SecretsMountPostgresqlArrayInput - // A nested block containing configuration options for Redis connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for Redis connections.*See Configuration Options for more info* Redis SecretsMountRediArrayInput - // A nested block containing configuration options for Redis ElastiCache connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for Redis ElastiCache connections.*See Configuration Options for more info* RedisElasticaches SecretsMountRedisElasticachArrayInput - // A nested block containing configuration options for AWS Redshift connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for AWS Redshift connections.*See Configuration Options for more info* Redshifts SecretsMountRedshiftArrayInput // Boolean flag that can be explicitly set to true to enable seal wrapping for the mount, causing values stored by the mount to be wrapped by the seal's encryption capability SealWrap pulumi.BoolPtrInput - // A nested block containing configuration options for Snowflake connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for Snowflake connections.*See Configuration Options for more info* Snowflakes SecretsMountSnowflakeArrayInput } @@ -443,11 +389,9 @@ type secretsMountArgs struct { AuditNonHmacRequestKeys []string `pulumi:"auditNonHmacRequestKeys"` // Specifies the list of keys that will not be HMAC'd by audit devices in the response data object. AuditNonHmacResponseKeys []string `pulumi:"auditNonHmacResponseKeys"` - // A nested block containing configuration options for Cassandra connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for Cassandra connections.*See Configuration Options for more info* Cassandras []SecretsMountCassandra `pulumi:"cassandras"` - // A nested block containing configuration options for Couchbase connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for Couchbase connections.*See Configuration Options for more info* Couchbases []SecretsMountCouchbase `pulumi:"couchbases"` // Default lease duration for tokens and secrets in seconds DefaultLeaseTtlSeconds *int `pulumi:"defaultLeaseTtlSeconds"` @@ -455,18 +399,15 @@ type secretsMountArgs struct { DelegatedAuthAccessors []string `pulumi:"delegatedAuthAccessors"` // Human-friendly description of the mount Description *string `pulumi:"description"` - // A nested block containing configuration options for Elasticsearch connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for Elasticsearch connections.*See Configuration Options for more info* Elasticsearches []SecretsMountElasticsearch `pulumi:"elasticsearches"` // Boolean flag that can be explicitly set to true to enable the secrets engine to access Vault's external entropy source ExternalEntropyAccess *bool `pulumi:"externalEntropyAccess"` - // A nested block containing configuration options for SAP HanaDB connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for SAP HanaDB connections.*See Configuration Options for more info* Hanas []SecretsMountHana `pulumi:"hanas"` // The key to use for signing plugin workload identity tokens IdentityTokenKey *string `pulumi:"identityTokenKey"` - // A nested block containing configuration options for InfluxDB connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for InfluxDB connections.*See Configuration Options for more info* Influxdbs []SecretsMountInfluxdb `pulumi:"influxdbs"` // Specifies whether to show this mount in the UI-specific listing endpoint ListingVisibility *string `pulumi:"listingVisibility"` @@ -474,33 +415,25 @@ type secretsMountArgs struct { Local *bool `pulumi:"local"` // Maximum possible lease duration for tokens and secrets in seconds MaxLeaseTtlSeconds *int `pulumi:"maxLeaseTtlSeconds"` - // A nested block containing configuration options for MongoDB Atlas connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for MongoDB Atlas connections.*See Configuration Options for more info* Mongodbatlas []SecretsMountMongodbatla `pulumi:"mongodbatlas"` - // A nested block containing configuration options for MongoDB connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for MongoDB connections.*See Configuration Options for more info* Mongodbs []SecretsMountMongodb `pulumi:"mongodbs"` - // A nested block containing configuration options for MSSQL connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for MSSQL connections.*See Configuration Options for more info* Mssqls []SecretsMountMssql `pulumi:"mssqls"` - // A nested block containing configuration options for Aurora MySQL connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for Aurora MySQL connections.*See Configuration Options for more info* MysqlAuroras []SecretsMountMysqlAurora `pulumi:"mysqlAuroras"` - // A nested block containing configuration options for legacy MySQL connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for legacy MySQL connections.*See Configuration Options for more info* MysqlLegacies []SecretsMountMysqlLegacy `pulumi:"mysqlLegacies"` - // A nested block containing configuration options for RDS MySQL connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for RDS MySQL connections.*See Configuration Options for more info* MysqlRds []SecretsMountMysqlRd `pulumi:"mysqlRds"` - // A nested block containing configuration options for MySQL connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for MySQL connections.*See Configuration Options for more info* Mysqls []SecretsMountMysql `pulumi:"mysqls"` // Target namespace. (requires Enterprise) Namespace *string `pulumi:"namespace"` // Specifies mount type specific options that are passed to the backend Options map[string]string `pulumi:"options"` - // A nested block containing configuration options for Oracle connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for Oracle connections.*See Configuration Options for more info* Oracles []SecretsMountOracle `pulumi:"oracles"` // List of headers to allow and pass from the request to the plugin PassthroughRequestHeaders []string `pulumi:"passthroughRequestHeaders"` @@ -508,22 +441,17 @@ type secretsMountArgs struct { Path string `pulumi:"path"` // Specifies the semantic version of the plugin to use, e.g. 'v1.0.0' PluginVersion *string `pulumi:"pluginVersion"` - // A nested block containing configuration options for PostgreSQL connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for PostgreSQL connections.*See Configuration Options for more info* Postgresqls []SecretsMountPostgresql `pulumi:"postgresqls"` - // A nested block containing configuration options for Redis connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for Redis connections.*See Configuration Options for more info* Redis []SecretsMountRedi `pulumi:"redis"` - // A nested block containing configuration options for Redis ElastiCache connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for Redis ElastiCache connections.*See Configuration Options for more info* RedisElasticaches []SecretsMountRedisElasticach `pulumi:"redisElasticaches"` - // A nested block containing configuration options for AWS Redshift connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for AWS Redshift connections.*See Configuration Options for more info* Redshifts []SecretsMountRedshift `pulumi:"redshifts"` // Boolean flag that can be explicitly set to true to enable seal wrapping for the mount, causing values stored by the mount to be wrapped by the seal's encryption capability SealWrap *bool `pulumi:"sealWrap"` - // A nested block containing configuration options for Snowflake connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for Snowflake connections.*See Configuration Options for more info* Snowflakes []SecretsMountSnowflake `pulumi:"snowflakes"` } @@ -539,11 +467,9 @@ type SecretsMountArgs struct { AuditNonHmacRequestKeys pulumi.StringArrayInput // Specifies the list of keys that will not be HMAC'd by audit devices in the response data object. AuditNonHmacResponseKeys pulumi.StringArrayInput - // A nested block containing configuration options for Cassandra connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for Cassandra connections.*See Configuration Options for more info* Cassandras SecretsMountCassandraArrayInput - // A nested block containing configuration options for Couchbase connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for Couchbase connections.*See Configuration Options for more info* Couchbases SecretsMountCouchbaseArrayInput // Default lease duration for tokens and secrets in seconds DefaultLeaseTtlSeconds pulumi.IntPtrInput @@ -551,18 +477,15 @@ type SecretsMountArgs struct { DelegatedAuthAccessors pulumi.StringArrayInput // Human-friendly description of the mount Description pulumi.StringPtrInput - // A nested block containing configuration options for Elasticsearch connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for Elasticsearch connections.*See Configuration Options for more info* Elasticsearches SecretsMountElasticsearchArrayInput // Boolean flag that can be explicitly set to true to enable the secrets engine to access Vault's external entropy source ExternalEntropyAccess pulumi.BoolPtrInput - // A nested block containing configuration options for SAP HanaDB connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for SAP HanaDB connections.*See Configuration Options for more info* Hanas SecretsMountHanaArrayInput // The key to use for signing plugin workload identity tokens IdentityTokenKey pulumi.StringPtrInput - // A nested block containing configuration options for InfluxDB connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for InfluxDB connections.*See Configuration Options for more info* Influxdbs SecretsMountInfluxdbArrayInput // Specifies whether to show this mount in the UI-specific listing endpoint ListingVisibility pulumi.StringPtrInput @@ -570,33 +493,25 @@ type SecretsMountArgs struct { Local pulumi.BoolPtrInput // Maximum possible lease duration for tokens and secrets in seconds MaxLeaseTtlSeconds pulumi.IntPtrInput - // A nested block containing configuration options for MongoDB Atlas connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for MongoDB Atlas connections.*See Configuration Options for more info* Mongodbatlas SecretsMountMongodbatlaArrayInput - // A nested block containing configuration options for MongoDB connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for MongoDB connections.*See Configuration Options for more info* Mongodbs SecretsMountMongodbArrayInput - // A nested block containing configuration options for MSSQL connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for MSSQL connections.*See Configuration Options for more info* Mssqls SecretsMountMssqlArrayInput - // A nested block containing configuration options for Aurora MySQL connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for Aurora MySQL connections.*See Configuration Options for more info* MysqlAuroras SecretsMountMysqlAuroraArrayInput - // A nested block containing configuration options for legacy MySQL connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for legacy MySQL connections.*See Configuration Options for more info* MysqlLegacies SecretsMountMysqlLegacyArrayInput - // A nested block containing configuration options for RDS MySQL connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for RDS MySQL connections.*See Configuration Options for more info* MysqlRds SecretsMountMysqlRdArrayInput - // A nested block containing configuration options for MySQL connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for MySQL connections.*See Configuration Options for more info* Mysqls SecretsMountMysqlArrayInput // Target namespace. (requires Enterprise) Namespace pulumi.StringPtrInput // Specifies mount type specific options that are passed to the backend Options pulumi.StringMapInput - // A nested block containing configuration options for Oracle connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for Oracle connections.*See Configuration Options for more info* Oracles SecretsMountOracleArrayInput // List of headers to allow and pass from the request to the plugin PassthroughRequestHeaders pulumi.StringArrayInput @@ -604,22 +519,17 @@ type SecretsMountArgs struct { Path pulumi.StringInput // Specifies the semantic version of the plugin to use, e.g. 'v1.0.0' PluginVersion pulumi.StringPtrInput - // A nested block containing configuration options for PostgreSQL connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for PostgreSQL connections.*See Configuration Options for more info* Postgresqls SecretsMountPostgresqlArrayInput - // A nested block containing configuration options for Redis connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for Redis connections.*See Configuration Options for more info* Redis SecretsMountRediArrayInput - // A nested block containing configuration options for Redis ElastiCache connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for Redis ElastiCache connections.*See Configuration Options for more info* RedisElasticaches SecretsMountRedisElasticachArrayInput - // A nested block containing configuration options for AWS Redshift connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for AWS Redshift connections.*See Configuration Options for more info* Redshifts SecretsMountRedshiftArrayInput // Boolean flag that can be explicitly set to true to enable seal wrapping for the mount, causing values stored by the mount to be wrapped by the seal's encryption capability SealWrap pulumi.BoolPtrInput - // A nested block containing configuration options for Snowflake connections.\ - // *See Configuration Options for more info* + // A nested block containing configuration options for Snowflake connections.*See Configuration Options for more info* Snowflakes SecretsMountSnowflakeArrayInput } @@ -737,14 +647,12 @@ func (o SecretsMountOutput) AuditNonHmacResponseKeys() pulumi.StringArrayOutput return o.ApplyT(func(v *SecretsMount) pulumi.StringArrayOutput { return v.AuditNonHmacResponseKeys }).(pulumi.StringArrayOutput) } -// A nested block containing configuration options for Cassandra connections.\ -// *See Configuration Options for more info* +// A nested block containing configuration options for Cassandra connections.*See Configuration Options for more info* func (o SecretsMountOutput) Cassandras() SecretsMountCassandraArrayOutput { return o.ApplyT(func(v *SecretsMount) SecretsMountCassandraArrayOutput { return v.Cassandras }).(SecretsMountCassandraArrayOutput) } -// A nested block containing configuration options for Couchbase connections.\ -// *See Configuration Options for more info* +// A nested block containing configuration options for Couchbase connections.*See Configuration Options for more info* func (o SecretsMountOutput) Couchbases() SecretsMountCouchbaseArrayOutput { return o.ApplyT(func(v *SecretsMount) SecretsMountCouchbaseArrayOutput { return v.Couchbases }).(SecretsMountCouchbaseArrayOutput) } @@ -764,8 +672,7 @@ func (o SecretsMountOutput) Description() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretsMount) pulumi.StringPtrOutput { return v.Description }).(pulumi.StringPtrOutput) } -// A nested block containing configuration options for Elasticsearch connections.\ -// *See Configuration Options for more info* +// A nested block containing configuration options for Elasticsearch connections.*See Configuration Options for more info* func (o SecretsMountOutput) Elasticsearches() SecretsMountElasticsearchArrayOutput { return o.ApplyT(func(v *SecretsMount) SecretsMountElasticsearchArrayOutput { return v.Elasticsearches }).(SecretsMountElasticsearchArrayOutput) } @@ -780,8 +687,7 @@ func (o SecretsMountOutput) ExternalEntropyAccess() pulumi.BoolPtrOutput { return o.ApplyT(func(v *SecretsMount) pulumi.BoolPtrOutput { return v.ExternalEntropyAccess }).(pulumi.BoolPtrOutput) } -// A nested block containing configuration options for SAP HanaDB connections.\ -// *See Configuration Options for more info* +// A nested block containing configuration options for SAP HanaDB connections.*See Configuration Options for more info* func (o SecretsMountOutput) Hanas() SecretsMountHanaArrayOutput { return o.ApplyT(func(v *SecretsMount) SecretsMountHanaArrayOutput { return v.Hanas }).(SecretsMountHanaArrayOutput) } @@ -791,8 +697,7 @@ func (o SecretsMountOutput) IdentityTokenKey() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretsMount) pulumi.StringPtrOutput { return v.IdentityTokenKey }).(pulumi.StringPtrOutput) } -// A nested block containing configuration options for InfluxDB connections.\ -// *See Configuration Options for more info* +// A nested block containing configuration options for InfluxDB connections.*See Configuration Options for more info* func (o SecretsMountOutput) Influxdbs() SecretsMountInfluxdbArrayOutput { return o.ApplyT(func(v *SecretsMount) SecretsMountInfluxdbArrayOutput { return v.Influxdbs }).(SecretsMountInfluxdbArrayOutput) } @@ -812,44 +717,37 @@ func (o SecretsMountOutput) MaxLeaseTtlSeconds() pulumi.IntOutput { return o.ApplyT(func(v *SecretsMount) pulumi.IntOutput { return v.MaxLeaseTtlSeconds }).(pulumi.IntOutput) } -// A nested block containing configuration options for MongoDB Atlas connections.\ -// *See Configuration Options for more info* +// A nested block containing configuration options for MongoDB Atlas connections.*See Configuration Options for more info* func (o SecretsMountOutput) Mongodbatlas() SecretsMountMongodbatlaArrayOutput { return o.ApplyT(func(v *SecretsMount) SecretsMountMongodbatlaArrayOutput { return v.Mongodbatlas }).(SecretsMountMongodbatlaArrayOutput) } -// A nested block containing configuration options for MongoDB connections.\ -// *See Configuration Options for more info* +// A nested block containing configuration options for MongoDB connections.*See Configuration Options for more info* func (o SecretsMountOutput) Mongodbs() SecretsMountMongodbArrayOutput { return o.ApplyT(func(v *SecretsMount) SecretsMountMongodbArrayOutput { return v.Mongodbs }).(SecretsMountMongodbArrayOutput) } -// A nested block containing configuration options for MSSQL connections.\ -// *See Configuration Options for more info* +// A nested block containing configuration options for MSSQL connections.*See Configuration Options for more info* func (o SecretsMountOutput) Mssqls() SecretsMountMssqlArrayOutput { return o.ApplyT(func(v *SecretsMount) SecretsMountMssqlArrayOutput { return v.Mssqls }).(SecretsMountMssqlArrayOutput) } -// A nested block containing configuration options for Aurora MySQL connections.\ -// *See Configuration Options for more info* +// A nested block containing configuration options for Aurora MySQL connections.*See Configuration Options for more info* func (o SecretsMountOutput) MysqlAuroras() SecretsMountMysqlAuroraArrayOutput { return o.ApplyT(func(v *SecretsMount) SecretsMountMysqlAuroraArrayOutput { return v.MysqlAuroras }).(SecretsMountMysqlAuroraArrayOutput) } -// A nested block containing configuration options for legacy MySQL connections.\ -// *See Configuration Options for more info* +// A nested block containing configuration options for legacy MySQL connections.*See Configuration Options for more info* func (o SecretsMountOutput) MysqlLegacies() SecretsMountMysqlLegacyArrayOutput { return o.ApplyT(func(v *SecretsMount) SecretsMountMysqlLegacyArrayOutput { return v.MysqlLegacies }).(SecretsMountMysqlLegacyArrayOutput) } -// A nested block containing configuration options for RDS MySQL connections.\ -// *See Configuration Options for more info* +// A nested block containing configuration options for RDS MySQL connections.*See Configuration Options for more info* func (o SecretsMountOutput) MysqlRds() SecretsMountMysqlRdArrayOutput { return o.ApplyT(func(v *SecretsMount) SecretsMountMysqlRdArrayOutput { return v.MysqlRds }).(SecretsMountMysqlRdArrayOutput) } -// A nested block containing configuration options for MySQL connections.\ -// *See Configuration Options for more info* +// A nested block containing configuration options for MySQL connections.*See Configuration Options for more info* func (o SecretsMountOutput) Mysqls() SecretsMountMysqlArrayOutput { return o.ApplyT(func(v *SecretsMount) SecretsMountMysqlArrayOutput { return v.Mysqls }).(SecretsMountMysqlArrayOutput) } @@ -864,8 +762,7 @@ func (o SecretsMountOutput) Options() pulumi.StringMapOutput { return o.ApplyT(func(v *SecretsMount) pulumi.StringMapOutput { return v.Options }).(pulumi.StringMapOutput) } -// A nested block containing configuration options for Oracle connections.\ -// *See Configuration Options for more info* +// A nested block containing configuration options for Oracle connections.*See Configuration Options for more info* func (o SecretsMountOutput) Oracles() SecretsMountOracleArrayOutput { return o.ApplyT(func(v *SecretsMount) SecretsMountOracleArrayOutput { return v.Oracles }).(SecretsMountOracleArrayOutput) } @@ -885,26 +782,22 @@ func (o SecretsMountOutput) PluginVersion() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretsMount) pulumi.StringPtrOutput { return v.PluginVersion }).(pulumi.StringPtrOutput) } -// A nested block containing configuration options for PostgreSQL connections.\ -// *See Configuration Options for more info* +// A nested block containing configuration options for PostgreSQL connections.*See Configuration Options for more info* func (o SecretsMountOutput) Postgresqls() SecretsMountPostgresqlArrayOutput { return o.ApplyT(func(v *SecretsMount) SecretsMountPostgresqlArrayOutput { return v.Postgresqls }).(SecretsMountPostgresqlArrayOutput) } -// A nested block containing configuration options for Redis connections.\ -// *See Configuration Options for more info* +// A nested block containing configuration options for Redis connections.*See Configuration Options for more info* func (o SecretsMountOutput) Redis() SecretsMountRediArrayOutput { return o.ApplyT(func(v *SecretsMount) SecretsMountRediArrayOutput { return v.Redis }).(SecretsMountRediArrayOutput) } -// A nested block containing configuration options for Redis ElastiCache connections.\ -// *See Configuration Options for more info* +// A nested block containing configuration options for Redis ElastiCache connections.*See Configuration Options for more info* func (o SecretsMountOutput) RedisElasticaches() SecretsMountRedisElasticachArrayOutput { return o.ApplyT(func(v *SecretsMount) SecretsMountRedisElasticachArrayOutput { return v.RedisElasticaches }).(SecretsMountRedisElasticachArrayOutput) } -// A nested block containing configuration options for AWS Redshift connections.\ -// *See Configuration Options for more info* +// A nested block containing configuration options for AWS Redshift connections.*See Configuration Options for more info* func (o SecretsMountOutput) Redshifts() SecretsMountRedshiftArrayOutput { return o.ApplyT(func(v *SecretsMount) SecretsMountRedshiftArrayOutput { return v.Redshifts }).(SecretsMountRedshiftArrayOutput) } @@ -914,8 +807,7 @@ func (o SecretsMountOutput) SealWrap() pulumi.BoolOutput { return o.ApplyT(func(v *SecretsMount) pulumi.BoolOutput { return v.SealWrap }).(pulumi.BoolOutput) } -// A nested block containing configuration options for Snowflake connections.\ -// *See Configuration Options for more info* +// A nested block containing configuration options for Snowflake connections.*See Configuration Options for more info* func (o SecretsMountOutput) Snowflakes() SecretsMountSnowflakeArrayOutput { return o.ApplyT(func(v *SecretsMount) SecretsMountSnowflakeArrayOutput { return v.Snowflakes }).(SecretsMountSnowflakeArrayOutput) } diff --git a/sdk/go/vault/identity/groupMemberGroupIds.go b/sdk/go/vault/identity/groupMemberGroupIds.go index b934572e8..37500f7c6 100644 --- a/sdk/go/vault/identity/groupMemberGroupIds.go +++ b/sdk/go/vault/identity/groupMemberGroupIds.go @@ -12,6 +12,15 @@ import ( "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) +// layout: "vault" +// page_title: "Vault: identity.GroupMemberGroupIds resource" +// sidebar_current: "docs-vault-resource-identity-group-member-group-ids" +// description: |- +// Manages member groups for an Identity Group for Vault. +// +// +// # vault\_identity\_group\_member\_group\_ids +// // Manages member groups for an Identity Group for Vault. The // [Identity secrets engine](https://www.vaultproject.io/docs/secrets/identity/index.html) // is the identity management solution for Vault. diff --git a/sdk/go/vault/raftSnapshotAgentConfig.go b/sdk/go/vault/raftSnapshotAgentConfig.go index 5971d9c25..65f9a2749 100644 --- a/sdk/go/vault/raftSnapshotAgentConfig.go +++ b/sdk/go/vault/raftSnapshotAgentConfig.go @@ -14,7 +14,7 @@ import ( // ## Example Usage // -// ### Local Storage +// #### Local Storage // ```go // package main // @@ -44,7 +44,7 @@ import ( // // ``` // -// ### AWS S3 +// #### AWS S3 // ```go // package main // @@ -87,7 +87,7 @@ import ( // // ``` // -// ### Azure BLOB +// #### Azure BLOB // // ```go // package main diff --git a/sdk/go/vault/saml/authBackend.go b/sdk/go/vault/saml/authBackend.go index 064ab3c97..c14a36ccb 100644 --- a/sdk/go/vault/saml/authBackend.go +++ b/sdk/go/vault/saml/authBackend.go @@ -12,6 +12,15 @@ import ( "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) +// layout: "vault" +// page_title: "Vault: saml.AuthBackend resource" +// sidebar_current: "docs-vault-saml-auth-backend" +// description: |- +// Manages SAML Auth mounts in Vault. +// +// +// # vault\_saml\_auth\_backend +// // Manages a SAML Auth mount in a Vault server. See the [Vault // documentation](https://www.vaultproject.io/docs/auth/saml/) for more // information. diff --git a/sdk/go/vault/saml/authBackendRole.go b/sdk/go/vault/saml/authBackendRole.go index 021cbeb17..c5685d015 100644 --- a/sdk/go/vault/saml/authBackendRole.go +++ b/sdk/go/vault/saml/authBackendRole.go @@ -12,6 +12,15 @@ import ( "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) +// layout: "vault" +// page_title: "Vault: saml.AuthBackendRole resource" +// sidebar_current: "docs-vault-resource-saml-auth-backend-role" +// description: |- +// Manages SAML auth backend roles in Vault. +// +// +// # vault\_saml\_auth\_backend\_role +// // Manages an SAML auth backend role in a Vault server. See the [Vault // documentation](https://www.vaultproject.io/docs/auth/saml.html) for more // information. diff --git a/sdk/go/vault/secrets/syncGhDestination.go b/sdk/go/vault/secrets/syncGhDestination.go index ee7e5f2f5..0b0f0060c 100644 --- a/sdk/go/vault/secrets/syncGhDestination.go +++ b/sdk/go/vault/secrets/syncGhDestination.go @@ -55,8 +55,7 @@ type SyncGhDestination struct { // Can be omitted and directly provided to Vault using the `GITHUB_ACCESS_TOKEN` environment // variable. AccessToken pulumi.StringPtrOutput `pulumi:"accessToken"` - // The user-defined name of the GitHub App configuration. This is a reference to the name used\ - // on the new endpoint when configuring the GitHub app on the Vault Server. Can be modified. + // The user-defined name of the GitHub App configuration. This is a reference to the name usedon the new endpoint when configuring the GitHub app on the Vault Server. Can be modified. // Takes precedence over the `accessToken` field. AppName pulumi.StringPtrOutput `pulumi:"appName"` // Determines what level of information is synced as a distinct resource @@ -127,8 +126,7 @@ type syncGhDestinationState struct { // Can be omitted and directly provided to Vault using the `GITHUB_ACCESS_TOKEN` environment // variable. AccessToken *string `pulumi:"accessToken"` - // The user-defined name of the GitHub App configuration. This is a reference to the name used\ - // on the new endpoint when configuring the GitHub app on the Vault Server. Can be modified. + // The user-defined name of the GitHub App configuration. This is a reference to the name usedon the new endpoint when configuring the GitHub app on the Vault Server. Can be modified. // Takes precedence over the `accessToken` field. AppName *string `pulumi:"appName"` // Determines what level of information is synced as a distinct resource @@ -163,8 +161,7 @@ type SyncGhDestinationState struct { // Can be omitted and directly provided to Vault using the `GITHUB_ACCESS_TOKEN` environment // variable. AccessToken pulumi.StringPtrInput - // The user-defined name of the GitHub App configuration. This is a reference to the name used\ - // on the new endpoint when configuring the GitHub app on the Vault Server. Can be modified. + // The user-defined name of the GitHub App configuration. This is a reference to the name usedon the new endpoint when configuring the GitHub app on the Vault Server. Can be modified. // Takes precedence over the `accessToken` field. AppName pulumi.StringPtrInput // Determines what level of information is synced as a distinct resource @@ -203,8 +200,7 @@ type syncGhDestinationArgs struct { // Can be omitted and directly provided to Vault using the `GITHUB_ACCESS_TOKEN` environment // variable. AccessToken *string `pulumi:"accessToken"` - // The user-defined name of the GitHub App configuration. This is a reference to the name used\ - // on the new endpoint when configuring the GitHub app on the Vault Server. Can be modified. + // The user-defined name of the GitHub App configuration. This is a reference to the name usedon the new endpoint when configuring the GitHub app on the Vault Server. Can be modified. // Takes precedence over the `accessToken` field. AppName *string `pulumi:"appName"` // Determines what level of information is synced as a distinct resource @@ -238,8 +234,7 @@ type SyncGhDestinationArgs struct { // Can be omitted and directly provided to Vault using the `GITHUB_ACCESS_TOKEN` environment // variable. AccessToken pulumi.StringPtrInput - // The user-defined name of the GitHub App configuration. This is a reference to the name used\ - // on the new endpoint when configuring the GitHub app on the Vault Server. Can be modified. + // The user-defined name of the GitHub App configuration. This is a reference to the name usedon the new endpoint when configuring the GitHub app on the Vault Server. Can be modified. // Takes precedence over the `accessToken` field. AppName pulumi.StringPtrInput // Determines what level of information is synced as a distinct resource @@ -361,8 +356,7 @@ func (o SyncGhDestinationOutput) AccessToken() pulumi.StringPtrOutput { return o.ApplyT(func(v *SyncGhDestination) pulumi.StringPtrOutput { return v.AccessToken }).(pulumi.StringPtrOutput) } -// The user-defined name of the GitHub App configuration. This is a reference to the name used\ -// on the new endpoint when configuring the GitHub app on the Vault Server. Can be modified. +// The user-defined name of the GitHub App configuration. This is a reference to the name usedon the new endpoint when configuring the GitHub app on the Vault Server. Can be modified. // Takes precedence over the `accessToken` field. func (o SyncGhDestinationOutput) AppName() pulumi.StringPtrOutput { return o.ApplyT(func(v *SyncGhDestination) pulumi.StringPtrOutput { return v.AppName }).(pulumi.StringPtrOutput) diff --git a/sdk/go/vault/ssh/secretBackendRole.go b/sdk/go/vault/ssh/secretBackendRole.go index 60ca9b763..ccde1b81c 100644 --- a/sdk/go/vault/ssh/secretBackendRole.go +++ b/sdk/go/vault/ssh/secretBackendRole.go @@ -93,9 +93,7 @@ type SecretBackendRole struct { AllowedDomainsTemplate pulumi.BoolOutput `pulumi:"allowedDomainsTemplate"` // Specifies a comma-separated list of extensions that certificates can have when signed. AllowedExtensions pulumi.StringPtrOutput `pulumi:"allowedExtensions"` - // Set of configuration blocks to define allowed\ - // user key configuration, like key type and their lengths. Can be specified multiple times. - // *See Configuration-Options for more info* + // Set of configuration blocks to define alloweduser key configuration, like key type and their lengths. Can be specified multiple times.*See Configuration-Options for more info* AllowedUserKeyConfigs SecretBackendRoleAllowedUserKeyConfigArrayOutput `pulumi:"allowedUserKeyConfigs"` // Specifies a comma-separated list of usernames that are to be allowed, only if certain usernames are to be allowed. AllowedUsers pulumi.StringPtrOutput `pulumi:"allowedUsers"` @@ -189,9 +187,7 @@ type secretBackendRoleState struct { AllowedDomainsTemplate *bool `pulumi:"allowedDomainsTemplate"` // Specifies a comma-separated list of extensions that certificates can have when signed. AllowedExtensions *string `pulumi:"allowedExtensions"` - // Set of configuration blocks to define allowed\ - // user key configuration, like key type and their lengths. Can be specified multiple times. - // *See Configuration-Options for more info* + // Set of configuration blocks to define alloweduser key configuration, like key type and their lengths. Can be specified multiple times.*See Configuration-Options for more info* AllowedUserKeyConfigs []SecretBackendRoleAllowedUserKeyConfig `pulumi:"allowedUserKeyConfigs"` // Specifies a comma-separated list of usernames that are to be allowed, only if certain usernames are to be allowed. AllowedUsers *string `pulumi:"allowedUsers"` @@ -250,9 +246,7 @@ type SecretBackendRoleState struct { AllowedDomainsTemplate pulumi.BoolPtrInput // Specifies a comma-separated list of extensions that certificates can have when signed. AllowedExtensions pulumi.StringPtrInput - // Set of configuration blocks to define allowed\ - // user key configuration, like key type and their lengths. Can be specified multiple times. - // *See Configuration-Options for more info* + // Set of configuration blocks to define alloweduser key configuration, like key type and their lengths. Can be specified multiple times.*See Configuration-Options for more info* AllowedUserKeyConfigs SecretBackendRoleAllowedUserKeyConfigArrayInput // Specifies a comma-separated list of usernames that are to be allowed, only if certain usernames are to be allowed. AllowedUsers pulumi.StringPtrInput @@ -315,9 +309,7 @@ type secretBackendRoleArgs struct { AllowedDomainsTemplate *bool `pulumi:"allowedDomainsTemplate"` // Specifies a comma-separated list of extensions that certificates can have when signed. AllowedExtensions *string `pulumi:"allowedExtensions"` - // Set of configuration blocks to define allowed\ - // user key configuration, like key type and their lengths. Can be specified multiple times. - // *See Configuration-Options for more info* + // Set of configuration blocks to define alloweduser key configuration, like key type and their lengths. Can be specified multiple times.*See Configuration-Options for more info* AllowedUserKeyConfigs []SecretBackendRoleAllowedUserKeyConfig `pulumi:"allowedUserKeyConfigs"` // Specifies a comma-separated list of usernames that are to be allowed, only if certain usernames are to be allowed. AllowedUsers *string `pulumi:"allowedUsers"` @@ -377,9 +369,7 @@ type SecretBackendRoleArgs struct { AllowedDomainsTemplate pulumi.BoolPtrInput // Specifies a comma-separated list of extensions that certificates can have when signed. AllowedExtensions pulumi.StringPtrInput - // Set of configuration blocks to define allowed\ - // user key configuration, like key type and their lengths. Can be specified multiple times. - // *See Configuration-Options for more info* + // Set of configuration blocks to define alloweduser key configuration, like key type and their lengths. Can be specified multiple times.*See Configuration-Options for more info* AllowedUserKeyConfigs SecretBackendRoleAllowedUserKeyConfigArrayInput // Specifies a comma-separated list of usernames that are to be allowed, only if certain usernames are to be allowed. AllowedUsers pulumi.StringPtrInput @@ -554,9 +544,7 @@ func (o SecretBackendRoleOutput) AllowedExtensions() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretBackendRole) pulumi.StringPtrOutput { return v.AllowedExtensions }).(pulumi.StringPtrOutput) } -// Set of configuration blocks to define allowed\ -// user key configuration, like key type and their lengths. Can be specified multiple times. -// *See Configuration-Options for more info* +// Set of configuration blocks to define alloweduser key configuration, like key type and their lengths. Can be specified multiple times.*See Configuration-Options for more info* func (o SecretBackendRoleOutput) AllowedUserKeyConfigs() SecretBackendRoleAllowedUserKeyConfigArrayOutput { return o.ApplyT(func(v *SecretBackendRole) SecretBackendRoleAllowedUserKeyConfigArrayOutput { return v.AllowedUserKeyConfigs diff --git a/sdk/go/vault/tokenauth/authBackendRole.go b/sdk/go/vault/tokenauth/authBackendRole.go index 97c645ade..027412672 100644 --- a/sdk/go/vault/tokenauth/authBackendRole.go +++ b/sdk/go/vault/tokenauth/authBackendRole.go @@ -85,8 +85,6 @@ type AuthBackendRole struct { // If true, tokens created against this policy will be orphan tokens. Orphan pulumi.BoolPtrOutput `pulumi:"orphan"` // Tokens created against this role will have the given suffix as part of their path in addition to the role name. - // - // > Due to a bug the resource. This *will* cause all existing tokens issued by this role to be revoked. PathSuffix pulumi.StringPtrOutput `pulumi:"pathSuffix"` // Whether to disable the ability of the token to be renewed past its initial TTL. Renewable pulumi.BoolPtrOutput `pulumi:"renewable"` @@ -163,8 +161,6 @@ type authBackendRoleState struct { // If true, tokens created against this policy will be orphan tokens. Orphan *bool `pulumi:"orphan"` // Tokens created against this role will have the given suffix as part of their path in addition to the role name. - // - // > Due to a bug the resource. This *will* cause all existing tokens issued by this role to be revoked. PathSuffix *string `pulumi:"pathSuffix"` // Whether to disable the ability of the token to be renewed past its initial TTL. Renewable *bool `pulumi:"renewable"` @@ -209,8 +205,6 @@ type AuthBackendRoleState struct { // If true, tokens created against this policy will be orphan tokens. Orphan pulumi.BoolPtrInput // Tokens created against this role will have the given suffix as part of their path in addition to the role name. - // - // > Due to a bug the resource. This *will* cause all existing tokens issued by this role to be revoked. PathSuffix pulumi.StringPtrInput // Whether to disable the ability of the token to be renewed past its initial TTL. Renewable pulumi.BoolPtrInput @@ -259,8 +253,6 @@ type authBackendRoleArgs struct { // If true, tokens created against this policy will be orphan tokens. Orphan *bool `pulumi:"orphan"` // Tokens created against this role will have the given suffix as part of their path in addition to the role name. - // - // > Due to a bug the resource. This *will* cause all existing tokens issued by this role to be revoked. PathSuffix *string `pulumi:"pathSuffix"` // Whether to disable the ability of the token to be renewed past its initial TTL. Renewable *bool `pulumi:"renewable"` @@ -306,8 +298,6 @@ type AuthBackendRoleArgs struct { // If true, tokens created against this policy will be orphan tokens. Orphan pulumi.BoolPtrInput // Tokens created against this role will have the given suffix as part of their path in addition to the role name. - // - // > Due to a bug the resource. This *will* cause all existing tokens issued by this role to be revoked. PathSuffix pulumi.StringPtrInput // Whether to disable the ability of the token to be renewed past its initial TTL. Renewable pulumi.BoolPtrInput @@ -459,8 +449,6 @@ func (o AuthBackendRoleOutput) Orphan() pulumi.BoolPtrOutput { } // Tokens created against this role will have the given suffix as part of their path in addition to the role name. -// -// > Due to a bug the resource. This *will* cause all existing tokens issued by this role to be revoked. func (o AuthBackendRoleOutput) PathSuffix() pulumi.StringPtrOutput { return o.ApplyT(func(v *AuthBackendRole) pulumi.StringPtrOutput { return v.PathSuffix }).(pulumi.StringPtrOutput) } diff --git a/sdk/go/vault/transform/template.go b/sdk/go/vault/transform/template.go index 60c4fce5e..5f7a360b1 100644 --- a/sdk/go/vault/transform/template.go +++ b/sdk/go/vault/transform/template.go @@ -17,7 +17,7 @@ import ( // It creates or updates a template with the given name. If a template with the name does not exist, // it will be created. If the template exists, it will be updated with the new attributes. // -// > Requires _Vault Enterprise with the Advanced Data Protection Transform Module_. +// > Requires *Vault Enterprise with the Advanced Data Protection Transform Module*. // See [Transform Secrets Engine](https://www.vaultproject.io/docs/secrets/transform) // for more information. // diff --git a/sdk/java/src/main/java/com/pulumi/vault/Audit.java b/sdk/java/src/main/java/com/pulumi/vault/Audit.java index a93822453..b79e2d99a 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/Audit.java +++ b/sdk/java/src/main/java/com/pulumi/vault/Audit.java @@ -19,7 +19,7 @@ /** * ## Example Usage * - * ### File Audit Device) + * ### file audit device) * * <!--Start PulumiCodeChooser --> * 
@@ -55,7 +55,7 @@
  *
* <!--End PulumiCodeChooser --> * - * ### Socket Audit Device) + * ### socket audit device) * * <!--Start PulumiCodeChooser --> * 
diff --git a/sdk/java/src/main/java/com/pulumi/vault/RaftSnapshotAgentConfig.java b/sdk/java/src/main/java/com/pulumi/vault/RaftSnapshotAgentConfig.java
index 5acc91af5..7ea256823 100644
--- a/sdk/java/src/main/java/com/pulumi/vault/RaftSnapshotAgentConfig.java
+++ b/sdk/java/src/main/java/com/pulumi/vault/RaftSnapshotAgentConfig.java
@@ -19,7 +19,7 @@
 /**
  * ## Example Usage
  * 
- * ### Local Storage
+ * #### Local Storage
  * <!--Start PulumiCodeChooser -->
  * 
  * {@code
@@ -58,7 +58,7 @@
  * 

  * <!--End PulumiCodeChooser -->
  * 
- * ### AWS S3
+ * #### AWS S3
  * <!--Start PulumiCodeChooser -->
  * 
  * {@code
@@ -108,7 +108,7 @@
  * 

  * <!--End PulumiCodeChooser -->
  * 
- * ### Azure BLOB
+ * #### Azure BLOB
  * 
  * <!--Start PulumiCodeChooser -->
  * 
diff --git a/sdk/java/src/main/java/com/pulumi/vault/azure/Backend.java b/sdk/java/src/main/java/com/pulumi/vault/azure/Backend.java
index 62851db4e..424909e35 100644
--- a/sdk/java/src/main/java/com/pulumi/vault/azure/Backend.java
+++ b/sdk/java/src/main/java/com/pulumi/vault/azure/Backend.java
@@ -20,7 +20,7 @@
 /**
  * ## Example Usage
  * 
- * ### *Vault-1.9 And Above*
+ * ### vault-1.9 and above
  * 
  * You can setup the Azure secrets engine with Workload Identity Federation (WIF) for a secret-less configuration:
  * <!--Start PulumiCodeChooser -->
@@ -98,7 +98,7 @@
  * 

  * <!--End PulumiCodeChooser -->
  * 
- * ### *Vault-1.8 And Below*
+ * ### vault-1.8 and below
  * 
  * <!--Start PulumiCodeChooser -->
  * 
diff --git a/sdk/java/src/main/java/com/pulumi/vault/azure/inputs/GetAccessCredentialsArgs.java b/sdk/java/src/main/java/com/pulumi/vault/azure/inputs/GetAccessCredentialsArgs.java
index 62f264b7f..778f804f7 100644
--- a/sdk/java/src/main/java/com/pulumi/vault/azure/inputs/GetAccessCredentialsArgs.java
+++ b/sdk/java/src/main/java/com/pulumi/vault/azure/inputs/GetAccessCredentialsArgs.java
@@ -38,8 +38,7 @@ public Output backend() {
     /**
      * The Azure environment to use during credential validation.
      * Defaults to the environment configured in the Vault backend.
-     * Some possible values: `AzurePublicCloud`, `AzureGovernmentCloud`
-     * *See the caveats section for more information on this field.*
+     * Some possible values: `AzurePublicCloud`, `AzureGovernmentCloud`*See the caveats section for more information on this field.*
      * 
      */
     @Import(name="environment")
@@ -48,8 +47,7 @@ public Output backend() {
     /**
      * @return The Azure environment to use during credential validation.
      * Defaults to the environment configured in the Vault backend.
-     * Some possible values: `AzurePublicCloud`, `AzureGovernmentCloud`
-     * *See the caveats section for more information on this field.*
+     * Some possible values: `AzurePublicCloud`, `AzureGovernmentCloud`*See the caveats section for more information on this field.*
      * 
      */
     public Optional> environment() {
@@ -153,8 +151,7 @@ public Output role() {
 
     /**
      * The subscription ID to use during credential
-     * validation. Defaults to the subscription ID configured in the Vault `backend`.
-     * *See the caveats section for more information on this field.*
+     * validation. Defaults to the subscription ID configured in the Vault `backend`.*See the caveats section for more information on this field.*
      * 
      */
     @Import(name="subscriptionId")
@@ -162,8 +159,7 @@ public Output role() {
 
     /**
      * @return The subscription ID to use during credential
-     * validation. Defaults to the subscription ID configured in the Vault `backend`.
-     * *See the caveats section for more information on this field.*
+     * validation. Defaults to the subscription ID configured in the Vault `backend`.*See the caveats section for more information on this field.*
      * 
      */
     public Optional> subscriptionId() {
@@ -172,8 +168,7 @@ public Optional> subscriptionId() {
 
     /**
      * The tenant ID to use during credential validation.
-     * Defaults to the tenant ID configured in the Vault `backend`.
-     * *See the caveats section for more information on this field.*
+     * Defaults to the tenant ID configured in the Vault `backend`.*See the caveats section for more information on this field.*
      * 
      */
     @Import(name="tenantId")
@@ -181,8 +176,7 @@ public Optional> subscriptionId() {
 
     /**
      * @return The tenant ID to use during credential validation.
-     * Defaults to the tenant ID configured in the Vault `backend`.
-     * *See the caveats section for more information on this field.*
+     * Defaults to the tenant ID configured in the Vault `backend`.*See the caveats section for more information on this field.*
      * 
      */
     public Optional> tenantId() {
@@ -269,8 +263,7 @@ public Builder backend(String backend) {
         /**
          * @param environment The Azure environment to use during credential validation.
          * Defaults to the environment configured in the Vault backend.
-         * Some possible values: `AzurePublicCloud`, `AzureGovernmentCloud`
-         * *See the caveats section for more information on this field.*
+         * Some possible values: `AzurePublicCloud`, `AzureGovernmentCloud`*See the caveats section for more information on this field.*
          * 
          * @return builder
          * 
@@ -283,8 +276,7 @@ public Builder environment(@Nullable Output environment) {
         /**
          * @param environment The Azure environment to use during credential validation.
          * Defaults to the environment configured in the Vault backend.
-         * Some possible values: `AzurePublicCloud`, `AzureGovernmentCloud`
-         * *See the caveats section for more information on this field.*
+         * Some possible values: `AzurePublicCloud`, `AzureGovernmentCloud`*See the caveats section for more information on this field.*
          * 
          * @return builder
          * 
@@ -420,8 +412,7 @@ public Builder role(String role) {
 
         /**
          * @param subscriptionId The subscription ID to use during credential
-         * validation. Defaults to the subscription ID configured in the Vault `backend`.
-         * *See the caveats section for more information on this field.*
+         * validation. Defaults to the subscription ID configured in the Vault `backend`.*See the caveats section for more information on this field.*
          * 
          * @return builder
          * 
@@ -433,8 +424,7 @@ public Builder subscriptionId(@Nullable Output subscriptionId) {
 
         /**
          * @param subscriptionId The subscription ID to use during credential
-         * validation. Defaults to the subscription ID configured in the Vault `backend`.
-         * *See the caveats section for more information on this field.*
+         * validation. Defaults to the subscription ID configured in the Vault `backend`.*See the caveats section for more information on this field.*
          * 
          * @return builder
          * 
@@ -445,8 +435,7 @@ public Builder subscriptionId(String subscriptionId) {
 
         /**
          * @param tenantId The tenant ID to use during credential validation.
-         * Defaults to the tenant ID configured in the Vault `backend`.
-         * *See the caveats section for more information on this field.*
+         * Defaults to the tenant ID configured in the Vault `backend`.*See the caveats section for more information on this field.*
          * 
          * @return builder
          * 
@@ -458,8 +447,7 @@ public Builder tenantId(@Nullable Output tenantId) {
 
         /**
          * @param tenantId The tenant ID to use during credential validation.
-         * Defaults to the tenant ID configured in the Vault `backend`.
-         * *See the caveats section for more information on this field.*
+         * Defaults to the tenant ID configured in the Vault `backend`.*See the caveats section for more information on this field.*
          * 
          * @return builder
          * 
diff --git a/sdk/java/src/main/java/com/pulumi/vault/azure/inputs/GetAccessCredentialsPlainArgs.java b/sdk/java/src/main/java/com/pulumi/vault/azure/inputs/GetAccessCredentialsPlainArgs.java
index b48e4cc25..4d43271a2 100644
--- a/sdk/java/src/main/java/com/pulumi/vault/azure/inputs/GetAccessCredentialsPlainArgs.java
+++ b/sdk/java/src/main/java/com/pulumi/vault/azure/inputs/GetAccessCredentialsPlainArgs.java
@@ -37,8 +37,7 @@ public String backend() {
     /**
      * The Azure environment to use during credential validation.
      * Defaults to the environment configured in the Vault backend.
-     * Some possible values: `AzurePublicCloud`, `AzureGovernmentCloud`
-     * *See the caveats section for more information on this field.*
+     * Some possible values: `AzurePublicCloud`, `AzureGovernmentCloud`*See the caveats section for more information on this field.*
      * 
      */
     @Import(name="environment")
@@ -47,8 +46,7 @@ public String backend() {
     /**
      * @return The Azure environment to use during credential validation.
      * Defaults to the environment configured in the Vault backend.
-     * Some possible values: `AzurePublicCloud`, `AzureGovernmentCloud`
-     * *See the caveats section for more information on this field.*
+     * Some possible values: `AzurePublicCloud`, `AzureGovernmentCloud`*See the caveats section for more information on this field.*
      * 
      */
     public Optional environment() {
@@ -152,8 +150,7 @@ public String role() {
 
     /**
      * The subscription ID to use during credential
-     * validation. Defaults to the subscription ID configured in the Vault `backend`.
-     * *See the caveats section for more information on this field.*
+     * validation. Defaults to the subscription ID configured in the Vault `backend`.*See the caveats section for more information on this field.*
      * 
      */
     @Import(name="subscriptionId")
@@ -161,8 +158,7 @@ public String role() {
 
     /**
      * @return The subscription ID to use during credential
-     * validation. Defaults to the subscription ID configured in the Vault `backend`.
-     * *See the caveats section for more information on this field.*
+     * validation. Defaults to the subscription ID configured in the Vault `backend`.*See the caveats section for more information on this field.*
      * 
      */
     public Optional subscriptionId() {
@@ -171,8 +167,7 @@ public Optional subscriptionId() {
 
     /**
      * The tenant ID to use during credential validation.
-     * Defaults to the tenant ID configured in the Vault `backend`.
-     * *See the caveats section for more information on this field.*
+     * Defaults to the tenant ID configured in the Vault `backend`.*See the caveats section for more information on this field.*
      * 
      */
     @Import(name="tenantId")
@@ -180,8 +175,7 @@ public Optional subscriptionId() {
 
     /**
      * @return The tenant ID to use during credential validation.
-     * Defaults to the tenant ID configured in the Vault `backend`.
-     * *See the caveats section for more information on this field.*
+     * Defaults to the tenant ID configured in the Vault `backend`.*See the caveats section for more information on this field.*
      * 
      */
     public Optional tenantId() {
@@ -257,8 +251,7 @@ public Builder backend(String backend) {
         /**
          * @param environment The Azure environment to use during credential validation.
          * Defaults to the environment configured in the Vault backend.
-         * Some possible values: `AzurePublicCloud`, `AzureGovernmentCloud`
-         * *See the caveats section for more information on this field.*
+         * Some possible values: `AzurePublicCloud`, `AzureGovernmentCloud`*See the caveats section for more information on this field.*
          * 
          * @return builder
          * 
@@ -335,8 +328,7 @@ public Builder role(String role) {
 
         /**
          * @param subscriptionId The subscription ID to use during credential
-         * validation. Defaults to the subscription ID configured in the Vault `backend`.
-         * *See the caveats section for more information on this field.*
+         * validation. Defaults to the subscription ID configured in the Vault `backend`.*See the caveats section for more information on this field.*
          * 
          * @return builder
          * 
@@ -348,8 +340,7 @@ public Builder subscriptionId(@Nullable String subscriptionId) {
 
         /**
          * @param tenantId The tenant ID to use during credential validation.
-         * Defaults to the tenant ID configured in the Vault `backend`.
-         * *See the caveats section for more information on this field.*
+         * Defaults to the tenant ID configured in the Vault `backend`.*See the caveats section for more information on this field.*
          * 
          * @return builder
          * 
diff --git a/sdk/java/src/main/java/com/pulumi/vault/consul/SecretBackend.java b/sdk/java/src/main/java/com/pulumi/vault/consul/SecretBackend.java
index 14f6588c2..f2c7eac53 100644
--- a/sdk/java/src/main/java/com/pulumi/vault/consul/SecretBackend.java
+++ b/sdk/java/src/main/java/com/pulumi/vault/consul/SecretBackend.java
@@ -20,7 +20,7 @@
 /**
  * ## Example Usage
  * 
- * ### Creating a standard backend resource:
+ * #### Creating a standard backend resource:
  * <!--Start PulumiCodeChooser -->
  * 
  * {@code
@@ -57,7 +57,7 @@
  * 

  * <!--End PulumiCodeChooser -->
  * 
- * ### Creating a backend resource to bootstrap a new Consul instance:
+ * #### Creating a backend resource to bootstrap a new Consul instance:
  * <!--Start PulumiCodeChooser -->
  * 
  * {@code
diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/SecretsMount.java b/sdk/java/src/main/java/com/pulumi/vault/database/SecretsMount.java
index 72459add0..2064aec1e 100644
--- a/sdk/java/src/main/java/com/pulumi/vault/database/SecretsMount.java
+++ b/sdk/java/src/main/java/com/pulumi/vault/database/SecretsMount.java
@@ -196,32 +196,28 @@ public Output> auditNonHmacResponseKeys() {
         return this.auditNonHmacResponseKeys;
     }
     /**
-     * A nested block containing configuration options for Cassandra connections.\
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for Cassandra connections.*See Configuration Options for more info*
      * 
      */
     @Export(name="cassandras", refs={List.class,SecretsMountCassandra.class}, tree="[0,1]")
     private Output> cassandras;
 
     /**
-     * @return A nested block containing configuration options for Cassandra connections.\
-     * *See Configuration Options for more info*
+     * @return A nested block containing configuration options for Cassandra connections.*See Configuration Options for more info*
      * 
      */
     public Output>> cassandras() {
         return Codegen.optional(this.cassandras);
     }
     /**
-     * A nested block containing configuration options for Couchbase connections.\
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for Couchbase connections.*See Configuration Options for more info*
      * 
      */
     @Export(name="couchbases", refs={List.class,SecretsMountCouchbase.class}, tree="[0,1]")
     private Output> couchbases;
 
     /**
-     * @return A nested block containing configuration options for Couchbase connections.\
-     * *See Configuration Options for more info*
+     * @return A nested block containing configuration options for Couchbase connections.*See Configuration Options for more info*
      * 
      */
     public Output>> couchbases() {
@@ -270,16 +266,14 @@ public Output> description() {
         return Codegen.optional(this.description);
     }
     /**
-     * A nested block containing configuration options for Elasticsearch connections.\
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for Elasticsearch connections.*See Configuration Options for more info*
      * 
      */
     @Export(name="elasticsearches", refs={List.class,SecretsMountElasticsearch.class}, tree="[0,1]")
     private Output> elasticsearches;
 
     /**
-     * @return A nested block containing configuration options for Elasticsearch connections.\
-     * *See Configuration Options for more info*
+     * @return A nested block containing configuration options for Elasticsearch connections.*See Configuration Options for more info*
      * 
      */
     public Output>> elasticsearches() {
@@ -314,16 +308,14 @@ public Output> externalEntropyAccess() {
         return Codegen.optional(this.externalEntropyAccess);
     }
     /**
-     * A nested block containing configuration options for SAP HanaDB connections.\
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for SAP HanaDB connections.*See Configuration Options for more info*
      * 
      */
     @Export(name="hanas", refs={List.class,SecretsMountHana.class}, tree="[0,1]")
     private Output> hanas;
 
     /**
-     * @return A nested block containing configuration options for SAP HanaDB connections.\
-     * *See Configuration Options for more info*
+     * @return A nested block containing configuration options for SAP HanaDB connections.*See Configuration Options for more info*
      * 
      */
     public Output>> hanas() {
@@ -344,16 +336,14 @@ public Output> identityTokenKey() {
         return Codegen.optional(this.identityTokenKey);
     }
     /**
-     * A nested block containing configuration options for InfluxDB connections.\
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for InfluxDB connections.*See Configuration Options for more info*
      * 
      */
     @Export(name="influxdbs", refs={List.class,SecretsMountInfluxdb.class}, tree="[0,1]")
     private Output> influxdbs;
 
     /**
-     * @return A nested block containing configuration options for InfluxDB connections.\
-     * *See Configuration Options for more info*
+     * @return A nested block containing configuration options for InfluxDB connections.*See Configuration Options for more info*
      * 
      */
     public Output>> influxdbs() {
@@ -402,112 +392,98 @@ public Output maxLeaseTtlSeconds() {
         return this.maxLeaseTtlSeconds;
     }
     /**
-     * A nested block containing configuration options for MongoDB Atlas connections.\
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for MongoDB Atlas connections.*See Configuration Options for more info*
      * 
      */
     @Export(name="mongodbatlas", refs={List.class,SecretsMountMongodbatla.class}, tree="[0,1]")
     private Output> mongodbatlas;
 
     /**
-     * @return A nested block containing configuration options for MongoDB Atlas connections.\
-     * *See Configuration Options for more info*
+     * @return A nested block containing configuration options for MongoDB Atlas connections.*See Configuration Options for more info*
      * 
      */
     public Output>> mongodbatlas() {
         return Codegen.optional(this.mongodbatlas);
     }
     /**
-     * A nested block containing configuration options for MongoDB connections.\
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for MongoDB connections.*See Configuration Options for more info*
      * 
      */
     @Export(name="mongodbs", refs={List.class,SecretsMountMongodb.class}, tree="[0,1]")
     private Output> mongodbs;
 
     /**
-     * @return A nested block containing configuration options for MongoDB connections.\
-     * *See Configuration Options for more info*
+     * @return A nested block containing configuration options for MongoDB connections.*See Configuration Options for more info*
      * 
      */
     public Output>> mongodbs() {
         return Codegen.optional(this.mongodbs);
     }
     /**
-     * A nested block containing configuration options for MSSQL connections.\
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for MSSQL connections.*See Configuration Options for more info*
      * 
      */
     @Export(name="mssqls", refs={List.class,SecretsMountMssql.class}, tree="[0,1]")
     private Output> mssqls;
 
     /**
-     * @return A nested block containing configuration options for MSSQL connections.\
-     * *See Configuration Options for more info*
+     * @return A nested block containing configuration options for MSSQL connections.*See Configuration Options for more info*
      * 
      */
     public Output>> mssqls() {
         return Codegen.optional(this.mssqls);
     }
     /**
-     * A nested block containing configuration options for Aurora MySQL connections.\
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for Aurora MySQL connections.*See Configuration Options for more info*
      * 
      */
     @Export(name="mysqlAuroras", refs={List.class,SecretsMountMysqlAurora.class}, tree="[0,1]")
     private Output> mysqlAuroras;
 
     /**
-     * @return A nested block containing configuration options for Aurora MySQL connections.\
-     * *See Configuration Options for more info*
+     * @return A nested block containing configuration options for Aurora MySQL connections.*See Configuration Options for more info*
      * 
      */
     public Output>> mysqlAuroras() {
         return Codegen.optional(this.mysqlAuroras);
     }
     /**
-     * A nested block containing configuration options for legacy MySQL connections.\
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for legacy MySQL connections.*See Configuration Options for more info*
      * 
      */
     @Export(name="mysqlLegacies", refs={List.class,SecretsMountMysqlLegacy.class}, tree="[0,1]")
     private Output> mysqlLegacies;
 
     /**
-     * @return A nested block containing configuration options for legacy MySQL connections.\
-     * *See Configuration Options for more info*
+     * @return A nested block containing configuration options for legacy MySQL connections.*See Configuration Options for more info*
      * 
      */
     public Output>> mysqlLegacies() {
         return Codegen.optional(this.mysqlLegacies);
     }
     /**
-     * A nested block containing configuration options for RDS MySQL connections.\
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for RDS MySQL connections.*See Configuration Options for more info*
      * 
      */
     @Export(name="mysqlRds", refs={List.class,SecretsMountMysqlRd.class}, tree="[0,1]")
     private Output> mysqlRds;
 
     /**
-     * @return A nested block containing configuration options for RDS MySQL connections.\
-     * *See Configuration Options for more info*
+     * @return A nested block containing configuration options for RDS MySQL connections.*See Configuration Options for more info*
      * 
      */
     public Output>> mysqlRds() {
         return Codegen.optional(this.mysqlRds);
     }
     /**
-     * A nested block containing configuration options for MySQL connections.\
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for MySQL connections.*See Configuration Options for more info*
      * 
      */
     @Export(name="mysqls", refs={List.class,SecretsMountMysql.class}, tree="[0,1]")
     private Output> mysqls;
 
     /**
-     * @return A nested block containing configuration options for MySQL connections.\
-     * *See Configuration Options for more info*
+     * @return A nested block containing configuration options for MySQL connections.*See Configuration Options for more info*
      * 
      */
     public Output>> mysqls() {
@@ -542,16 +518,14 @@ public Output>> options() {
         return Codegen.optional(this.options);
     }
     /**
-     * A nested block containing configuration options for Oracle connections.\
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for Oracle connections.*See Configuration Options for more info*
      * 
      */
     @Export(name="oracles", refs={List.class,SecretsMountOracle.class}, tree="[0,1]")
     private Output> oracles;
 
     /**
-     * @return A nested block containing configuration options for Oracle connections.\
-     * *See Configuration Options for more info*
+     * @return A nested block containing configuration options for Oracle connections.*See Configuration Options for more info*
      * 
      */
     public Output>> oracles() {
@@ -600,64 +574,56 @@ public Output> pluginVersion() {
         return Codegen.optional(this.pluginVersion);
     }
     /**
-     * A nested block containing configuration options for PostgreSQL connections.\
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for PostgreSQL connections.*See Configuration Options for more info*
      * 
      */
     @Export(name="postgresqls", refs={List.class,SecretsMountPostgresql.class}, tree="[0,1]")
     private Output> postgresqls;
 
     /**
-     * @return A nested block containing configuration options for PostgreSQL connections.\
-     * *See Configuration Options for more info*
+     * @return A nested block containing configuration options for PostgreSQL connections.*See Configuration Options for more info*
      * 
      */
     public Output>> postgresqls() {
         return Codegen.optional(this.postgresqls);
     }
     /**
-     * A nested block containing configuration options for Redis connections.\
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for Redis connections.*See Configuration Options for more info*
      * 
      */
     @Export(name="redis", refs={List.class,SecretsMountRedi.class}, tree="[0,1]")
     private Output> redis;
 
     /**
-     * @return A nested block containing configuration options for Redis connections.\
-     * *See Configuration Options for more info*
+     * @return A nested block containing configuration options for Redis connections.*See Configuration Options for more info*
      * 
      */
     public Output>> redis() {
         return Codegen.optional(this.redis);
     }
     /**
-     * A nested block containing configuration options for Redis ElastiCache connections.\
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for Redis ElastiCache connections.*See Configuration Options for more info*
      * 
      */
     @Export(name="redisElasticaches", refs={List.class,SecretsMountRedisElasticach.class}, tree="[0,1]")
     private Output> redisElasticaches;
 
     /**
-     * @return A nested block containing configuration options for Redis ElastiCache connections.\
-     * *See Configuration Options for more info*
+     * @return A nested block containing configuration options for Redis ElastiCache connections.*See Configuration Options for more info*
      * 
      */
     public Output>> redisElasticaches() {
         return Codegen.optional(this.redisElasticaches);
     }
     /**
-     * A nested block containing configuration options for AWS Redshift connections.\
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for AWS Redshift connections.*See Configuration Options for more info*
      * 
      */
     @Export(name="redshifts", refs={List.class,SecretsMountRedshift.class}, tree="[0,1]")
     private Output> redshifts;
 
     /**
-     * @return A nested block containing configuration options for AWS Redshift connections.\
-     * *See Configuration Options for more info*
+     * @return A nested block containing configuration options for AWS Redshift connections.*See Configuration Options for more info*
      * 
      */
     public Output>> redshifts() {
@@ -678,16 +644,14 @@ public Output sealWrap() {
         return this.sealWrap;
     }
     /**
-     * A nested block containing configuration options for Snowflake connections.\
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for Snowflake connections.*See Configuration Options for more info*
      * 
      */
     @Export(name="snowflakes", refs={List.class,SecretsMountSnowflake.class}, tree="[0,1]")
     private Output> snowflakes;
 
     /**
-     * @return A nested block containing configuration options for Snowflake connections.\
-     * *See Configuration Options for more info*
+     * @return A nested block containing configuration options for Snowflake connections.*See Configuration Options for more info*
      * 
      */
     public Output>> snowflakes() {
diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/SecretsMountArgs.java b/sdk/java/src/main/java/com/pulumi/vault/database/SecretsMountArgs.java
index c5fd8c3a6..97f258a64 100644
--- a/sdk/java/src/main/java/com/pulumi/vault/database/SecretsMountArgs.java
+++ b/sdk/java/src/main/java/com/pulumi/vault/database/SecretsMountArgs.java
@@ -103,16 +103,14 @@ public Optional>> auditNonHmacResponseKeys() {
     }
 
     /**
-     * A nested block containing configuration options for Cassandra connections.\
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for Cassandra connections.*See Configuration Options for more info*
      * 
      */
     @Import(name="cassandras")
     private @Nullable Output> cassandras;
 
     /**
-     * @return A nested block containing configuration options for Cassandra connections.\
-     * *See Configuration Options for more info*
+     * @return A nested block containing configuration options for Cassandra connections.*See Configuration Options for more info*
      * 
      */
     public Optional>> cassandras() {
@@ -120,16 +118,14 @@ public Optional>> cassandras() {
     }
 
     /**
-     * A nested block containing configuration options for Couchbase connections.\
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for Couchbase connections.*See Configuration Options for more info*
      * 
      */
     @Import(name="couchbases")
     private @Nullable Output> couchbases;
 
     /**
-     * @return A nested block containing configuration options for Couchbase connections.\
-     * *See Configuration Options for more info*
+     * @return A nested block containing configuration options for Couchbase connections.*See Configuration Options for more info*
      * 
      */
     public Optional>> couchbases() {
@@ -182,16 +178,14 @@ public Optional> description() {
     }
 
     /**
-     * A nested block containing configuration options for Elasticsearch connections.\
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for Elasticsearch connections.*See Configuration Options for more info*
      * 
      */
     @Import(name="elasticsearches")
     private @Nullable Output> elasticsearches;
 
     /**
-     * @return A nested block containing configuration options for Elasticsearch connections.\
-     * *See Configuration Options for more info*
+     * @return A nested block containing configuration options for Elasticsearch connections.*See Configuration Options for more info*
      * 
      */
     public Optional>> elasticsearches() {
@@ -214,16 +208,14 @@ public Optional> externalEntropyAccess() {
     }
 
     /**
-     * A nested block containing configuration options for SAP HanaDB connections.\
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for SAP HanaDB connections.*See Configuration Options for more info*
      * 
      */
     @Import(name="hanas")
     private @Nullable Output> hanas;
 
     /**
-     * @return A nested block containing configuration options for SAP HanaDB connections.\
-     * *See Configuration Options for more info*
+     * @return A nested block containing configuration options for SAP HanaDB connections.*See Configuration Options for more info*
      * 
      */
     public Optional>> hanas() {
@@ -246,16 +238,14 @@ public Optional> identityTokenKey() {
     }
 
     /**
-     * A nested block containing configuration options for InfluxDB connections.\
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for InfluxDB connections.*See Configuration Options for more info*
      * 
      */
     @Import(name="influxdbs")
     private @Nullable Output> influxdbs;
 
     /**
-     * @return A nested block containing configuration options for InfluxDB connections.\
-     * *See Configuration Options for more info*
+     * @return A nested block containing configuration options for InfluxDB connections.*See Configuration Options for more info*
      * 
      */
     public Optional>> influxdbs() {
@@ -308,16 +298,14 @@ public Optional> maxLeaseTtlSeconds() {
     }
 
     /**
-     * A nested block containing configuration options for MongoDB Atlas connections.\
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for MongoDB Atlas connections.*See Configuration Options for more info*
      * 
      */
     @Import(name="mongodbatlas")
     private @Nullable Output> mongodbatlas;
 
     /**
-     * @return A nested block containing configuration options for MongoDB Atlas connections.\
-     * *See Configuration Options for more info*
+     * @return A nested block containing configuration options for MongoDB Atlas connections.*See Configuration Options for more info*
      * 
      */
     public Optional>> mongodbatlas() {
@@ -325,16 +313,14 @@ public Optional>> mongodbatlas() {
     }
 
     /**
-     * A nested block containing configuration options for MongoDB connections.\
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for MongoDB connections.*See Configuration Options for more info*
      * 
      */
     @Import(name="mongodbs")
     private @Nullable Output> mongodbs;
 
     /**
-     * @return A nested block containing configuration options for MongoDB connections.\
-     * *See Configuration Options for more info*
+     * @return A nested block containing configuration options for MongoDB connections.*See Configuration Options for more info*
      * 
      */
     public Optional>> mongodbs() {
@@ -342,16 +328,14 @@ public Optional>> mongodbs() {
     }
 
     /**
-     * A nested block containing configuration options for MSSQL connections.\
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for MSSQL connections.*See Configuration Options for more info*
      * 
      */
     @Import(name="mssqls")
     private @Nullable Output> mssqls;
 
     /**
-     * @return A nested block containing configuration options for MSSQL connections.\
-     * *See Configuration Options for more info*
+     * @return A nested block containing configuration options for MSSQL connections.*See Configuration Options for more info*
      * 
      */
     public Optional>> mssqls() {
@@ -359,16 +343,14 @@ public Optional>> mssqls() {
     }
 
     /**
-     * A nested block containing configuration options for Aurora MySQL connections.\
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for Aurora MySQL connections.*See Configuration Options for more info*
      * 
      */
     @Import(name="mysqlAuroras")
     private @Nullable Output> mysqlAuroras;
 
     /**
-     * @return A nested block containing configuration options for Aurora MySQL connections.\
-     * *See Configuration Options for more info*
+     * @return A nested block containing configuration options for Aurora MySQL connections.*See Configuration Options for more info*
      * 
      */
     public Optional>> mysqlAuroras() {
@@ -376,16 +358,14 @@ public Optional>> mysqlAuroras() {
     }
 
     /**
-     * A nested block containing configuration options for legacy MySQL connections.\
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for legacy MySQL connections.*See Configuration Options for more info*
      * 
      */
     @Import(name="mysqlLegacies")
     private @Nullable Output> mysqlLegacies;
 
     /**
-     * @return A nested block containing configuration options for legacy MySQL connections.\
-     * *See Configuration Options for more info*
+     * @return A nested block containing configuration options for legacy MySQL connections.*See Configuration Options for more info*
      * 
      */
     public Optional>> mysqlLegacies() {
@@ -393,16 +373,14 @@ public Optional>> mysqlLegacies() {
     }
 
     /**
-     * A nested block containing configuration options for RDS MySQL connections.\
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for RDS MySQL connections.*See Configuration Options for more info*
      * 
      */
     @Import(name="mysqlRds")
     private @Nullable Output> mysqlRds;
 
     /**
-     * @return A nested block containing configuration options for RDS MySQL connections.\
-     * *See Configuration Options for more info*
+     * @return A nested block containing configuration options for RDS MySQL connections.*See Configuration Options for more info*
      * 
      */
     public Optional>> mysqlRds() {
@@ -410,16 +388,14 @@ public Optional>> mysqlRds() {
     }
 
     /**
-     * A nested block containing configuration options for MySQL connections.\
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for MySQL connections.*See Configuration Options for more info*
      * 
      */
     @Import(name="mysqls")
     private @Nullable Output> mysqls;
 
     /**
-     * @return A nested block containing configuration options for MySQL connections.\
-     * *See Configuration Options for more info*
+     * @return A nested block containing configuration options for MySQL connections.*See Configuration Options for more info*
      * 
      */
     public Optional>> mysqls() {
@@ -457,16 +433,14 @@ public Optional>> options() {
     }
 
     /**
-     * A nested block containing configuration options for Oracle connections.\
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for Oracle connections.*See Configuration Options for more info*
      * 
      */
     @Import(name="oracles")
     private @Nullable Output> oracles;
 
     /**
-     * @return A nested block containing configuration options for Oracle connections.\
-     * *See Configuration Options for more info*
+     * @return A nested block containing configuration options for Oracle connections.*See Configuration Options for more info*
      * 
      */
     public Optional>> oracles() {
@@ -519,16 +493,14 @@ public Optional> pluginVersion() {
     }
 
     /**
-     * A nested block containing configuration options for PostgreSQL connections.\
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for PostgreSQL connections.*See Configuration Options for more info*
      * 
      */
     @Import(name="postgresqls")
     private @Nullable Output> postgresqls;
 
     /**
-     * @return A nested block containing configuration options for PostgreSQL connections.\
-     * *See Configuration Options for more info*
+     * @return A nested block containing configuration options for PostgreSQL connections.*See Configuration Options for more info*
      * 
      */
     public Optional>> postgresqls() {
@@ -536,16 +508,14 @@ public Optional>> postgresqls() {
     }
 
     /**
-     * A nested block containing configuration options for Redis connections.\
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for Redis connections.*See Configuration Options for more info*
      * 
      */
     @Import(name="redis")
     private @Nullable Output> redis;
 
     /**
-     * @return A nested block containing configuration options for Redis connections.\
-     * *See Configuration Options for more info*
+     * @return A nested block containing configuration options for Redis connections.*See Configuration Options for more info*
      * 
      */
     public Optional>> redis() {
@@ -553,16 +523,14 @@ public Optional>> redis() {
     }
 
     /**
-     * A nested block containing configuration options for Redis ElastiCache connections.\
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for Redis ElastiCache connections.*See Configuration Options for more info*
      * 
      */
     @Import(name="redisElasticaches")
     private @Nullable Output> redisElasticaches;
 
     /**
-     * @return A nested block containing configuration options for Redis ElastiCache connections.\
-     * *See Configuration Options for more info*
+     * @return A nested block containing configuration options for Redis ElastiCache connections.*See Configuration Options for more info*
      * 
      */
     public Optional>> redisElasticaches() {
@@ -570,16 +538,14 @@ public Optional>> redisElasticaches
     }
 
     /**
-     * A nested block containing configuration options for AWS Redshift connections.\
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for AWS Redshift connections.*See Configuration Options for more info*
      * 
      */
     @Import(name="redshifts")
     private @Nullable Output> redshifts;
 
     /**
-     * @return A nested block containing configuration options for AWS Redshift connections.\
-     * *See Configuration Options for more info*
+     * @return A nested block containing configuration options for AWS Redshift connections.*See Configuration Options for more info*
      * 
      */
     public Optional>> redshifts() {
@@ -602,16 +568,14 @@ public Optional> sealWrap() {
     }
 
     /**
-     * A nested block containing configuration options for Snowflake connections.\
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for Snowflake connections.*See Configuration Options for more info*
      * 
      */
     @Import(name="snowflakes")
     private @Nullable Output> snowflakes;
 
     /**
-     * @return A nested block containing configuration options for Snowflake connections.\
-     * *See Configuration Options for more info*
+     * @return A nested block containing configuration options for Snowflake connections.*See Configuration Options for more info*
      * 
      */
     public Optional>> snowflakes() {
@@ -808,8 +772,7 @@ public Builder auditNonHmacResponseKeys(String... auditNonHmacResponseKeys) {
         }
 
         /**
-         * @param cassandras A nested block containing configuration options for Cassandra connections.\
-         * *See Configuration Options for more info*
+         * @param cassandras A nested block containing configuration options for Cassandra connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -820,8 +783,7 @@ public Builder cassandras(@Nullable Output> cass
         }
 
         /**
-         * @param cassandras A nested block containing configuration options for Cassandra connections.\
-         * *See Configuration Options for more info*
+         * @param cassandras A nested block containing configuration options for Cassandra connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -831,8 +793,7 @@ public Builder cassandras(List cassandras) {
         }
 
         /**
-         * @param cassandras A nested block containing configuration options for Cassandra connections.\
-         * *See Configuration Options for more info*
+         * @param cassandras A nested block containing configuration options for Cassandra connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -842,8 +803,7 @@ public Builder cassandras(SecretsMountCassandraArgs... cassandras) {
         }
 
         /**
-         * @param couchbases A nested block containing configuration options for Couchbase connections.\
-         * *See Configuration Options for more info*
+         * @param couchbases A nested block containing configuration options for Couchbase connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -854,8 +814,7 @@ public Builder couchbases(@Nullable Output> couc
         }
 
         /**
-         * @param couchbases A nested block containing configuration options for Couchbase connections.\
-         * *See Configuration Options for more info*
+         * @param couchbases A nested block containing configuration options for Couchbase connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -865,8 +824,7 @@ public Builder couchbases(List couchbases) {
         }
 
         /**
-         * @param couchbases A nested block containing configuration options for Couchbase connections.\
-         * *See Configuration Options for more info*
+         * @param couchbases A nested block containing configuration options for Couchbase connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -949,8 +907,7 @@ public Builder description(String description) {
         }
 
         /**
-         * @param elasticsearches A nested block containing configuration options for Elasticsearch connections.\
-         * *See Configuration Options for more info*
+         * @param elasticsearches A nested block containing configuration options for Elasticsearch connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -961,8 +918,7 @@ public Builder elasticsearches(@Nullable Output elasticsearch
         }
 
         /**
-         * @param elasticsearches A nested block containing configuration options for Elasticsearch connections.\
-         * *See Configuration Options for more info*
+         * @param elasticsearches A nested block containing configuration options for Elasticsearch connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1004,8 +959,7 @@ public Builder externalEntropyAccess(Boolean externalEntropyAccess) {
         }
 
         /**
-         * @param hanas A nested block containing configuration options for SAP HanaDB connections.\
-         * *See Configuration Options for more info*
+         * @param hanas A nested block containing configuration options for SAP HanaDB connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1016,8 +970,7 @@ public Builder hanas(@Nullable Output> hanas) {
         }
 
         /**
-         * @param hanas A nested block containing configuration options for SAP HanaDB connections.\
-         * *See Configuration Options for more info*
+         * @param hanas A nested block containing configuration options for SAP HanaDB connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1027,8 +980,7 @@ public Builder hanas(List hanas) {
         }
 
         /**
-         * @param hanas A nested block containing configuration options for SAP HanaDB connections.\
-         * *See Configuration Options for more info*
+         * @param hanas A nested block containing configuration options for SAP HanaDB connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1059,8 +1011,7 @@ public Builder identityTokenKey(String identityTokenKey) {
         }
 
         /**
-         * @param influxdbs A nested block containing configuration options for InfluxDB connections.\
-         * *See Configuration Options for more info*
+         * @param influxdbs A nested block containing configuration options for InfluxDB connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1071,8 +1022,7 @@ public Builder influxdbs(@Nullable Output> influx
         }
 
         /**
-         * @param influxdbs A nested block containing configuration options for InfluxDB connections.\
-         * *See Configuration Options for more info*
+         * @param influxdbs A nested block containing configuration options for InfluxDB connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1082,8 +1032,7 @@ public Builder influxdbs(List influxdbs) {
         }
 
         /**
-         * @param influxdbs A nested block containing configuration options for InfluxDB connections.\
-         * *See Configuration Options for more info*
+         * @param influxdbs A nested block containing configuration options for InfluxDB connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1156,8 +1105,7 @@ public Builder maxLeaseTtlSeconds(Integer maxLeaseTtlSeconds) {
         }
 
         /**
-         * @param mongodbatlas A nested block containing configuration options for MongoDB Atlas connections.\
-         * *See Configuration Options for more info*
+         * @param mongodbatlas A nested block containing configuration options for MongoDB Atlas connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1168,8 +1116,7 @@ public Builder mongodbatlas(@Nullable Output>
         }
 
         /**
-         * @param mongodbatlas A nested block containing configuration options for MongoDB Atlas connections.\
-         * *See Configuration Options for more info*
+         * @param mongodbatlas A nested block containing configuration options for MongoDB Atlas connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1179,8 +1126,7 @@ public Builder mongodbatlas(List mongodbatlas) {
         }
 
         /**
-         * @param mongodbatlas A nested block containing configuration options for MongoDB Atlas connections.\
-         * *See Configuration Options for more info*
+         * @param mongodbatlas A nested block containing configuration options for MongoDB Atlas connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1190,8 +1136,7 @@ public Builder mongodbatlas(SecretsMountMongodbatlaArgs... mongodbatlas) {
         }
 
         /**
-         * @param mongodbs A nested block containing configuration options for MongoDB connections.\
-         * *See Configuration Options for more info*
+         * @param mongodbs A nested block containing configuration options for MongoDB connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1202,8 +1147,7 @@ public Builder mongodbs(@Nullable Output> mongodbs
         }
 
         /**
-         * @param mongodbs A nested block containing configuration options for MongoDB connections.\
-         * *See Configuration Options for more info*
+         * @param mongodbs A nested block containing configuration options for MongoDB connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1213,8 +1157,7 @@ public Builder mongodbs(List mongodbs) {
         }
 
         /**
-         * @param mongodbs A nested block containing configuration options for MongoDB connections.\
-         * *See Configuration Options for more info*
+         * @param mongodbs A nested block containing configuration options for MongoDB connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1224,8 +1167,7 @@ public Builder mongodbs(SecretsMountMongodbArgs... mongodbs) {
         }
 
         /**
-         * @param mssqls A nested block containing configuration options for MSSQL connections.\
-         * *See Configuration Options for more info*
+         * @param mssqls A nested block containing configuration options for MSSQL connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1236,8 +1178,7 @@ public Builder mssqls(@Nullable Output> mssqls) {
         }
 
         /**
-         * @param mssqls A nested block containing configuration options for MSSQL connections.\
-         * *See Configuration Options for more info*
+         * @param mssqls A nested block containing configuration options for MSSQL connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1247,8 +1188,7 @@ public Builder mssqls(List mssqls) {
         }
 
         /**
-         * @param mssqls A nested block containing configuration options for MSSQL connections.\
-         * *See Configuration Options for more info*
+         * @param mssqls A nested block containing configuration options for MSSQL connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1258,8 +1198,7 @@ public Builder mssqls(SecretsMountMssqlArgs... mssqls) {
         }
 
         /**
-         * @param mysqlAuroras A nested block containing configuration options for Aurora MySQL connections.\
-         * *See Configuration Options for more info*
+         * @param mysqlAuroras A nested block containing configuration options for Aurora MySQL connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1270,8 +1209,7 @@ public Builder mysqlAuroras(@Nullable Output>
         }
 
         /**
-         * @param mysqlAuroras A nested block containing configuration options for Aurora MySQL connections.\
-         * *See Configuration Options for more info*
+         * @param mysqlAuroras A nested block containing configuration options for Aurora MySQL connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1281,8 +1219,7 @@ public Builder mysqlAuroras(List mysqlAuroras) {
         }
 
         /**
-         * @param mysqlAuroras A nested block containing configuration options for Aurora MySQL connections.\
-         * *See Configuration Options for more info*
+         * @param mysqlAuroras A nested block containing configuration options for Aurora MySQL connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1292,8 +1229,7 @@ public Builder mysqlAuroras(SecretsMountMysqlAuroraArgs... mysqlAuroras) {
         }
 
         /**
-         * @param mysqlLegacies A nested block containing configuration options for legacy MySQL connections.\
-         * *See Configuration Options for more info*
+         * @param mysqlLegacies A nested block containing configuration options for legacy MySQL connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1304,8 +1240,7 @@ public Builder mysqlLegacies(@Nullable Output>
         }
 
         /**
-         * @param mysqlLegacies A nested block containing configuration options for legacy MySQL connections.\
-         * *See Configuration Options for more info*
+         * @param mysqlLegacies A nested block containing configuration options for legacy MySQL connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1315,8 +1250,7 @@ public Builder mysqlLegacies(List mysqlLegacies) {
         }
 
         /**
-         * @param mysqlLegacies A nested block containing configuration options for legacy MySQL connections.\
-         * *See Configuration Options for more info*
+         * @param mysqlLegacies A nested block containing configuration options for legacy MySQL connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1326,8 +1260,7 @@ public Builder mysqlLegacies(SecretsMountMysqlLegacyArgs... mysqlLegacies) {
         }
 
         /**
-         * @param mysqlRds A nested block containing configuration options for RDS MySQL connections.\
-         * *See Configuration Options for more info*
+         * @param mysqlRds A nested block containing configuration options for RDS MySQL connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1338,8 +1271,7 @@ public Builder mysqlRds(@Nullable Output> mysqlRds
         }
 
         /**
-         * @param mysqlRds A nested block containing configuration options for RDS MySQL connections.\
-         * *See Configuration Options for more info*
+         * @param mysqlRds A nested block containing configuration options for RDS MySQL connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1349,8 +1281,7 @@ public Builder mysqlRds(List mysqlRds) {
         }
 
         /**
-         * @param mysqlRds A nested block containing configuration options for RDS MySQL connections.\
-         * *See Configuration Options for more info*
+         * @param mysqlRds A nested block containing configuration options for RDS MySQL connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1360,8 +1291,7 @@ public Builder mysqlRds(SecretsMountMysqlRdArgs... mysqlRds) {
         }
 
         /**
-         * @param mysqls A nested block containing configuration options for MySQL connections.\
-         * *See Configuration Options for more info*
+         * @param mysqls A nested block containing configuration options for MySQL connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1372,8 +1302,7 @@ public Builder mysqls(@Nullable Output> mysqls) {
         }
 
         /**
-         * @param mysqls A nested block containing configuration options for MySQL connections.\
-         * *See Configuration Options for more info*
+         * @param mysqls A nested block containing configuration options for MySQL connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1383,8 +1312,7 @@ public Builder mysqls(List mysqls) {
         }
 
         /**
-         * @param mysqls A nested block containing configuration options for MySQL connections.\
-         * *See Configuration Options for more info*
+         * @param mysqls A nested block containing configuration options for MySQL connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1436,8 +1364,7 @@ public Builder options(Map options) {
         }
 
         /**
-         * @param oracles A nested block containing configuration options for Oracle connections.\
-         * *See Configuration Options for more info*
+         * @param oracles A nested block containing configuration options for Oracle connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1448,8 +1375,7 @@ public Builder oracles(@Nullable Output> oracles) {
         }
 
         /**
-         * @param oracles A nested block containing configuration options for Oracle connections.\
-         * *See Configuration Options for more info*
+         * @param oracles A nested block containing configuration options for Oracle connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1459,8 +1385,7 @@ public Builder oracles(List oracles) {
         }
 
         /**
-         * @param oracles A nested block containing configuration options for Oracle connections.\
-         * *See Configuration Options for more info*
+         * @param oracles A nested block containing configuration options for Oracle connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1543,8 +1468,7 @@ public Builder pluginVersion(String pluginVersion) {
         }
 
         /**
-         * @param postgresqls A nested block containing configuration options for PostgreSQL connections.\
-         * *See Configuration Options for more info*
+         * @param postgresqls A nested block containing configuration options for PostgreSQL connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1555,8 +1479,7 @@ public Builder postgresqls(@Nullable Output> po
         }
 
         /**
-         * @param postgresqls A nested block containing configuration options for PostgreSQL connections.\
-         * *See Configuration Options for more info*
+         * @param postgresqls A nested block containing configuration options for PostgreSQL connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1566,8 +1489,7 @@ public Builder postgresqls(List postgresqls) {
         }
 
         /**
-         * @param postgresqls A nested block containing configuration options for PostgreSQL connections.\
-         * *See Configuration Options for more info*
+         * @param postgresqls A nested block containing configuration options for PostgreSQL connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1577,8 +1499,7 @@ public Builder postgresqls(SecretsMountPostgresqlArgs... postgresqls) {
         }
 
         /**
-         * @param redis A nested block containing configuration options for Redis connections.\
-         * *See Configuration Options for more info*
+         * @param redis A nested block containing configuration options for Redis connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1589,8 +1510,7 @@ public Builder redis(@Nullable Output> redis) {
         }
 
         /**
-         * @param redis A nested block containing configuration options for Redis connections.\
-         * *See Configuration Options for more info*
+         * @param redis A nested block containing configuration options for Redis connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1600,8 +1520,7 @@ public Builder redis(List redis) {
         }
 
         /**
-         * @param redis A nested block containing configuration options for Redis connections.\
-         * *See Configuration Options for more info*
+         * @param redis A nested block containing configuration options for Redis connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1611,8 +1530,7 @@ public Builder redis(SecretsMountRediArgs... redis) {
         }
 
         /**
-         * @param redisElasticaches A nested block containing configuration options for Redis ElastiCache connections.\
-         * *See Configuration Options for more info*
+         * @param redisElasticaches A nested block containing configuration options for Redis ElastiCache connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1623,8 +1541,7 @@ public Builder redisElasticaches(@Nullable Output redisElas
         }
 
         /**
-         * @param redisElasticaches A nested block containing configuration options for Redis ElastiCache connections.\
-         * *See Configuration Options for more info*
+         * @param redisElasticaches A nested block containing configuration options for Redis ElastiCache connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1645,8 +1561,7 @@ public Builder redisElasticaches(SecretsMountRedisElasticachArgs... redisElastic
         }
 
         /**
-         * @param redshifts A nested block containing configuration options for AWS Redshift connections.\
-         * *See Configuration Options for more info*
+         * @param redshifts A nested block containing configuration options for AWS Redshift connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1657,8 +1572,7 @@ public Builder redshifts(@Nullable Output> redshi
         }
 
         /**
-         * @param redshifts A nested block containing configuration options for AWS Redshift connections.\
-         * *See Configuration Options for more info*
+         * @param redshifts A nested block containing configuration options for AWS Redshift connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1668,8 +1582,7 @@ public Builder redshifts(List redshifts) {
         }
 
         /**
-         * @param redshifts A nested block containing configuration options for AWS Redshift connections.\
-         * *See Configuration Options for more info*
+         * @param redshifts A nested block containing configuration options for AWS Redshift connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1700,8 +1613,7 @@ public Builder sealWrap(Boolean sealWrap) {
         }
 
         /**
-         * @param snowflakes A nested block containing configuration options for Snowflake connections.\
-         * *See Configuration Options for more info*
+         * @param snowflakes A nested block containing configuration options for Snowflake connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1712,8 +1624,7 @@ public Builder snowflakes(@Nullable Output> snow
         }
 
         /**
-         * @param snowflakes A nested block containing configuration options for Snowflake connections.\
-         * *See Configuration Options for more info*
+         * @param snowflakes A nested block containing configuration options for Snowflake connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1723,8 +1634,7 @@ public Builder snowflakes(List snowflakes) {
         }
 
         /**
-         * @param snowflakes A nested block containing configuration options for Snowflake connections.\
-         * *See Configuration Options for more info*
+         * @param snowflakes A nested block containing configuration options for Snowflake connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountState.java b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountState.java
index 5ab54cdfc..7fef65ef3 100644
--- a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountState.java
+++ b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountState.java
@@ -117,16 +117,14 @@ public Optional>> auditNonHmacResponseKeys() {
     }
 
     /**
-     * A nested block containing configuration options for Cassandra connections.\
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for Cassandra connections.*See Configuration Options for more info*
      * 
      */
     @Import(name="cassandras")
     private @Nullable Output> cassandras;
 
     /**
-     * @return A nested block containing configuration options for Cassandra connections.\
-     * *See Configuration Options for more info*
+     * @return A nested block containing configuration options for Cassandra connections.*See Configuration Options for more info*
      * 
      */
     public Optional>> cassandras() {
@@ -134,16 +132,14 @@ public Optional>> cassandras() {
     }
 
     /**
-     * A nested block containing configuration options for Couchbase connections.\
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for Couchbase connections.*See Configuration Options for more info*
      * 
      */
     @Import(name="couchbases")
     private @Nullable Output> couchbases;
 
     /**
-     * @return A nested block containing configuration options for Couchbase connections.\
-     * *See Configuration Options for more info*
+     * @return A nested block containing configuration options for Couchbase connections.*See Configuration Options for more info*
      * 
      */
     public Optional>> couchbases() {
@@ -196,16 +192,14 @@ public Optional> description() {
     }
 
     /**
-     * A nested block containing configuration options for Elasticsearch connections.\
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for Elasticsearch connections.*See Configuration Options for more info*
      * 
      */
     @Import(name="elasticsearches")
     private @Nullable Output> elasticsearches;
 
     /**
-     * @return A nested block containing configuration options for Elasticsearch connections.\
-     * *See Configuration Options for more info*
+     * @return A nested block containing configuration options for Elasticsearch connections.*See Configuration Options for more info*
      * 
      */
     public Optional>> elasticsearches() {
@@ -243,16 +237,14 @@ public Optional> externalEntropyAccess() {
     }
 
     /**
-     * A nested block containing configuration options for SAP HanaDB connections.\
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for SAP HanaDB connections.*See Configuration Options for more info*
      * 
      */
     @Import(name="hanas")
     private @Nullable Output> hanas;
 
     /**
-     * @return A nested block containing configuration options for SAP HanaDB connections.\
-     * *See Configuration Options for more info*
+     * @return A nested block containing configuration options for SAP HanaDB connections.*See Configuration Options for more info*
      * 
      */
     public Optional>> hanas() {
@@ -275,16 +267,14 @@ public Optional> identityTokenKey() {
     }
 
     /**
-     * A nested block containing configuration options for InfluxDB connections.\
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for InfluxDB connections.*See Configuration Options for more info*
      * 
      */
     @Import(name="influxdbs")
     private @Nullable Output> influxdbs;
 
     /**
-     * @return A nested block containing configuration options for InfluxDB connections.\
-     * *See Configuration Options for more info*
+     * @return A nested block containing configuration options for InfluxDB connections.*See Configuration Options for more info*
      * 
      */
     public Optional>> influxdbs() {
@@ -337,16 +327,14 @@ public Optional> maxLeaseTtlSeconds() {
     }
 
     /**
-     * A nested block containing configuration options for MongoDB Atlas connections.\
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for MongoDB Atlas connections.*See Configuration Options for more info*
      * 
      */
     @Import(name="mongodbatlas")
     private @Nullable Output> mongodbatlas;
 
     /**
-     * @return A nested block containing configuration options for MongoDB Atlas connections.\
-     * *See Configuration Options for more info*
+     * @return A nested block containing configuration options for MongoDB Atlas connections.*See Configuration Options for more info*
      * 
      */
     public Optional>> mongodbatlas() {
@@ -354,16 +342,14 @@ public Optional>> mongodbatlas() {
     }
 
     /**
-     * A nested block containing configuration options for MongoDB connections.\
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for MongoDB connections.*See Configuration Options for more info*
      * 
      */
     @Import(name="mongodbs")
     private @Nullable Output> mongodbs;
 
     /**
-     * @return A nested block containing configuration options for MongoDB connections.\
-     * *See Configuration Options for more info*
+     * @return A nested block containing configuration options for MongoDB connections.*See Configuration Options for more info*
      * 
      */
     public Optional>> mongodbs() {
@@ -371,16 +357,14 @@ public Optional>> mongodbs() {
     }
 
     /**
-     * A nested block containing configuration options for MSSQL connections.\
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for MSSQL connections.*See Configuration Options for more info*
      * 
      */
     @Import(name="mssqls")
     private @Nullable Output> mssqls;
 
     /**
-     * @return A nested block containing configuration options for MSSQL connections.\
-     * *See Configuration Options for more info*
+     * @return A nested block containing configuration options for MSSQL connections.*See Configuration Options for more info*
      * 
      */
     public Optional>> mssqls() {
@@ -388,16 +372,14 @@ public Optional>> mssqls() {
     }
 
     /**
-     * A nested block containing configuration options for Aurora MySQL connections.\
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for Aurora MySQL connections.*See Configuration Options for more info*
      * 
      */
     @Import(name="mysqlAuroras")
     private @Nullable Output> mysqlAuroras;
 
     /**
-     * @return A nested block containing configuration options for Aurora MySQL connections.\
-     * *See Configuration Options for more info*
+     * @return A nested block containing configuration options for Aurora MySQL connections.*See Configuration Options for more info*
      * 
      */
     public Optional>> mysqlAuroras() {
@@ -405,16 +387,14 @@ public Optional>> mysqlAuroras() {
     }
 
     /**
-     * A nested block containing configuration options for legacy MySQL connections.\
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for legacy MySQL connections.*See Configuration Options for more info*
      * 
      */
     @Import(name="mysqlLegacies")
     private @Nullable Output> mysqlLegacies;
 
     /**
-     * @return A nested block containing configuration options for legacy MySQL connections.\
-     * *See Configuration Options for more info*
+     * @return A nested block containing configuration options for legacy MySQL connections.*See Configuration Options for more info*
      * 
      */
     public Optional>> mysqlLegacies() {
@@ -422,16 +402,14 @@ public Optional>> mysqlLegacies() {
     }
 
     /**
-     * A nested block containing configuration options for RDS MySQL connections.\
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for RDS MySQL connections.*See Configuration Options for more info*
      * 
      */
     @Import(name="mysqlRds")
     private @Nullable Output> mysqlRds;
 
     /**
-     * @return A nested block containing configuration options for RDS MySQL connections.\
-     * *See Configuration Options for more info*
+     * @return A nested block containing configuration options for RDS MySQL connections.*See Configuration Options for more info*
      * 
      */
     public Optional>> mysqlRds() {
@@ -439,16 +417,14 @@ public Optional>> mysqlRds() {
     }
 
     /**
-     * A nested block containing configuration options for MySQL connections.\
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for MySQL connections.*See Configuration Options for more info*
      * 
      */
     @Import(name="mysqls")
     private @Nullable Output> mysqls;
 
     /**
-     * @return A nested block containing configuration options for MySQL connections.\
-     * *See Configuration Options for more info*
+     * @return A nested block containing configuration options for MySQL connections.*See Configuration Options for more info*
      * 
      */
     public Optional>> mysqls() {
@@ -486,16 +462,14 @@ public Optional>> options() {
     }
 
     /**
-     * A nested block containing configuration options for Oracle connections.\
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for Oracle connections.*See Configuration Options for more info*
      * 
      */
     @Import(name="oracles")
     private @Nullable Output> oracles;
 
     /**
-     * @return A nested block containing configuration options for Oracle connections.\
-     * *See Configuration Options for more info*
+     * @return A nested block containing configuration options for Oracle connections.*See Configuration Options for more info*
      * 
      */
     public Optional>> oracles() {
@@ -548,16 +522,14 @@ public Optional> pluginVersion() {
     }
 
     /**
-     * A nested block containing configuration options for PostgreSQL connections.\
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for PostgreSQL connections.*See Configuration Options for more info*
      * 
      */
     @Import(name="postgresqls")
     private @Nullable Output> postgresqls;
 
     /**
-     * @return A nested block containing configuration options for PostgreSQL connections.\
-     * *See Configuration Options for more info*
+     * @return A nested block containing configuration options for PostgreSQL connections.*See Configuration Options for more info*
      * 
      */
     public Optional>> postgresqls() {
@@ -565,16 +537,14 @@ public Optional>> postgresqls() {
     }
 
     /**
-     * A nested block containing configuration options for Redis connections.\
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for Redis connections.*See Configuration Options for more info*
      * 
      */
     @Import(name="redis")
     private @Nullable Output> redis;
 
     /**
-     * @return A nested block containing configuration options for Redis connections.\
-     * *See Configuration Options for more info*
+     * @return A nested block containing configuration options for Redis connections.*See Configuration Options for more info*
      * 
      */
     public Optional>> redis() {
@@ -582,16 +552,14 @@ public Optional>> redis() {
     }
 
     /**
-     * A nested block containing configuration options for Redis ElastiCache connections.\
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for Redis ElastiCache connections.*See Configuration Options for more info*
      * 
      */
     @Import(name="redisElasticaches")
     private @Nullable Output> redisElasticaches;
 
     /**
-     * @return A nested block containing configuration options for Redis ElastiCache connections.\
-     * *See Configuration Options for more info*
+     * @return A nested block containing configuration options for Redis ElastiCache connections.*See Configuration Options for more info*
      * 
      */
     public Optional>> redisElasticaches() {
@@ -599,16 +567,14 @@ public Optional>> redisElasticaches
     }
 
     /**
-     * A nested block containing configuration options for AWS Redshift connections.\
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for AWS Redshift connections.*See Configuration Options for more info*
      * 
      */
     @Import(name="redshifts")
     private @Nullable Output> redshifts;
 
     /**
-     * @return A nested block containing configuration options for AWS Redshift connections.\
-     * *See Configuration Options for more info*
+     * @return A nested block containing configuration options for AWS Redshift connections.*See Configuration Options for more info*
      * 
      */
     public Optional>> redshifts() {
@@ -631,16 +597,14 @@ public Optional> sealWrap() {
     }
 
     /**
-     * A nested block containing configuration options for Snowflake connections.\
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for Snowflake connections.*See Configuration Options for more info*
      * 
      */
     @Import(name="snowflakes")
     private @Nullable Output> snowflakes;
 
     /**
-     * @return A nested block containing configuration options for Snowflake connections.\
-     * *See Configuration Options for more info*
+     * @return A nested block containing configuration options for Snowflake connections.*See Configuration Options for more info*
      * 
      */
     public Optional>> snowflakes() {
@@ -860,8 +824,7 @@ public Builder auditNonHmacResponseKeys(String... auditNonHmacResponseKeys) {
         }
 
         /**
-         * @param cassandras A nested block containing configuration options for Cassandra connections.\
-         * *See Configuration Options for more info*
+         * @param cassandras A nested block containing configuration options for Cassandra connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -872,8 +835,7 @@ public Builder cassandras(@Nullable Output> cass
         }
 
         /**
-         * @param cassandras A nested block containing configuration options for Cassandra connections.\
-         * *See Configuration Options for more info*
+         * @param cassandras A nested block containing configuration options for Cassandra connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -883,8 +845,7 @@ public Builder cassandras(List cassandras) {
         }
 
         /**
-         * @param cassandras A nested block containing configuration options for Cassandra connections.\
-         * *See Configuration Options for more info*
+         * @param cassandras A nested block containing configuration options for Cassandra connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -894,8 +855,7 @@ public Builder cassandras(SecretsMountCassandraArgs... cassandras) {
         }
 
         /**
-         * @param couchbases A nested block containing configuration options for Couchbase connections.\
-         * *See Configuration Options for more info*
+         * @param couchbases A nested block containing configuration options for Couchbase connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -906,8 +866,7 @@ public Builder couchbases(@Nullable Output> couc
         }
 
         /**
-         * @param couchbases A nested block containing configuration options for Couchbase connections.\
-         * *See Configuration Options for more info*
+         * @param couchbases A nested block containing configuration options for Couchbase connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -917,8 +876,7 @@ public Builder couchbases(List couchbases) {
         }
 
         /**
-         * @param couchbases A nested block containing configuration options for Couchbase connections.\
-         * *See Configuration Options for more info*
+         * @param couchbases A nested block containing configuration options for Couchbase connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1001,8 +959,7 @@ public Builder description(String description) {
         }
 
         /**
-         * @param elasticsearches A nested block containing configuration options for Elasticsearch connections.\
-         * *See Configuration Options for more info*
+         * @param elasticsearches A nested block containing configuration options for Elasticsearch connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1013,8 +970,7 @@ public Builder elasticsearches(@Nullable Output elasticsearch
         }
 
         /**
-         * @param elasticsearches A nested block containing configuration options for Elasticsearch connections.\
-         * *See Configuration Options for more info*
+         * @param elasticsearches A nested block containing configuration options for Elasticsearch connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1077,8 +1032,7 @@ public Builder externalEntropyAccess(Boolean externalEntropyAccess) {
         }
 
         /**
-         * @param hanas A nested block containing configuration options for SAP HanaDB connections.\
-         * *See Configuration Options for more info*
+         * @param hanas A nested block containing configuration options for SAP HanaDB connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1089,8 +1043,7 @@ public Builder hanas(@Nullable Output> hanas) {
         }
 
         /**
-         * @param hanas A nested block containing configuration options for SAP HanaDB connections.\
-         * *See Configuration Options for more info*
+         * @param hanas A nested block containing configuration options for SAP HanaDB connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1100,8 +1053,7 @@ public Builder hanas(List hanas) {
         }
 
         /**
-         * @param hanas A nested block containing configuration options for SAP HanaDB connections.\
-         * *See Configuration Options for more info*
+         * @param hanas A nested block containing configuration options for SAP HanaDB connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1132,8 +1084,7 @@ public Builder identityTokenKey(String identityTokenKey) {
         }
 
         /**
-         * @param influxdbs A nested block containing configuration options for InfluxDB connections.\
-         * *See Configuration Options for more info*
+         * @param influxdbs A nested block containing configuration options for InfluxDB connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1144,8 +1095,7 @@ public Builder influxdbs(@Nullable Output> influx
         }
 
         /**
-         * @param influxdbs A nested block containing configuration options for InfluxDB connections.\
-         * *See Configuration Options for more info*
+         * @param influxdbs A nested block containing configuration options for InfluxDB connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1155,8 +1105,7 @@ public Builder influxdbs(List influxdbs) {
         }
 
         /**
-         * @param influxdbs A nested block containing configuration options for InfluxDB connections.\
-         * *See Configuration Options for more info*
+         * @param influxdbs A nested block containing configuration options for InfluxDB connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1229,8 +1178,7 @@ public Builder maxLeaseTtlSeconds(Integer maxLeaseTtlSeconds) {
         }
 
         /**
-         * @param mongodbatlas A nested block containing configuration options for MongoDB Atlas connections.\
-         * *See Configuration Options for more info*
+         * @param mongodbatlas A nested block containing configuration options for MongoDB Atlas connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1241,8 +1189,7 @@ public Builder mongodbatlas(@Nullable Output>
         }
 
         /**
-         * @param mongodbatlas A nested block containing configuration options for MongoDB Atlas connections.\
-         * *See Configuration Options for more info*
+         * @param mongodbatlas A nested block containing configuration options for MongoDB Atlas connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1252,8 +1199,7 @@ public Builder mongodbatlas(List mongodbatlas) {
         }
 
         /**
-         * @param mongodbatlas A nested block containing configuration options for MongoDB Atlas connections.\
-         * *See Configuration Options for more info*
+         * @param mongodbatlas A nested block containing configuration options for MongoDB Atlas connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1263,8 +1209,7 @@ public Builder mongodbatlas(SecretsMountMongodbatlaArgs... mongodbatlas) {
         }
 
         /**
-         * @param mongodbs A nested block containing configuration options for MongoDB connections.\
-         * *See Configuration Options for more info*
+         * @param mongodbs A nested block containing configuration options for MongoDB connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1275,8 +1220,7 @@ public Builder mongodbs(@Nullable Output> mongodbs
         }
 
         /**
-         * @param mongodbs A nested block containing configuration options for MongoDB connections.\
-         * *See Configuration Options for more info*
+         * @param mongodbs A nested block containing configuration options for MongoDB connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1286,8 +1230,7 @@ public Builder mongodbs(List mongodbs) {
         }
 
         /**
-         * @param mongodbs A nested block containing configuration options for MongoDB connections.\
-         * *See Configuration Options for more info*
+         * @param mongodbs A nested block containing configuration options for MongoDB connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1297,8 +1240,7 @@ public Builder mongodbs(SecretsMountMongodbArgs... mongodbs) {
         }
 
         /**
-         * @param mssqls A nested block containing configuration options for MSSQL connections.\
-         * *See Configuration Options for more info*
+         * @param mssqls A nested block containing configuration options for MSSQL connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1309,8 +1251,7 @@ public Builder mssqls(@Nullable Output> mssqls) {
         }
 
         /**
-         * @param mssqls A nested block containing configuration options for MSSQL connections.\
-         * *See Configuration Options for more info*
+         * @param mssqls A nested block containing configuration options for MSSQL connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1320,8 +1261,7 @@ public Builder mssqls(List mssqls) {
         }
 
         /**
-         * @param mssqls A nested block containing configuration options for MSSQL connections.\
-         * *See Configuration Options for more info*
+         * @param mssqls A nested block containing configuration options for MSSQL connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1331,8 +1271,7 @@ public Builder mssqls(SecretsMountMssqlArgs... mssqls) {
         }
 
         /**
-         * @param mysqlAuroras A nested block containing configuration options for Aurora MySQL connections.\
-         * *See Configuration Options for more info*
+         * @param mysqlAuroras A nested block containing configuration options for Aurora MySQL connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1343,8 +1282,7 @@ public Builder mysqlAuroras(@Nullable Output>
         }
 
         /**
-         * @param mysqlAuroras A nested block containing configuration options for Aurora MySQL connections.\
-         * *See Configuration Options for more info*
+         * @param mysqlAuroras A nested block containing configuration options for Aurora MySQL connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1354,8 +1292,7 @@ public Builder mysqlAuroras(List mysqlAuroras) {
         }
 
         /**
-         * @param mysqlAuroras A nested block containing configuration options for Aurora MySQL connections.\
-         * *See Configuration Options for more info*
+         * @param mysqlAuroras A nested block containing configuration options for Aurora MySQL connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1365,8 +1302,7 @@ public Builder mysqlAuroras(SecretsMountMysqlAuroraArgs... mysqlAuroras) {
         }
 
         /**
-         * @param mysqlLegacies A nested block containing configuration options for legacy MySQL connections.\
-         * *See Configuration Options for more info*
+         * @param mysqlLegacies A nested block containing configuration options for legacy MySQL connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1377,8 +1313,7 @@ public Builder mysqlLegacies(@Nullable Output>
         }
 
         /**
-         * @param mysqlLegacies A nested block containing configuration options for legacy MySQL connections.\
-         * *See Configuration Options for more info*
+         * @param mysqlLegacies A nested block containing configuration options for legacy MySQL connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1388,8 +1323,7 @@ public Builder mysqlLegacies(List mysqlLegacies) {
         }
 
         /**
-         * @param mysqlLegacies A nested block containing configuration options for legacy MySQL connections.\
-         * *See Configuration Options for more info*
+         * @param mysqlLegacies A nested block containing configuration options for legacy MySQL connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1399,8 +1333,7 @@ public Builder mysqlLegacies(SecretsMountMysqlLegacyArgs... mysqlLegacies) {
         }
 
         /**
-         * @param mysqlRds A nested block containing configuration options for RDS MySQL connections.\
-         * *See Configuration Options for more info*
+         * @param mysqlRds A nested block containing configuration options for RDS MySQL connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1411,8 +1344,7 @@ public Builder mysqlRds(@Nullable Output> mysqlRds
         }
 
         /**
-         * @param mysqlRds A nested block containing configuration options for RDS MySQL connections.\
-         * *See Configuration Options for more info*
+         * @param mysqlRds A nested block containing configuration options for RDS MySQL connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1422,8 +1354,7 @@ public Builder mysqlRds(List mysqlRds) {
         }
 
         /**
-         * @param mysqlRds A nested block containing configuration options for RDS MySQL connections.\
-         * *See Configuration Options for more info*
+         * @param mysqlRds A nested block containing configuration options for RDS MySQL connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1433,8 +1364,7 @@ public Builder mysqlRds(SecretsMountMysqlRdArgs... mysqlRds) {
         }
 
         /**
-         * @param mysqls A nested block containing configuration options for MySQL connections.\
-         * *See Configuration Options for more info*
+         * @param mysqls A nested block containing configuration options for MySQL connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1445,8 +1375,7 @@ public Builder mysqls(@Nullable Output> mysqls) {
         }
 
         /**
-         * @param mysqls A nested block containing configuration options for MySQL connections.\
-         * *See Configuration Options for more info*
+         * @param mysqls A nested block containing configuration options for MySQL connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1456,8 +1385,7 @@ public Builder mysqls(List mysqls) {
         }
 
         /**
-         * @param mysqls A nested block containing configuration options for MySQL connections.\
-         * *See Configuration Options for more info*
+         * @param mysqls A nested block containing configuration options for MySQL connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1509,8 +1437,7 @@ public Builder options(Map options) {
         }
 
         /**
-         * @param oracles A nested block containing configuration options for Oracle connections.\
-         * *See Configuration Options for more info*
+         * @param oracles A nested block containing configuration options for Oracle connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1521,8 +1448,7 @@ public Builder oracles(@Nullable Output> oracles) {
         }
 
         /**
-         * @param oracles A nested block containing configuration options for Oracle connections.\
-         * *See Configuration Options for more info*
+         * @param oracles A nested block containing configuration options for Oracle connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1532,8 +1458,7 @@ public Builder oracles(List oracles) {
         }
 
         /**
-         * @param oracles A nested block containing configuration options for Oracle connections.\
-         * *See Configuration Options for more info*
+         * @param oracles A nested block containing configuration options for Oracle connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1616,8 +1541,7 @@ public Builder pluginVersion(String pluginVersion) {
         }
 
         /**
-         * @param postgresqls A nested block containing configuration options for PostgreSQL connections.\
-         * *See Configuration Options for more info*
+         * @param postgresqls A nested block containing configuration options for PostgreSQL connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1628,8 +1552,7 @@ public Builder postgresqls(@Nullable Output> po
         }
 
         /**
-         * @param postgresqls A nested block containing configuration options for PostgreSQL connections.\
-         * *See Configuration Options for more info*
+         * @param postgresqls A nested block containing configuration options for PostgreSQL connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1639,8 +1562,7 @@ public Builder postgresqls(List postgresqls) {
         }
 
         /**
-         * @param postgresqls A nested block containing configuration options for PostgreSQL connections.\
-         * *See Configuration Options for more info*
+         * @param postgresqls A nested block containing configuration options for PostgreSQL connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1650,8 +1572,7 @@ public Builder postgresqls(SecretsMountPostgresqlArgs... postgresqls) {
         }
 
         /**
-         * @param redis A nested block containing configuration options for Redis connections.\
-         * *See Configuration Options for more info*
+         * @param redis A nested block containing configuration options for Redis connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1662,8 +1583,7 @@ public Builder redis(@Nullable Output> redis) {
         }
 
         /**
-         * @param redis A nested block containing configuration options for Redis connections.\
-         * *See Configuration Options for more info*
+         * @param redis A nested block containing configuration options for Redis connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1673,8 +1593,7 @@ public Builder redis(List redis) {
         }
 
         /**
-         * @param redis A nested block containing configuration options for Redis connections.\
-         * *See Configuration Options for more info*
+         * @param redis A nested block containing configuration options for Redis connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1684,8 +1603,7 @@ public Builder redis(SecretsMountRediArgs... redis) {
         }
 
         /**
-         * @param redisElasticaches A nested block containing configuration options for Redis ElastiCache connections.\
-         * *See Configuration Options for more info*
+         * @param redisElasticaches A nested block containing configuration options for Redis ElastiCache connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1696,8 +1614,7 @@ public Builder redisElasticaches(@Nullable Output redisElas
         }
 
         /**
-         * @param redisElasticaches A nested block containing configuration options for Redis ElastiCache connections.\
-         * *See Configuration Options for more info*
+         * @param redisElasticaches A nested block containing configuration options for Redis ElastiCache connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1718,8 +1634,7 @@ public Builder redisElasticaches(SecretsMountRedisElasticachArgs... redisElastic
         }
 
         /**
-         * @param redshifts A nested block containing configuration options for AWS Redshift connections.\
-         * *See Configuration Options for more info*
+         * @param redshifts A nested block containing configuration options for AWS Redshift connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1730,8 +1645,7 @@ public Builder redshifts(@Nullable Output> redshi
         }
 
         /**
-         * @param redshifts A nested block containing configuration options for AWS Redshift connections.\
-         * *See Configuration Options for more info*
+         * @param redshifts A nested block containing configuration options for AWS Redshift connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1741,8 +1655,7 @@ public Builder redshifts(List redshifts) {
         }
 
         /**
-         * @param redshifts A nested block containing configuration options for AWS Redshift connections.\
-         * *See Configuration Options for more info*
+         * @param redshifts A nested block containing configuration options for AWS Redshift connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1773,8 +1686,7 @@ public Builder sealWrap(Boolean sealWrap) {
         }
 
         /**
-         * @param snowflakes A nested block containing configuration options for Snowflake connections.\
-         * *See Configuration Options for more info*
+         * @param snowflakes A nested block containing configuration options for Snowflake connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1785,8 +1697,7 @@ public Builder snowflakes(@Nullable Output> snow
         }
 
         /**
-         * @param snowflakes A nested block containing configuration options for Snowflake connections.\
-         * *See Configuration Options for more info*
+         * @param snowflakes A nested block containing configuration options for Snowflake connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
@@ -1796,8 +1707,7 @@ public Builder snowflakes(List snowflakes) {
         }
 
         /**
-         * @param snowflakes A nested block containing configuration options for Snowflake connections.\
-         * *See Configuration Options for more info*
+         * @param snowflakes A nested block containing configuration options for Snowflake connections.*See Configuration Options for more info*
          * 
          * @return builder
          * 
diff --git a/sdk/java/src/main/java/com/pulumi/vault/identity/GroupMemberGroupIds.java b/sdk/java/src/main/java/com/pulumi/vault/identity/GroupMemberGroupIds.java
index 7bf422692..b6827e51b 100644
--- a/sdk/java/src/main/java/com/pulumi/vault/identity/GroupMemberGroupIds.java
+++ b/sdk/java/src/main/java/com/pulumi/vault/identity/GroupMemberGroupIds.java
@@ -17,6 +17,15 @@
 import javax.annotation.Nullable;
 
 /**
+ * layout: "vault"
+ * page_title: "Vault: vault.identity.GroupMemberGroupIds resource"
+ * sidebar_current: "docs-vault-resource-identity-group-member-group-ids"
+ * description: |-
+ * Manages member groups for an Identity Group for Vault.
+ * <!-- yaml: line 6: could not find expected ':' -->
+ * 
+ * # vault\_identity\_group\_member\_group\_ids
+ * 
  * Manages member groups for an Identity Group for Vault. The
  * [Identity secrets engine](https://www.vaultproject.io/docs/secrets/identity/index.html)
  * is the identity management solution for Vault.
diff --git a/sdk/java/src/main/java/com/pulumi/vault/saml/AuthBackend.java b/sdk/java/src/main/java/com/pulumi/vault/saml/AuthBackend.java
index d8286672a..d1785e4b8 100644
--- a/sdk/java/src/main/java/com/pulumi/vault/saml/AuthBackend.java
+++ b/sdk/java/src/main/java/com/pulumi/vault/saml/AuthBackend.java
@@ -17,6 +17,15 @@
 import javax.annotation.Nullable;
 
 /**
+ * layout: "vault"
+ * page_title: "Vault: vault.saml.AuthBackend resource"
+ * sidebar_current: "docs-vault-saml-auth-backend"
+ * description: |-
+ * Manages SAML Auth mounts in Vault.
+ * <!-- yaml: line 6: could not find expected ':' -->
+ * 
+ * # vault\_saml\_auth\_backend
+ * 
  * Manages a SAML Auth mount in a Vault server. See the [Vault
  * documentation](https://www.vaultproject.io/docs/auth/saml/) for more
  * information.
diff --git a/sdk/java/src/main/java/com/pulumi/vault/saml/AuthBackendRole.java b/sdk/java/src/main/java/com/pulumi/vault/saml/AuthBackendRole.java
index 18196ffe6..dc2adbbad 100644
--- a/sdk/java/src/main/java/com/pulumi/vault/saml/AuthBackendRole.java
+++ b/sdk/java/src/main/java/com/pulumi/vault/saml/AuthBackendRole.java
@@ -19,6 +19,15 @@
 import javax.annotation.Nullable;
 
 /**
+ * layout: "vault"
+ * page_title: "Vault: vault.saml.AuthBackendRole resource"
+ * sidebar_current: "docs-vault-resource-saml-auth-backend-role"
+ * description: |-
+ * Manages SAML auth backend roles in Vault.
+ * <!-- yaml: line 6: could not find expected ':' -->
+ * 
+ * # vault\_saml\_auth\_backend\_role
+ * 
  * Manages an SAML auth backend role in a Vault server. See the [Vault
  * documentation](https://www.vaultproject.io/docs/auth/saml.html) for more
  * information.
diff --git a/sdk/java/src/main/java/com/pulumi/vault/secrets/SyncGhDestination.java b/sdk/java/src/main/java/com/pulumi/vault/secrets/SyncGhDestination.java
index e90d90dc3..e68e513bd 100644
--- a/sdk/java/src/main/java/com/pulumi/vault/secrets/SyncGhDestination.java
+++ b/sdk/java/src/main/java/com/pulumi/vault/secrets/SyncGhDestination.java
@@ -86,8 +86,7 @@ public Output> accessToken() {
         return Codegen.optional(this.accessToken);
     }
     /**
-     * The user-defined name of the GitHub App configuration. This is a reference to the name used\
-     * on the new endpoint when configuring the GitHub app on the Vault Server. Can be modified.
+     * The user-defined name of the GitHub App configuration. This is a reference to the name usedon the new endpoint when configuring the GitHub app on the Vault Server. Can be modified.
      * Takes precedence over the `access_token` field.
      * 
      */
@@ -95,8 +94,7 @@ public Output> accessToken() {
     private Output appName;
 
     /**
-     * @return The user-defined name of the GitHub App configuration. This is a reference to the name used\
-     * on the new endpoint when configuring the GitHub app on the Vault Server. Can be modified.
+     * @return The user-defined name of the GitHub App configuration. This is a reference to the name usedon the new endpoint when configuring the GitHub app on the Vault Server. Can be modified.
      * Takes precedence over the `access_token` field.
      * 
      */
diff --git a/sdk/java/src/main/java/com/pulumi/vault/secrets/SyncGhDestinationArgs.java b/sdk/java/src/main/java/com/pulumi/vault/secrets/SyncGhDestinationArgs.java
index 1834c5406..adca1159f 100644
--- a/sdk/java/src/main/java/com/pulumi/vault/secrets/SyncGhDestinationArgs.java
+++ b/sdk/java/src/main/java/com/pulumi/vault/secrets/SyncGhDestinationArgs.java
@@ -36,8 +36,7 @@ public Optional> accessToken() {
     }
 
     /**
-     * The user-defined name of the GitHub App configuration. This is a reference to the name used\
-     * on the new endpoint when configuring the GitHub app on the Vault Server. Can be modified.
+     * The user-defined name of the GitHub App configuration. This is a reference to the name usedon the new endpoint when configuring the GitHub app on the Vault Server. Can be modified.
      * Takes precedence over the `access_token` field.
      * 
      */
@@ -45,8 +44,7 @@ public Optional> accessToken() {
     private @Nullable Output appName;
 
     /**
-     * @return The user-defined name of the GitHub App configuration. This is a reference to the name used\
-     * on the new endpoint when configuring the GitHub app on the Vault Server. Can be modified.
+     * @return The user-defined name of the GitHub App configuration. This is a reference to the name usedon the new endpoint when configuring the GitHub app on the Vault Server. Can be modified.
      * Takes precedence over the `access_token` field.
      * 
      */
@@ -235,8 +233,7 @@ public Builder accessToken(String accessToken) {
         }
 
         /**
-         * @param appName The user-defined name of the GitHub App configuration. This is a reference to the name used\
-         * on the new endpoint when configuring the GitHub app on the Vault Server. Can be modified.
+         * @param appName The user-defined name of the GitHub App configuration. This is a reference to the name usedon the new endpoint when configuring the GitHub app on the Vault Server. Can be modified.
          * Takes precedence over the `access_token` field.
          * 
          * @return builder
@@ -248,8 +245,7 @@ public Builder appName(@Nullable Output appName) {
         }
 
         /**
-         * @param appName The user-defined name of the GitHub App configuration. This is a reference to the name used\
-         * on the new endpoint when configuring the GitHub app on the Vault Server. Can be modified.
+         * @param appName The user-defined name of the GitHub App configuration. This is a reference to the name usedon the new endpoint when configuring the GitHub app on the Vault Server. Can be modified.
          * Takes precedence over the `access_token` field.
          * 
          * @return builder
diff --git a/sdk/java/src/main/java/com/pulumi/vault/secrets/inputs/SyncGhDestinationState.java b/sdk/java/src/main/java/com/pulumi/vault/secrets/inputs/SyncGhDestinationState.java
index 5ce18ec7b..a3ca0dde9 100644
--- a/sdk/java/src/main/java/com/pulumi/vault/secrets/inputs/SyncGhDestinationState.java
+++ b/sdk/java/src/main/java/com/pulumi/vault/secrets/inputs/SyncGhDestinationState.java
@@ -36,8 +36,7 @@ public Optional> accessToken() {
     }
 
     /**
-     * The user-defined name of the GitHub App configuration. This is a reference to the name used\
-     * on the new endpoint when configuring the GitHub app on the Vault Server. Can be modified.
+     * The user-defined name of the GitHub App configuration. This is a reference to the name usedon the new endpoint when configuring the GitHub app on the Vault Server. Can be modified.
      * Takes precedence over the `access_token` field.
      * 
      */
@@ -45,8 +44,7 @@ public Optional> accessToken() {
     private @Nullable Output appName;
 
     /**
-     * @return The user-defined name of the GitHub App configuration. This is a reference to the name used\
-     * on the new endpoint when configuring the GitHub app on the Vault Server. Can be modified.
+     * @return The user-defined name of the GitHub App configuration. This is a reference to the name usedon the new endpoint when configuring the GitHub app on the Vault Server. Can be modified.
      * Takes precedence over the `access_token` field.
      * 
      */
@@ -251,8 +249,7 @@ public Builder accessToken(String accessToken) {
         }
 
         /**
-         * @param appName The user-defined name of the GitHub App configuration. This is a reference to the name used\
-         * on the new endpoint when configuring the GitHub app on the Vault Server. Can be modified.
+         * @param appName The user-defined name of the GitHub App configuration. This is a reference to the name usedon the new endpoint when configuring the GitHub app on the Vault Server. Can be modified.
          * Takes precedence over the `access_token` field.
          * 
          * @return builder
@@ -264,8 +261,7 @@ public Builder appName(@Nullable Output appName) {
         }
 
         /**
-         * @param appName The user-defined name of the GitHub App configuration. This is a reference to the name used\
-         * on the new endpoint when configuring the GitHub app on the Vault Server. Can be modified.
+         * @param appName The user-defined name of the GitHub App configuration. This is a reference to the name usedon the new endpoint when configuring the GitHub app on the Vault Server. Can be modified.
          * Takes precedence over the `access_token` field.
          * 
          * @return builder
diff --git a/sdk/java/src/main/java/com/pulumi/vault/ssh/SecretBackendRole.java b/sdk/java/src/main/java/com/pulumi/vault/ssh/SecretBackendRole.java
index c976de293..41ed70e9f 100644
--- a/sdk/java/src/main/java/com/pulumi/vault/ssh/SecretBackendRole.java
+++ b/sdk/java/src/main/java/com/pulumi/vault/ssh/SecretBackendRole.java
@@ -229,18 +229,14 @@ public Output> allowedExtensions() {
         return Codegen.optional(this.allowedExtensions);
     }
     /**
-     * Set of configuration blocks to define allowed\
-     * user key configuration, like key type and their lengths. Can be specified multiple times.
-     * *See Configuration-Options for more info*
+     * Set of configuration blocks to define alloweduser key configuration, like key type and their lengths. Can be specified multiple times.*See Configuration-Options for more info*
      * 
      */
     @Export(name="allowedUserKeyConfigs", refs={List.class,SecretBackendRoleAllowedUserKeyConfig.class}, tree="[0,1]")
     private Output> allowedUserKeyConfigs;
 
     /**
-     * @return Set of configuration blocks to define allowed\
-     * user key configuration, like key type and their lengths. Can be specified multiple times.
-     * *See Configuration-Options for more info*
+     * @return Set of configuration blocks to define alloweduser key configuration, like key type and their lengths. Can be specified multiple times.*See Configuration-Options for more info*
      * 
      */
     public Output>> allowedUserKeyConfigs() {
diff --git a/sdk/java/src/main/java/com/pulumi/vault/ssh/SecretBackendRoleArgs.java b/sdk/java/src/main/java/com/pulumi/vault/ssh/SecretBackendRoleArgs.java
index 4579c427c..5b35f6e76 100644
--- a/sdk/java/src/main/java/com/pulumi/vault/ssh/SecretBackendRoleArgs.java
+++ b/sdk/java/src/main/java/com/pulumi/vault/ssh/SecretBackendRoleArgs.java
@@ -173,18 +173,14 @@ public Optional> allowedExtensions() {
     }
 
     /**
-     * Set of configuration blocks to define allowed\
-     * user key configuration, like key type and their lengths. Can be specified multiple times.
-     * *See Configuration-Options for more info*
+     * Set of configuration blocks to define alloweduser key configuration, like key type and their lengths. Can be specified multiple times.*See Configuration-Options for more info*
      * 
      */
     @Import(name="allowedUserKeyConfigs")
     private @Nullable Output> allowedUserKeyConfigs;
 
     /**
-     * @return Set of configuration blocks to define allowed\
-     * user key configuration, like key type and their lengths. Can be specified multiple times.
-     * *See Configuration-Options for more info*
+     * @return Set of configuration blocks to define alloweduser key configuration, like key type and their lengths. Can be specified multiple times.*See Configuration-Options for more info*
      * 
      */
     public Optional>> allowedUserKeyConfigs() {
@@ -684,9 +680,7 @@ public Builder allowedExtensions(String allowedExtensions) {
         }
 
         /**
-         * @param allowedUserKeyConfigs Set of configuration blocks to define allowed\
-         * user key configuration, like key type and their lengths. Can be specified multiple times.
-         * *See Configuration-Options for more info*
+         * @param allowedUserKeyConfigs Set of configuration blocks to define alloweduser key configuration, like key type and their lengths. Can be specified multiple times.*See Configuration-Options for more info*
          * 
          * @return builder
          * 
@@ -697,9 +691,7 @@ public Builder allowedUserKeyConfigs(@Nullable Output> allowedExtensions() {
     }
 
     /**
-     * Set of configuration blocks to define allowed\
-     * user key configuration, like key type and their lengths. Can be specified multiple times.
-     * *See Configuration-Options for more info*
+     * Set of configuration blocks to define alloweduser key configuration, like key type and their lengths. Can be specified multiple times.*See Configuration-Options for more info*
      * 
      */
     @Import(name="allowedUserKeyConfigs")
     private @Nullable Output> allowedUserKeyConfigs;
 
     /**
-     * @return Set of configuration blocks to define allowed\
-     * user key configuration, like key type and their lengths. Can be specified multiple times.
-     * *See Configuration-Options for more info*
+     * @return Set of configuration blocks to define alloweduser key configuration, like key type and their lengths. Can be specified multiple times.*See Configuration-Options for more info*
      * 
      */
     public Optional>> allowedUserKeyConfigs() {
@@ -683,9 +679,7 @@ public Builder allowedExtensions(String allowedExtensions) {
         }
 
         /**
-         * @param allowedUserKeyConfigs Set of configuration blocks to define allowed\
-         * user key configuration, like key type and their lengths. Can be specified multiple times.
-         * *See Configuration-Options for more info*
+         * @param allowedUserKeyConfigs Set of configuration blocks to define alloweduser key configuration, like key type and their lengths. Can be specified multiple times.*See Configuration-Options for more info*
          * 
          * @return builder
          * 
@@ -696,9 +690,7 @@ public Builder allowedUserKeyConfigs(@Nullable Output> orphan() {
     /**
      * Tokens created against this role will have the given suffix as part of their path in addition to the role name.
      * 
-     * > Due to a bug the resource. This *will* cause all existing tokens issued by this role to be revoked.
-     * 
      */
     @Export(name="pathSuffix", refs={String.class}, tree="[0]")
     private Output pathSuffix;
@@ -194,8 +192,6 @@ public Output> orphan() {
     /**
      * @return Tokens created against this role will have the given suffix as part of their path in addition to the role name.
      * 
-     * > Due to a bug the resource. This *will* cause all existing tokens issued by this role to be revoked.
-     * 
      */
     public Output> pathSuffix() {
         return Codegen.optional(this.pathSuffix);
diff --git a/sdk/java/src/main/java/com/pulumi/vault/tokenauth/AuthBackendRoleArgs.java b/sdk/java/src/main/java/com/pulumi/vault/tokenauth/AuthBackendRoleArgs.java
index 9df4a3c76..07ed47a0d 100644
--- a/sdk/java/src/main/java/com/pulumi/vault/tokenauth/AuthBackendRoleArgs.java
+++ b/sdk/java/src/main/java/com/pulumi/vault/tokenauth/AuthBackendRoleArgs.java
@@ -133,8 +133,6 @@ public Optional> orphan() {
     /**
      * Tokens created against this role will have the given suffix as part of their path in addition to the role name.
      * 
-     * > Due to a bug the resource. This *will* cause all existing tokens issued by this role to be revoked.
-     * 
      */
     @Import(name="pathSuffix")
     private @Nullable Output pathSuffix;
@@ -142,8 +140,6 @@ public Optional> orphan() {
     /**
      * @return Tokens created against this role will have the given suffix as part of their path in addition to the role name.
      * 
-     * > Due to a bug the resource. This *will* cause all existing tokens issued by this role to be revoked.
-     * 
      */
     public Optional> pathSuffix() {
         return Optional.ofNullable(this.pathSuffix);
@@ -562,8 +558,6 @@ public Builder orphan(Boolean orphan) {
         /**
          * @param pathSuffix Tokens created against this role will have the given suffix as part of their path in addition to the role name.
          * 
-         * > Due to a bug the resource. This *will* cause all existing tokens issued by this role to be revoked.
-         * 
          * @return builder
          * 
          */
@@ -575,8 +569,6 @@ public Builder pathSuffix(@Nullable Output pathSuffix) {
         /**
          * @param pathSuffix Tokens created against this role will have the given suffix as part of their path in addition to the role name.
          * 
-         * > Due to a bug the resource. This *will* cause all existing tokens issued by this role to be revoked.
-         * 
          * @return builder
          * 
          */
diff --git a/sdk/java/src/main/java/com/pulumi/vault/tokenauth/inputs/AuthBackendRoleState.java b/sdk/java/src/main/java/com/pulumi/vault/tokenauth/inputs/AuthBackendRoleState.java
index d0927ec95..b72ed6e79 100644
--- a/sdk/java/src/main/java/com/pulumi/vault/tokenauth/inputs/AuthBackendRoleState.java
+++ b/sdk/java/src/main/java/com/pulumi/vault/tokenauth/inputs/AuthBackendRoleState.java
@@ -132,8 +132,6 @@ public Optional> orphan() {
     /**
      * Tokens created against this role will have the given suffix as part of their path in addition to the role name.
      * 
-     * > Due to a bug the resource. This *will* cause all existing tokens issued by this role to be revoked.
-     * 
      */
     @Import(name="pathSuffix")
     private @Nullable Output pathSuffix;
@@ -141,8 +139,6 @@ public Optional> orphan() {
     /**
      * @return Tokens created against this role will have the given suffix as part of their path in addition to the role name.
      * 
-     * > Due to a bug the resource. This *will* cause all existing tokens issued by this role to be revoked.
-     * 
      */
     public Optional> pathSuffix() {
         return Optional.ofNullable(this.pathSuffix);
@@ -561,8 +557,6 @@ public Builder orphan(Boolean orphan) {
         /**
          * @param pathSuffix Tokens created against this role will have the given suffix as part of their path in addition to the role name.
          * 
-         * > Due to a bug the resource. This *will* cause all existing tokens issued by this role to be revoked.
-         * 
          * @return builder
          * 
          */
@@ -574,8 +568,6 @@ public Builder pathSuffix(@Nullable Output pathSuffix) {
         /**
          * @param pathSuffix Tokens created against this role will have the given suffix as part of their path in addition to the role name.
          * 
-         * > Due to a bug the resource. This *will* cause all existing tokens issued by this role to be revoked.
-         * 
          * @return builder
          * 
          */
diff --git a/sdk/java/src/main/java/com/pulumi/vault/transform/Template.java b/sdk/java/src/main/java/com/pulumi/vault/transform/Template.java
index b30db43a6..7c84c5243 100644
--- a/sdk/java/src/main/java/com/pulumi/vault/transform/Template.java
+++ b/sdk/java/src/main/java/com/pulumi/vault/transform/Template.java
@@ -21,7 +21,7 @@
  * It creates or updates a template with the given name. If a template with the name does not exist,
  * it will be created. If the template exists, it will be updated with the new attributes.
  * 
- * > Requires _Vault Enterprise with the Advanced Data Protection Transform Module_.
+ * > Requires *Vault Enterprise with the Advanced Data Protection Transform Module*.
  * See [Transform Secrets Engine](https://www.vaultproject.io/docs/secrets/transform)
  * for more information.
  * 
diff --git a/sdk/nodejs/audit.ts b/sdk/nodejs/audit.ts
index 698fe010d..ed290628b 100644
--- a/sdk/nodejs/audit.ts
+++ b/sdk/nodejs/audit.ts
@@ -7,7 +7,7 @@ import * as utilities from "./utilities";
 /**
  * ## Example Usage
  *
- * ### File Audit Device)
+ * ### file audit device)
  *
  * ```typescript
  * import * as pulumi from "@pulumi/pulumi";
@@ -21,7 +21,7 @@ import * as utilities from "./utilities";
  * });
  * ```
  *
- * ### Socket Audit Device)
+ * ### socket audit device)
  *
  * ```typescript
  * import * as pulumi from "@pulumi/pulumi";
diff --git a/sdk/nodejs/aws/authBackendClient.ts b/sdk/nodejs/aws/authBackendClient.ts
index 520d483ad..40cf6cc69 100644
--- a/sdk/nodejs/aws/authBackendClient.ts
+++ b/sdk/nodejs/aws/authBackendClient.ts
@@ -95,7 +95,7 @@ export class AuthBackendClient extends pulumi.CustomResource {
      */
     public readonly iamServerIdHeaderValue!: pulumi.Output;
     /**
-     * The audience claim value. Mutually exclusive with `accessKey`. 
+     * The audience claim value. Mutually exclusive with `accessKey`.
      * Requires Vault 1.17+. *Available only for Vault Enterprise*
      */
     public readonly identityTokenAudience!: pulumi.Output;
@@ -105,7 +105,7 @@ export class AuthBackendClient extends pulumi.CustomResource {
      */
     public readonly identityTokenTtl!: pulumi.Output;
     /**
-     * Number of max retries the client should use for recoverable errors. 
+     * Number of max retries the client should use for recoverable errors.
      * The default `-1` falls back to the AWS SDK's default behavior.
      */
     public readonly maxRetries!: pulumi.Output;
@@ -132,12 +132,12 @@ export class AuthBackendClient extends pulumi.CustomResource {
      */
     public readonly stsEndpoint!: pulumi.Output;
     /**
-     * Override the default region when making STS API 
+     * Override the default region when making STS API
      * calls. The `stsEndpoint` argument must be set when using `stsRegion`.
      */
     public readonly stsRegion!: pulumi.Output;
     /**
-     * Available in Vault v1.15+. If set, 
+     * Available in Vault v1.15+. If set,
      * overrides both `stsEndpoint` and `stsRegion` to instead use the region
      * specified in the client request headers for IAM-based authentication.
      * This can be useful when you have client requests coming from different
@@ -227,7 +227,7 @@ export interface AuthBackendClientState {
      */
     iamServerIdHeaderValue?: pulumi.Input;
     /**
-     * The audience claim value. Mutually exclusive with `accessKey`. 
+     * The audience claim value. Mutually exclusive with `accessKey`.
      * Requires Vault 1.17+. *Available only for Vault Enterprise*
      */
     identityTokenAudience?: pulumi.Input;
@@ -237,7 +237,7 @@ export interface AuthBackendClientState {
      */
     identityTokenTtl?: pulumi.Input;
     /**
-     * Number of max retries the client should use for recoverable errors. 
+     * Number of max retries the client should use for recoverable errors.
      * The default `-1` falls back to the AWS SDK's default behavior.
      */
     maxRetries?: pulumi.Input;
@@ -264,12 +264,12 @@ export interface AuthBackendClientState {
      */
     stsEndpoint?: pulumi.Input;
     /**
-     * Override the default region when making STS API 
+     * Override the default region when making STS API
      * calls. The `stsEndpoint` argument must be set when using `stsRegion`.
      */
     stsRegion?: pulumi.Input;
     /**
-     * Available in Vault v1.15+. If set, 
+     * Available in Vault v1.15+. If set,
      * overrides both `stsEndpoint` and `stsRegion` to instead use the region
      * specified in the client request headers for IAM-based authentication.
      * This can be useful when you have client requests coming from different
@@ -309,7 +309,7 @@ export interface AuthBackendClientArgs {
      */
     iamServerIdHeaderValue?: pulumi.Input;
     /**
-     * The audience claim value. Mutually exclusive with `accessKey`. 
+     * The audience claim value. Mutually exclusive with `accessKey`.
      * Requires Vault 1.17+. *Available only for Vault Enterprise*
      */
     identityTokenAudience?: pulumi.Input;
@@ -319,7 +319,7 @@ export interface AuthBackendClientArgs {
      */
     identityTokenTtl?: pulumi.Input;
     /**
-     * Number of max retries the client should use for recoverable errors. 
+     * Number of max retries the client should use for recoverable errors.
      * The default `-1` falls back to the AWS SDK's default behavior.
      */
     maxRetries?: pulumi.Input;
@@ -346,12 +346,12 @@ export interface AuthBackendClientArgs {
      */
     stsEndpoint?: pulumi.Input;
     /**
-     * Override the default region when making STS API 
+     * Override the default region when making STS API
      * calls. The `stsEndpoint` argument must be set when using `stsRegion`.
      */
     stsRegion?: pulumi.Input;
     /**
-     * Available in Vault v1.15+. If set, 
+     * Available in Vault v1.15+. If set,
      * overrides both `stsEndpoint` and `stsRegion` to instead use the region
      * specified in the client request headers for IAM-based authentication.
      * This can be useful when you have client requests coming from different
diff --git a/sdk/nodejs/aws/secretBackendRole.ts b/sdk/nodejs/aws/secretBackendRole.ts
index 177ff7ffb..46eb57301 100644
--- a/sdk/nodejs/aws/secretBackendRole.ts
+++ b/sdk/nodejs/aws/secretBackendRole.ts
@@ -89,7 +89,7 @@ export class SecretBackendRole extends pulumi.CustomResource {
      */
     public readonly defaultStsTtl!: pulumi.Output;
     /**
-     * External ID to set for assume role creds. 
+     * External ID to set for assume role creds.
      * Valid only when `credentialType` is set to `assumedRole`.
      */
     public readonly externalId!: pulumi.Output;
@@ -126,7 +126,7 @@ export class SecretBackendRole extends pulumi.CustomResource {
      */
     public readonly namespace!: pulumi.Output;
     /**
-     * The ARN of the AWS Permissions 
+     * The ARN of the AWS Permissions
      * Boundary to attach to IAM users created in the role. Valid only when
      * `credentialType` is `iamUser`. If not specified, then no permissions boundary
      * policy will be attached.
@@ -163,7 +163,7 @@ export class SecretBackendRole extends pulumi.CustomResource {
      */
     public readonly sessionTags!: pulumi.Output<{[key: string]: string} | undefined>;
     /**
-     * The path for the user name. Valid only when 
+     * The path for the user name. Valid only when
      * `credentialType` is `iamUser`. Default is `/`.
      */
     public readonly userPath!: pulumi.Output;
@@ -249,7 +249,7 @@ export interface SecretBackendRoleState {
      */
     defaultStsTtl?: pulumi.Input;
     /**
-     * External ID to set for assume role creds. 
+     * External ID to set for assume role creds.
      * Valid only when `credentialType` is set to `assumedRole`.
      */
     externalId?: pulumi.Input;
@@ -286,7 +286,7 @@ export interface SecretBackendRoleState {
      */
     namespace?: pulumi.Input;
     /**
-     * The ARN of the AWS Permissions 
+     * The ARN of the AWS Permissions
      * Boundary to attach to IAM users created in the role. Valid only when
      * `credentialType` is `iamUser`. If not specified, then no permissions boundary
      * policy will be attached.
@@ -323,7 +323,7 @@ export interface SecretBackendRoleState {
      */
     sessionTags?: pulumi.Input<{[key: string]: pulumi.Input}>;
     /**
-     * The path for the user name. Valid only when 
+     * The path for the user name. Valid only when
      * `credentialType` is `iamUser`. Default is `/`.
      */
     userPath?: pulumi.Input;
@@ -353,7 +353,7 @@ export interface SecretBackendRoleArgs {
      */
     defaultStsTtl?: pulumi.Input;
     /**
-     * External ID to set for assume role creds. 
+     * External ID to set for assume role creds.
      * Valid only when `credentialType` is set to `assumedRole`.
      */
     externalId?: pulumi.Input;
@@ -390,7 +390,7 @@ export interface SecretBackendRoleArgs {
      */
     namespace?: pulumi.Input;
     /**
-     * The ARN of the AWS Permissions 
+     * The ARN of the AWS Permissions
      * Boundary to attach to IAM users created in the role. Valid only when
      * `credentialType` is `iamUser`. If not specified, then no permissions boundary
      * policy will be attached.
@@ -427,7 +427,7 @@ export interface SecretBackendRoleArgs {
      */
     sessionTags?: pulumi.Input<{[key: string]: pulumi.Input}>;
     /**
-     * The path for the user name. Valid only when 
+     * The path for the user name. Valid only when
      * `credentialType` is `iamUser`. Default is `/`.
      */
     userPath?: pulumi.Input;
diff --git a/sdk/nodejs/azure/backend.ts b/sdk/nodejs/azure/backend.ts
index 5302dc19e..2cc7a4105 100644
--- a/sdk/nodejs/azure/backend.ts
+++ b/sdk/nodejs/azure/backend.ts
@@ -7,7 +7,7 @@ import * as utilities from "../utilities";
 /**
  * ## Example Usage
  *
- * ### *Vault-1.9 And Above*
+ * ### vault-1.9 and above
  *
  * You can setup the Azure secrets engine with Workload Identity Federation (WIF) for a secret-less configuration:
  * ```typescript
@@ -37,7 +37,7 @@ import * as utilities from "../utilities";
  * });
  * ```
  *
- * ### *Vault-1.8 And Below*
+ * ### vault-1.8 and below
  *
  * ```typescript
  * import * as pulumi from "@pulumi/pulumi";
diff --git a/sdk/nodejs/azure/getAccessCredentials.ts b/sdk/nodejs/azure/getAccessCredentials.ts
index 89f4a89ca..92aadf5fa 100644
--- a/sdk/nodejs/azure/getAccessCredentials.ts
+++ b/sdk/nodejs/azure/getAccessCredentials.ts
@@ -55,12 +55,11 @@ export interface GetAccessCredentialsArgs {
     /**
      * The Azure environment to use during credential validation.
      * Defaults to the environment configured in the Vault backend.
-     * Some possible values: `AzurePublicCloud`, `AzureGovernmentCloud`
-     * *See the caveats section for more information on this field.*
+     * Some possible values: `AzurePublicCloud`, `AzureGovernmentCloud`*See the caveats section for more information on this field.*
      */
     environment?: string;
     /**
-     * If 'validate_creds' is true, 
+     * If 'validate_creds' is true,
      * the number of seconds after which to give up validating credentials. Defaults
      * to 300.
      */
@@ -73,13 +72,13 @@ export interface GetAccessCredentialsArgs {
      */
     namespace?: string;
     /**
-     * If 'validate_creds' is true, 
+     * If 'validate_creds' is true,
      * the number of seconds to wait between each test of generated credentials.
      * Defaults to 1.
      */
     numSecondsBetweenTests?: number;
     /**
-     * If 'validate_creds' is true, 
+     * If 'validate_creds' is true,
      * the number of sequential successes required to validate generated
      * credentials. Defaults to 8.
      */
@@ -91,18 +90,16 @@ export interface GetAccessCredentialsArgs {
     role: string;
     /**
      * The subscription ID to use during credential
-     * validation. Defaults to the subscription ID configured in the Vault `backend`.
-     * *See the caveats section for more information on this field.*
+     * validation. Defaults to the subscription ID configured in the Vault `backend`.*See the caveats section for more information on this field.*
      */
     subscriptionId?: string;
     /**
      * The tenant ID to use during credential validation.
-     * Defaults to the tenant ID configured in the Vault `backend`.
-     * *See the caveats section for more information on this field.*
+     * Defaults to the tenant ID configured in the Vault `backend`.*See the caveats section for more information on this field.*
      */
     tenantId?: string;
     /**
-     * Whether generated credentials should be 
+     * Whether generated credentials should be
      * validated before being returned. Defaults to `false`, which returns
      * credentials without checking whether they have fully propagated throughout
      * Azure Active Directory. Designating `true` activates testing.
@@ -187,12 +184,11 @@ export interface GetAccessCredentialsOutputArgs {
     /**
      * The Azure environment to use during credential validation.
      * Defaults to the environment configured in the Vault backend.
-     * Some possible values: `AzurePublicCloud`, `AzureGovernmentCloud`
-     * *See the caveats section for more information on this field.*
+     * Some possible values: `AzurePublicCloud`, `AzureGovernmentCloud`*See the caveats section for more information on this field.*
      */
     environment?: pulumi.Input;
     /**
-     * If 'validate_creds' is true, 
+     * If 'validate_creds' is true,
      * the number of seconds after which to give up validating credentials. Defaults
      * to 300.
      */
@@ -205,13 +201,13 @@ export interface GetAccessCredentialsOutputArgs {
      */
     namespace?: pulumi.Input;
     /**
-     * If 'validate_creds' is true, 
+     * If 'validate_creds' is true,
      * the number of seconds to wait between each test of generated credentials.
      * Defaults to 1.
      */
     numSecondsBetweenTests?: pulumi.Input;
     /**
-     * If 'validate_creds' is true, 
+     * If 'validate_creds' is true,
      * the number of sequential successes required to validate generated
      * credentials. Defaults to 8.
      */
@@ -223,18 +219,16 @@ export interface GetAccessCredentialsOutputArgs {
     role: pulumi.Input;
     /**
      * The subscription ID to use during credential
-     * validation. Defaults to the subscription ID configured in the Vault `backend`.
-     * *See the caveats section for more information on this field.*
+     * validation. Defaults to the subscription ID configured in the Vault `backend`.*See the caveats section for more information on this field.*
      */
     subscriptionId?: pulumi.Input;
     /**
      * The tenant ID to use during credential validation.
-     * Defaults to the tenant ID configured in the Vault `backend`.
-     * *See the caveats section for more information on this field.*
+     * Defaults to the tenant ID configured in the Vault `backend`.*See the caveats section for more information on this field.*
      */
     tenantId?: pulumi.Input;
     /**
-     * Whether generated credentials should be 
+     * Whether generated credentials should be
      * validated before being returned. Defaults to `false`, which returns
      * credentials without checking whether they have fully propagated throughout
      * Azure Active Directory. Designating `true` activates testing.
diff --git a/sdk/nodejs/consul/secretBackend.ts b/sdk/nodejs/consul/secretBackend.ts
index d8fd63b35..c94c0f9ad 100644
--- a/sdk/nodejs/consul/secretBackend.ts
+++ b/sdk/nodejs/consul/secretBackend.ts
@@ -7,7 +7,7 @@ import * as utilities from "../utilities";
 /**
  * ## Example Usage
  *
- * ### Creating a standard backend resource:
+ * #### Creating a standard backend resource:
  * ```typescript
  * import * as pulumi from "@pulumi/pulumi";
  * import * as vault from "@pulumi/vault";
@@ -20,7 +20,7 @@ import * as utilities from "../utilities";
  * });
  * ```
  *
- * ### Creating a backend resource to bootstrap a new Consul instance:
+ * #### Creating a backend resource to bootstrap a new Consul instance:
  * ```typescript
  * import * as pulumi from "@pulumi/pulumi";
  * import * as vault from "@pulumi/vault";
diff --git a/sdk/nodejs/database/secretsMount.ts b/sdk/nodejs/database/secretsMount.ts
index 6859e18e8..8cf700288 100644
--- a/sdk/nodejs/database/secretsMount.ts
+++ b/sdk/nodejs/database/secretsMount.ts
@@ -111,13 +111,11 @@ export class SecretsMount extends pulumi.CustomResource {
      */
     public readonly auditNonHmacResponseKeys!: pulumi.Output;
     /**
-     * A nested block containing configuration options for Cassandra connections.  
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for Cassandra connections.*See Configuration Options for more info*
      */
     public readonly cassandras!: pulumi.Output;
     /**
-     * A nested block containing configuration options for Couchbase connections.  
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for Couchbase connections.*See Configuration Options for more info*
      */
     public readonly couchbases!: pulumi.Output;
     /**
@@ -133,8 +131,7 @@ export class SecretsMount extends pulumi.CustomResource {
      */
     public readonly description!: pulumi.Output;
     /**
-     * A nested block containing configuration options for Elasticsearch connections.  
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for Elasticsearch connections.*See Configuration Options for more info*
      */
     public readonly elasticsearches!: pulumi.Output;
     /**
@@ -146,8 +143,7 @@ export class SecretsMount extends pulumi.CustomResource {
      */
     public readonly externalEntropyAccess!: pulumi.Output;
     /**
-     * A nested block containing configuration options for SAP HanaDB connections.  
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for SAP HanaDB connections.*See Configuration Options for more info*
      */
     public readonly hanas!: pulumi.Output;
     /**
@@ -155,8 +151,7 @@ export class SecretsMount extends pulumi.CustomResource {
      */
     public readonly identityTokenKey!: pulumi.Output;
     /**
-     * A nested block containing configuration options for InfluxDB connections.  
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for InfluxDB connections.*See Configuration Options for more info*
      */
     public readonly influxdbs!: pulumi.Output;
     /**
@@ -172,38 +167,31 @@ export class SecretsMount extends pulumi.CustomResource {
      */
     public readonly maxLeaseTtlSeconds!: pulumi.Output;
     /**
-     * A nested block containing configuration options for MongoDB Atlas connections.  
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for MongoDB Atlas connections.*See Configuration Options for more info*
      */
     public readonly mongodbatlas!: pulumi.Output;
     /**
-     * A nested block containing configuration options for MongoDB connections.  
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for MongoDB connections.*See Configuration Options for more info*
      */
     public readonly mongodbs!: pulumi.Output;
     /**
-     * A nested block containing configuration options for MSSQL connections.  
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for MSSQL connections.*See Configuration Options for more info*
      */
     public readonly mssqls!: pulumi.Output;
     /**
-     * A nested block containing configuration options for Aurora MySQL connections.  
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for Aurora MySQL connections.*See Configuration Options for more info*
      */
     public readonly mysqlAuroras!: pulumi.Output;
     /**
-     * A nested block containing configuration options for legacy MySQL connections.  
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for legacy MySQL connections.*See Configuration Options for more info*
      */
     public readonly mysqlLegacies!: pulumi.Output;
     /**
-     * A nested block containing configuration options for RDS MySQL connections.  
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for RDS MySQL connections.*See Configuration Options for more info*
      */
     public readonly mysqlRds!: pulumi.Output;
     /**
-     * A nested block containing configuration options for MySQL connections.  
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for MySQL connections.*See Configuration Options for more info*
      */
     public readonly mysqls!: pulumi.Output;
     /**
@@ -215,8 +203,7 @@ export class SecretsMount extends pulumi.CustomResource {
      */
     public readonly options!: pulumi.Output<{[key: string]: string} | undefined>;
     /**
-     * A nested block containing configuration options for Oracle connections.  
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for Oracle connections.*See Configuration Options for more info*
      */
     public readonly oracles!: pulumi.Output;
     /**
@@ -232,23 +219,19 @@ export class SecretsMount extends pulumi.CustomResource {
      */
     public readonly pluginVersion!: pulumi.Output;
     /**
-     * A nested block containing configuration options for PostgreSQL connections.  
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for PostgreSQL connections.*See Configuration Options for more info*
      */
     public readonly postgresqls!: pulumi.Output;
     /**
-     * A nested block containing configuration options for Redis connections.  
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for Redis connections.*See Configuration Options for more info*
      */
     public readonly redis!: pulumi.Output;
     /**
-     * A nested block containing configuration options for Redis ElastiCache connections.  
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for Redis ElastiCache connections.*See Configuration Options for more info*
      */
     public readonly redisElasticaches!: pulumi.Output;
     /**
-     * A nested block containing configuration options for AWS Redshift connections.  
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for AWS Redshift connections.*See Configuration Options for more info*
      */
     public readonly redshifts!: pulumi.Output;
     /**
@@ -256,8 +239,7 @@ export class SecretsMount extends pulumi.CustomResource {
      */
     public readonly sealWrap!: pulumi.Output;
     /**
-     * A nested block containing configuration options for Snowflake connections.  
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for Snowflake connections.*See Configuration Options for more info*
      */
     public readonly snowflakes!: pulumi.Output;
 
@@ -388,13 +370,11 @@ export interface SecretsMountState {
      */
     auditNonHmacResponseKeys?: pulumi.Input[]>;
     /**
-     * A nested block containing configuration options for Cassandra connections.  
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for Cassandra connections.*See Configuration Options for more info*
      */
     cassandras?: pulumi.Input[]>;
     /**
-     * A nested block containing configuration options for Couchbase connections.  
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for Couchbase connections.*See Configuration Options for more info*
      */
     couchbases?: pulumi.Input[]>;
     /**
@@ -410,8 +390,7 @@ export interface SecretsMountState {
      */
     description?: pulumi.Input;
     /**
-     * A nested block containing configuration options for Elasticsearch connections.  
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for Elasticsearch connections.*See Configuration Options for more info*
      */
     elasticsearches?: pulumi.Input[]>;
     /**
@@ -423,8 +402,7 @@ export interface SecretsMountState {
      */
     externalEntropyAccess?: pulumi.Input;
     /**
-     * A nested block containing configuration options for SAP HanaDB connections.  
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for SAP HanaDB connections.*See Configuration Options for more info*
      */
     hanas?: pulumi.Input[]>;
     /**
@@ -432,8 +410,7 @@ export interface SecretsMountState {
      */
     identityTokenKey?: pulumi.Input;
     /**
-     * A nested block containing configuration options for InfluxDB connections.  
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for InfluxDB connections.*See Configuration Options for more info*
      */
     influxdbs?: pulumi.Input[]>;
     /**
@@ -449,38 +426,31 @@ export interface SecretsMountState {
      */
     maxLeaseTtlSeconds?: pulumi.Input;
     /**
-     * A nested block containing configuration options for MongoDB Atlas connections.  
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for MongoDB Atlas connections.*See Configuration Options for more info*
      */
     mongodbatlas?: pulumi.Input[]>;
     /**
-     * A nested block containing configuration options for MongoDB connections.  
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for MongoDB connections.*See Configuration Options for more info*
      */
     mongodbs?: pulumi.Input[]>;
     /**
-     * A nested block containing configuration options for MSSQL connections.  
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for MSSQL connections.*See Configuration Options for more info*
      */
     mssqls?: pulumi.Input[]>;
     /**
-     * A nested block containing configuration options for Aurora MySQL connections.  
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for Aurora MySQL connections.*See Configuration Options for more info*
      */
     mysqlAuroras?: pulumi.Input[]>;
     /**
-     * A nested block containing configuration options for legacy MySQL connections.  
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for legacy MySQL connections.*See Configuration Options for more info*
      */
     mysqlLegacies?: pulumi.Input[]>;
     /**
-     * A nested block containing configuration options for RDS MySQL connections.  
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for RDS MySQL connections.*See Configuration Options for more info*
      */
     mysqlRds?: pulumi.Input[]>;
     /**
-     * A nested block containing configuration options for MySQL connections.  
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for MySQL connections.*See Configuration Options for more info*
      */
     mysqls?: pulumi.Input[]>;
     /**
@@ -492,8 +462,7 @@ export interface SecretsMountState {
      */
     options?: pulumi.Input<{[key: string]: pulumi.Input}>;
     /**
-     * A nested block containing configuration options for Oracle connections.  
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for Oracle connections.*See Configuration Options for more info*
      */
     oracles?: pulumi.Input[]>;
     /**
@@ -509,23 +478,19 @@ export interface SecretsMountState {
      */
     pluginVersion?: pulumi.Input;
     /**
-     * A nested block containing configuration options for PostgreSQL connections.  
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for PostgreSQL connections.*See Configuration Options for more info*
      */
     postgresqls?: pulumi.Input[]>;
     /**
-     * A nested block containing configuration options for Redis connections.  
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for Redis connections.*See Configuration Options for more info*
      */
     redis?: pulumi.Input[]>;
     /**
-     * A nested block containing configuration options for Redis ElastiCache connections.  
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for Redis ElastiCache connections.*See Configuration Options for more info*
      */
     redisElasticaches?: pulumi.Input[]>;
     /**
-     * A nested block containing configuration options for AWS Redshift connections.  
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for AWS Redshift connections.*See Configuration Options for more info*
      */
     redshifts?: pulumi.Input[]>;
     /**
@@ -533,8 +498,7 @@ export interface SecretsMountState {
      */
     sealWrap?: pulumi.Input;
     /**
-     * A nested block containing configuration options for Snowflake connections.  
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for Snowflake connections.*See Configuration Options for more info*
      */
     snowflakes?: pulumi.Input[]>;
 }
@@ -562,13 +526,11 @@ export interface SecretsMountArgs {
      */
     auditNonHmacResponseKeys?: pulumi.Input[]>;
     /**
-     * A nested block containing configuration options for Cassandra connections.  
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for Cassandra connections.*See Configuration Options for more info*
      */
     cassandras?: pulumi.Input[]>;
     /**
-     * A nested block containing configuration options for Couchbase connections.  
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for Couchbase connections.*See Configuration Options for more info*
      */
     couchbases?: pulumi.Input[]>;
     /**
@@ -584,8 +546,7 @@ export interface SecretsMountArgs {
      */
     description?: pulumi.Input;
     /**
-     * A nested block containing configuration options for Elasticsearch connections.  
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for Elasticsearch connections.*See Configuration Options for more info*
      */
     elasticsearches?: pulumi.Input[]>;
     /**
@@ -593,8 +554,7 @@ export interface SecretsMountArgs {
      */
     externalEntropyAccess?: pulumi.Input;
     /**
-     * A nested block containing configuration options for SAP HanaDB connections.  
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for SAP HanaDB connections.*See Configuration Options for more info*
      */
     hanas?: pulumi.Input[]>;
     /**
@@ -602,8 +562,7 @@ export interface SecretsMountArgs {
      */
     identityTokenKey?: pulumi.Input;
     /**
-     * A nested block containing configuration options for InfluxDB connections.  
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for InfluxDB connections.*See Configuration Options for more info*
      */
     influxdbs?: pulumi.Input[]>;
     /**
@@ -619,38 +578,31 @@ export interface SecretsMountArgs {
      */
     maxLeaseTtlSeconds?: pulumi.Input;
     /**
-     * A nested block containing configuration options for MongoDB Atlas connections.  
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for MongoDB Atlas connections.*See Configuration Options for more info*
      */
     mongodbatlas?: pulumi.Input[]>;
     /**
-     * A nested block containing configuration options for MongoDB connections.  
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for MongoDB connections.*See Configuration Options for more info*
      */
     mongodbs?: pulumi.Input[]>;
     /**
-     * A nested block containing configuration options for MSSQL connections.  
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for MSSQL connections.*See Configuration Options for more info*
      */
     mssqls?: pulumi.Input[]>;
     /**
-     * A nested block containing configuration options for Aurora MySQL connections.  
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for Aurora MySQL connections.*See Configuration Options for more info*
      */
     mysqlAuroras?: pulumi.Input[]>;
     /**
-     * A nested block containing configuration options for legacy MySQL connections.  
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for legacy MySQL connections.*See Configuration Options for more info*
      */
     mysqlLegacies?: pulumi.Input[]>;
     /**
-     * A nested block containing configuration options for RDS MySQL connections.  
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for RDS MySQL connections.*See Configuration Options for more info*
      */
     mysqlRds?: pulumi.Input[]>;
     /**
-     * A nested block containing configuration options for MySQL connections.  
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for MySQL connections.*See Configuration Options for more info*
      */
     mysqls?: pulumi.Input[]>;
     /**
@@ -662,8 +614,7 @@ export interface SecretsMountArgs {
      */
     options?: pulumi.Input<{[key: string]: pulumi.Input}>;
     /**
-     * A nested block containing configuration options for Oracle connections.  
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for Oracle connections.*See Configuration Options for more info*
      */
     oracles?: pulumi.Input[]>;
     /**
@@ -679,23 +630,19 @@ export interface SecretsMountArgs {
      */
     pluginVersion?: pulumi.Input;
     /**
-     * A nested block containing configuration options for PostgreSQL connections.  
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for PostgreSQL connections.*See Configuration Options for more info*
      */
     postgresqls?: pulumi.Input[]>;
     /**
-     * A nested block containing configuration options for Redis connections.  
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for Redis connections.*See Configuration Options for more info*
      */
     redis?: pulumi.Input[]>;
     /**
-     * A nested block containing configuration options for Redis ElastiCache connections.  
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for Redis ElastiCache connections.*See Configuration Options for more info*
      */
     redisElasticaches?: pulumi.Input[]>;
     /**
-     * A nested block containing configuration options for AWS Redshift connections.  
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for AWS Redshift connections.*See Configuration Options for more info*
      */
     redshifts?: pulumi.Input[]>;
     /**
@@ -703,8 +650,7 @@ export interface SecretsMountArgs {
      */
     sealWrap?: pulumi.Input;
     /**
-     * A nested block containing configuration options for Snowflake connections.  
-     * *See Configuration Options for more info*
+     * A nested block containing configuration options for Snowflake connections.*See Configuration Options for more info*
      */
     snowflakes?: pulumi.Input[]>;
 }
diff --git a/sdk/nodejs/getNomadAccessToken.ts b/sdk/nodejs/getNomadAccessToken.ts
index c8dd5c24a..a4d08fc08 100644
--- a/sdk/nodejs/getNomadAccessToken.ts
+++ b/sdk/nodejs/getNomadAccessToken.ts
@@ -69,7 +69,7 @@ export interface GetNomadAccessTokenArgs {
  */
 export interface GetNomadAccessTokenResult {
     /**
-     * The public identifier for a specific token. It can be used 
+     * The public identifier for a specific token. It can be used
      * to look up information about a token or to revoke a token.
      */
     readonly accessorId: string;
diff --git a/sdk/nodejs/identity/getOidcOpenidConfig.ts b/sdk/nodejs/identity/getOidcOpenidConfig.ts
index 9b206cc86..e3e1d6cb3 100644
--- a/sdk/nodejs/identity/getOidcOpenidConfig.ts
+++ b/sdk/nodejs/identity/getOidcOpenidConfig.ts
@@ -80,7 +80,7 @@ export interface GetOidcOpenidConfigResult {
      */
     readonly id: string;
     /**
-     * The signing algorithms supported by 
+     * The signing algorithms supported by
      * the provider.
      */
     readonly idTokenSigningAlgValuesSupporteds: string[];
@@ -95,7 +95,7 @@ export interface GetOidcOpenidConfigResult {
     readonly name: string;
     readonly namespace?: string;
     /**
-     * Specifies whether Request URI Parameter is 
+     * Specifies whether Request URI Parameter is
      * supported by the provider.
      */
     readonly requestUriParameterSupported: boolean;
diff --git a/sdk/nodejs/identity/getOidcPublicKeys.ts b/sdk/nodejs/identity/getOidcPublicKeys.ts
index f5846708a..2d5db90c8 100644
--- a/sdk/nodejs/identity/getOidcPublicKeys.ts
+++ b/sdk/nodejs/identity/getOidcPublicKeys.ts
@@ -72,7 +72,7 @@ export interface GetOidcPublicKeysResult {
      */
     readonly id: string;
     /**
-     * The public portion of keys for an OIDC provider. 
+     * The public portion of keys for an OIDC provider.
      * Clients can use them to validate the authenticity of an identity token.
      */
     readonly keys: {[key: string]: string}[];
diff --git a/sdk/nodejs/identity/groupMemberGroupIds.ts b/sdk/nodejs/identity/groupMemberGroupIds.ts
index 5d1bfac8f..8848b4f30 100644
--- a/sdk/nodejs/identity/groupMemberGroupIds.ts
+++ b/sdk/nodejs/identity/groupMemberGroupIds.ts
@@ -5,6 +5,15 @@ import * as pulumi from "@pulumi/pulumi";
 import * as utilities from "../utilities";
 
 /**
+ * layout: "vault"
+ * page_title: "Vault: vault.identity.GroupMemberGroupIds resource"
+ * sidebar_current: "docs-vault-resource-identity-group-member-group-ids"
+ * description: |-
+ * Manages member groups for an Identity Group for Vault.
+ * 
+ *
+ * # vault\_identity\_group\_member\_group\_ids
+ *
  * Manages member groups for an Identity Group for Vault. The
  * [Identity secrets engine](https://www.vaultproject.io/docs/secrets/identity/index.html)
  * is the identity management solution for Vault.
diff --git a/sdk/nodejs/identity/oidcClient.ts b/sdk/nodejs/identity/oidcClient.ts
index 109db4ab0..8e19a9de2 100644
--- a/sdk/nodejs/identity/oidcClient.ts
+++ b/sdk/nodejs/identity/oidcClient.ts
@@ -91,7 +91,7 @@ export class OidcClient extends pulumi.CustomResource {
      */
     public readonly clientType!: pulumi.Output;
     /**
-     * The time-to-live for ID tokens obtained by the client. 
+     * The time-to-live for ID tokens obtained by the client.
      * The value should be less than the `verificationTtl` on the key.
      */
     public readonly idTokenTtl!: pulumi.Output;
@@ -113,7 +113,7 @@ export class OidcClient extends pulumi.CustomResource {
      */
     public readonly namespace!: pulumi.Output;
     /**
-     * Redirection URI values used by the client. 
+     * Redirection URI values used by the client.
      * One of these values must exactly match the `redirectUri` parameter value
      * used in each authentication request.
      */
@@ -189,7 +189,7 @@ export interface OidcClientState {
      */
     clientType?: pulumi.Input;
     /**
-     * The time-to-live for ID tokens obtained by the client. 
+     * The time-to-live for ID tokens obtained by the client.
      * The value should be less than the `verificationTtl` on the key.
      */
     idTokenTtl?: pulumi.Input;
@@ -211,7 +211,7 @@ export interface OidcClientState {
      */
     namespace?: pulumi.Input;
     /**
-     * Redirection URI values used by the client. 
+     * Redirection URI values used by the client.
      * One of these values must exactly match the `redirectUri` parameter value
      * used in each authentication request.
      */
@@ -236,7 +236,7 @@ export interface OidcClientArgs {
      */
     clientType?: pulumi.Input;
     /**
-     * The time-to-live for ID tokens obtained by the client. 
+     * The time-to-live for ID tokens obtained by the client.
      * The value should be less than the `verificationTtl` on the key.
      */
     idTokenTtl?: pulumi.Input;
@@ -258,7 +258,7 @@ export interface OidcClientArgs {
      */
     namespace?: pulumi.Input;
     /**
-     * Redirection URI values used by the client. 
+     * Redirection URI values used by the client.
      * One of these values must exactly match the `redirectUri` parameter value
      * used in each authentication request.
      */
diff --git a/sdk/nodejs/identity/oidcProvider.ts b/sdk/nodejs/identity/oidcProvider.ts
index 1835e41f8..9e18b782f 100644
--- a/sdk/nodejs/identity/oidcProvider.ts
+++ b/sdk/nodejs/identity/oidcProvider.ts
@@ -90,7 +90,7 @@ export class OidcProvider extends pulumi.CustomResource {
     }
 
     /**
-     * The client IDs that are permitted to use the provider. 
+     * The client IDs that are permitted to use the provider.
      * If empty, no clients are allowed. If `*`, all clients are allowed.
      */
     public readonly allowedClientIds!: pulumi.Output;
@@ -164,7 +164,7 @@ export class OidcProvider extends pulumi.CustomResource {
  */
 export interface OidcProviderState {
     /**
-     * The client IDs that are permitted to use the provider. 
+     * The client IDs that are permitted to use the provider.
      * If empty, no clients are allowed. If `*`, all clients are allowed.
      */
     allowedClientIds?: pulumi.Input[]>;
@@ -204,7 +204,7 @@ export interface OidcProviderState {
  */
 export interface OidcProviderArgs {
     /**
-     * The client IDs that are permitted to use the provider. 
+     * The client IDs that are permitted to use the provider.
      * If empty, no clients are allowed. If `*`, all clients are allowed.
      */
     allowedClientIds?: pulumi.Input[]>;
diff --git a/sdk/nodejs/jwt/authBackendRole.ts b/sdk/nodejs/jwt/authBackendRole.ts
index 0a1e2ca05..f5a869053 100644
--- a/sdk/nodejs/jwt/authBackendRole.ts
+++ b/sdk/nodejs/jwt/authBackendRole.ts
@@ -156,7 +156,7 @@ export class AuthBackendRole extends pulumi.CustomResource {
      */
     public readonly groupsClaim!: pulumi.Output;
     /**
-     * Specifies the allowable elapsed time in seconds since the last time 
+     * Specifies the allowable elapsed time in seconds since the last time
      * the user was actively authenticated with the OIDC provider.
      */
     public readonly maxAge!: pulumi.Output;
@@ -392,7 +392,7 @@ export interface AuthBackendRoleState {
      */
     groupsClaim?: pulumi.Input;
     /**
-     * Specifies the allowable elapsed time in seconds since the last time 
+     * Specifies the allowable elapsed time in seconds since the last time
      * the user was actively authenticated with the OIDC provider.
      */
     maxAge?: pulumi.Input;
@@ -544,7 +544,7 @@ export interface AuthBackendRoleArgs {
      */
     groupsClaim?: pulumi.Input;
     /**
-     * Specifies the allowable elapsed time in seconds since the last time 
+     * Specifies the allowable elapsed time in seconds since the last time
      * the user was actively authenticated with the OIDC provider.
      */
     maxAge?: pulumi.Input;
diff --git a/sdk/nodejs/kubernetes/getServiceAccountToken.ts b/sdk/nodejs/kubernetes/getServiceAccountToken.ts
index a143ad63d..64e6ab7a5 100644
--- a/sdk/nodejs/kubernetes/getServiceAccountToken.ts
+++ b/sdk/nodejs/kubernetes/getServiceAccountToken.ts
@@ -67,17 +67,17 @@ export function getServiceAccountToken(args: GetServiceAccountTokenArgs, opts?:
  */
 export interface GetServiceAccountTokenArgs {
     /**
-     * The Kubernetes secret backend to generate service account 
+     * The Kubernetes secret backend to generate service account
      * tokens from.
      */
     backend: string;
     /**
-     * If true, generate a ClusterRoleBinding to grant 
+     * If true, generate a ClusterRoleBinding to grant
      * permissions across the whole cluster instead of within a namespace.
      */
     clusterRoleBinding?: boolean;
     /**
-     * The name of the Kubernetes namespace in which to 
+     * The name of the Kubernetes namespace in which to
      * generate the credentials.
      */
     kubernetesNamespace: string;
@@ -89,12 +89,12 @@ export interface GetServiceAccountTokenArgs {
      */
     namespace?: string;
     /**
-     * The name of the Kubernetes secret backend role to generate service 
+     * The name of the Kubernetes secret backend role to generate service
      * account tokens from.
      */
     role: string;
     /**
-     * The TTL of the generated Kubernetes service account token, specified in 
+     * The TTL of the generated Kubernetes service account token, specified in
      * seconds or as a Go duration format string.
      */
     ttl?: string;
@@ -193,17 +193,17 @@ export function getServiceAccountTokenOutput(args: GetServiceAccountTokenOutputA
  */
 export interface GetServiceAccountTokenOutputArgs {
     /**
-     * The Kubernetes secret backend to generate service account 
+     * The Kubernetes secret backend to generate service account
      * tokens from.
      */
     backend: pulumi.Input;
     /**
-     * If true, generate a ClusterRoleBinding to grant 
+     * If true, generate a ClusterRoleBinding to grant
      * permissions across the whole cluster instead of within a namespace.
      */
     clusterRoleBinding?: pulumi.Input;
     /**
-     * The name of the Kubernetes namespace in which to 
+     * The name of the Kubernetes namespace in which to
      * generate the credentials.
      */
     kubernetesNamespace: pulumi.Input;
@@ -215,12 +215,12 @@ export interface GetServiceAccountTokenOutputArgs {
      */
     namespace?: pulumi.Input;
     /**
-     * The name of the Kubernetes secret backend role to generate service 
+     * The name of the Kubernetes secret backend role to generate service
      * account tokens from.
      */
     role: pulumi.Input;
     /**
-     * The TTL of the generated Kubernetes service account token, specified in 
+     * The TTL of the generated Kubernetes service account token, specified in
      * seconds or as a Go duration format string.
      */
     ttl?: pulumi.Input;
diff --git a/sdk/nodejs/kubernetes/secretBackend.ts b/sdk/nodejs/kubernetes/secretBackend.ts
index e0bad213e..7838d2afe 100644
--- a/sdk/nodejs/kubernetes/secretBackend.ts
+++ b/sdk/nodejs/kubernetes/secretBackend.ts
@@ -97,7 +97,7 @@ export class SecretBackend extends pulumi.CustomResource {
      */
     public readonly description!: pulumi.Output;
     /**
-     * Disable defaulting to the local CA certificate and 
+     * Disable defaulting to the local CA certificate and
      * service account JWT when Vault is running in a Kubernetes pod.
      */
     public readonly disableLocalCaJwt!: pulumi.Output;
@@ -110,14 +110,14 @@ export class SecretBackend extends pulumi.CustomResource {
      */
     public readonly identityTokenKey!: pulumi.Output;
     /**
-     * A PEM-encoded CA certificate used by the 
+     * A PEM-encoded CA certificate used by the
      * secrets engine to verify the Kubernetes API server certificate. Defaults to the local
      * pod’s CA if Vault is running in Kubernetes. Otherwise, defaults to the root CA set where
      * Vault is running.
      */
     public readonly kubernetesCaCert!: pulumi.Output;
     /**
-     * The Kubernetes API URL to connect to. Required if the 
+     * The Kubernetes API URL to connect to. Required if the
      * standard pod environment variables `KUBERNETES_SERVICE_HOST` or `KUBERNETES_SERVICE_PORT`
      * are not set on the host that Vault is running on.
      */
@@ -277,7 +277,7 @@ export interface SecretBackendState {
      */
     description?: pulumi.Input;
     /**
-     * Disable defaulting to the local CA certificate and 
+     * Disable defaulting to the local CA certificate and
      * service account JWT when Vault is running in a Kubernetes pod.
      */
     disableLocalCaJwt?: pulumi.Input;
@@ -290,14 +290,14 @@ export interface SecretBackendState {
      */
     identityTokenKey?: pulumi.Input;
     /**
-     * A PEM-encoded CA certificate used by the 
+     * A PEM-encoded CA certificate used by the
      * secrets engine to verify the Kubernetes API server certificate. Defaults to the local
      * pod’s CA if Vault is running in Kubernetes. Otherwise, defaults to the root CA set where
      * Vault is running.
      */
     kubernetesCaCert?: pulumi.Input;
     /**
-     * The Kubernetes API URL to connect to. Required if the 
+     * The Kubernetes API URL to connect to. Required if the
      * standard pod environment variables `KUBERNETES_SERVICE_HOST` or `KUBERNETES_SERVICE_PORT`
      * are not set on the host that Vault is running on.
      */
@@ -382,7 +382,7 @@ export interface SecretBackendArgs {
      */
     description?: pulumi.Input;
     /**
-     * Disable defaulting to the local CA certificate and 
+     * Disable defaulting to the local CA certificate and
      * service account JWT when Vault is running in a Kubernetes pod.
      */
     disableLocalCaJwt?: pulumi.Input;
@@ -395,14 +395,14 @@ export interface SecretBackendArgs {
      */
     identityTokenKey?: pulumi.Input;
     /**
-     * A PEM-encoded CA certificate used by the 
+     * A PEM-encoded CA certificate used by the
      * secrets engine to verify the Kubernetes API server certificate. Defaults to the local
      * pod’s CA if Vault is running in Kubernetes. Otherwise, defaults to the root CA set where
      * Vault is running.
      */
     kubernetesCaCert?: pulumi.Input;
     /**
-     * The Kubernetes API URL to connect to. Required if the 
+     * The Kubernetes API URL to connect to. Required if the
      * standard pod environment variables `KUBERNETES_SERVICE_HOST` or `KUBERNETES_SERVICE_PORT`
      * are not set on the host that Vault is running on.
      */
diff --git a/sdk/nodejs/kubernetes/secretBackendRole.ts b/sdk/nodejs/kubernetes/secretBackendRole.ts
index 1efe278ed..4b7781504 100644
--- a/sdk/nodejs/kubernetes/secretBackendRole.ts
+++ b/sdk/nodejs/kubernetes/secretBackendRole.ts
@@ -162,14 +162,14 @@ export class SecretBackendRole extends pulumi.CustomResource {
     }
 
     /**
-     * A label selector for Kubernetes namespaces 
+     * A label selector for Kubernetes namespaces
      * in which credentials can be generated. Accepts either a JSON or YAML object. The value should be
      * of type [LabelSelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.24/#labelselector-v1-meta).
      * If set with `allowedKubernetesNamespace`, the conditions are `OR`ed.
      */
     public readonly allowedKubernetesNamespaceSelector!: pulumi.Output;
     /**
-     * The list of Kubernetes namespaces this role 
+     * The list of Kubernetes namespaces this role
      * can generate credentials for. If set to `*` all namespaces are allowed. If set with
      * `allowedKubernetesNamespaceSelector`, the conditions are `OR`ed.
      */
@@ -180,33 +180,33 @@ export class SecretBackendRole extends pulumi.CustomResource {
      */
     public readonly backend!: pulumi.Output;
     /**
-     * Additional annotations to apply to all generated 
+     * Additional annotations to apply to all generated
      * Kubernetes objects.
      */
     public readonly extraAnnotations!: pulumi.Output<{[key: string]: string} | undefined>;
     /**
-     * Additional labels to apply to all generated Kubernetes 
+     * Additional labels to apply to all generated Kubernetes
      * objects.
      *
      * This resource also directly accepts all vault.Mount fields.
      */
     public readonly extraLabels!: pulumi.Output<{[key: string]: string} | undefined>;
     /**
-     * The Role or ClusterRole rules to use when generating 
+     * The Role or ClusterRole rules to use when generating
      * a role. Accepts either JSON or YAML formatted rules. Mutually exclusive with `serviceAccountName`
      * and `kubernetesRoleName`. If set, the entire chain of Kubernetes objects will be generated
      * when credentials are requested.
      */
     public readonly generatedRoleRules!: pulumi.Output;
     /**
-     * The pre-existing Role or ClusterRole to bind a 
+     * The pre-existing Role or ClusterRole to bind a
      * generated service account to. Mutually exclusive with `serviceAccountName` and
      * `generatedRoleRules`. If set, Kubernetes token, service account, and role
      * binding objects will be created when credentials are requested.
      */
     public readonly kubernetesRoleName!: pulumi.Output;
     /**
-     * Specifies whether the Kubernetes role is a Role or 
+     * Specifies whether the Kubernetes role is a Role or
      * ClusterRole.
      */
     public readonly kubernetesRoleType!: pulumi.Output;
@@ -215,7 +215,7 @@ export class SecretBackendRole extends pulumi.CustomResource {
      */
     public readonly name!: pulumi.Output;
     /**
-     * The name template to use when generating service accounts, 
+     * The name template to use when generating service accounts,
      * roles and role bindings. If unset, a default template is used.
      */
     public readonly nameTemplate!: pulumi.Output;
@@ -298,14 +298,14 @@ export class SecretBackendRole extends pulumi.CustomResource {
  */
 export interface SecretBackendRoleState {
     /**
-     * A label selector for Kubernetes namespaces 
+     * A label selector for Kubernetes namespaces
      * in which credentials can be generated. Accepts either a JSON or YAML object. The value should be
      * of type [LabelSelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.24/#labelselector-v1-meta).
      * If set with `allowedKubernetesNamespace`, the conditions are `OR`ed.
      */
     allowedKubernetesNamespaceSelector?: pulumi.Input;
     /**
-     * The list of Kubernetes namespaces this role 
+     * The list of Kubernetes namespaces this role
      * can generate credentials for. If set to `*` all namespaces are allowed. If set with
      * `allowedKubernetesNamespaceSelector`, the conditions are `OR`ed.
      */
@@ -316,33 +316,33 @@ export interface SecretBackendRoleState {
      */
     backend?: pulumi.Input;
     /**
-     * Additional annotations to apply to all generated 
+     * Additional annotations to apply to all generated
      * Kubernetes objects.
      */
     extraAnnotations?: pulumi.Input<{[key: string]: pulumi.Input}>;
     /**
-     * Additional labels to apply to all generated Kubernetes 
+     * Additional labels to apply to all generated Kubernetes
      * objects.
      *
      * This resource also directly accepts all vault.Mount fields.
      */
     extraLabels?: pulumi.Input<{[key: string]: pulumi.Input}>;
     /**
-     * The Role or ClusterRole rules to use when generating 
+     * The Role or ClusterRole rules to use when generating
      * a role. Accepts either JSON or YAML formatted rules. Mutually exclusive with `serviceAccountName`
      * and `kubernetesRoleName`. If set, the entire chain of Kubernetes objects will be generated
      * when credentials are requested.
      */
     generatedRoleRules?: pulumi.Input;
     /**
-     * The pre-existing Role or ClusterRole to bind a 
+     * The pre-existing Role or ClusterRole to bind a
      * generated service account to. Mutually exclusive with `serviceAccountName` and
      * `generatedRoleRules`. If set, Kubernetes token, service account, and role
      * binding objects will be created when credentials are requested.
      */
     kubernetesRoleName?: pulumi.Input;
     /**
-     * Specifies whether the Kubernetes role is a Role or 
+     * Specifies whether the Kubernetes role is a Role or
      * ClusterRole.
      */
     kubernetesRoleType?: pulumi.Input;
@@ -351,7 +351,7 @@ export interface SecretBackendRoleState {
      */
     name?: pulumi.Input;
     /**
-     * The name template to use when generating service accounts, 
+     * The name template to use when generating service accounts,
      * roles and role bindings. If unset, a default template is used.
      */
     nameTemplate?: pulumi.Input;
@@ -383,14 +383,14 @@ export interface SecretBackendRoleState {
  */
 export interface SecretBackendRoleArgs {
     /**
-     * A label selector for Kubernetes namespaces 
+     * A label selector for Kubernetes namespaces
      * in which credentials can be generated. Accepts either a JSON or YAML object. The value should be
      * of type [LabelSelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.24/#labelselector-v1-meta).
      * If set with `allowedKubernetesNamespace`, the conditions are `OR`ed.
      */
     allowedKubernetesNamespaceSelector?: pulumi.Input;
     /**
-     * The list of Kubernetes namespaces this role 
+     * The list of Kubernetes namespaces this role
      * can generate credentials for. If set to `*` all namespaces are allowed. If set with
      * `allowedKubernetesNamespaceSelector`, the conditions are `OR`ed.
      */
@@ -401,33 +401,33 @@ export interface SecretBackendRoleArgs {
      */
     backend: pulumi.Input;
     /**
-     * Additional annotations to apply to all generated 
+     * Additional annotations to apply to all generated
      * Kubernetes objects.
      */
     extraAnnotations?: pulumi.Input<{[key: string]: pulumi.Input}>;
     /**
-     * Additional labels to apply to all generated Kubernetes 
+     * Additional labels to apply to all generated Kubernetes
      * objects.
      *
      * This resource also directly accepts all vault.Mount fields.
      */
     extraLabels?: pulumi.Input<{[key: string]: pulumi.Input}>;
     /**
-     * The Role or ClusterRole rules to use when generating 
+     * The Role or ClusterRole rules to use when generating
      * a role. Accepts either JSON or YAML formatted rules. Mutually exclusive with `serviceAccountName`
      * and `kubernetesRoleName`. If set, the entire chain of Kubernetes objects will be generated
      * when credentials are requested.
      */
     generatedRoleRules?: pulumi.Input;
     /**
-     * The pre-existing Role or ClusterRole to bind a 
+     * The pre-existing Role or ClusterRole to bind a
      * generated service account to. Mutually exclusive with `serviceAccountName` and
      * `generatedRoleRules`. If set, Kubernetes token, service account, and role
      * binding objects will be created when credentials are requested.
      */
     kubernetesRoleName?: pulumi.Input;
     /**
-     * Specifies whether the Kubernetes role is a Role or 
+     * Specifies whether the Kubernetes role is a Role or
      * ClusterRole.
      */
     kubernetesRoleType?: pulumi.Input;
@@ -436,7 +436,7 @@ export interface SecretBackendRoleArgs {
      */
     name?: pulumi.Input;
     /**
-     * The name template to use when generating service accounts, 
+     * The name template to use when generating service accounts,
      * roles and role bindings. If unset, a default template is used.
      */
     nameTemplate?: pulumi.Input;
diff --git a/sdk/nodejs/kv/getSecret.ts b/sdk/nodejs/kv/getSecret.ts
index 2aa434db7..e7722b80a 100644
--- a/sdk/nodejs/kv/getSecret.ts
+++ b/sdk/nodejs/kv/getSecret.ts
@@ -82,7 +82,7 @@ export interface GetSecretResult {
      */
     readonly id: string;
     /**
-     * The duration of the secret lease, in seconds. Once 
+     * The duration of the secret lease, in seconds. Once
      * this time has passed any plan generated with this data may fail to apply.
      */
     readonly leaseDuration: number;
@@ -91,7 +91,7 @@ export interface GetSecretResult {
      */
     readonly leaseId: string;
     /**
-     * True if the duration of this lease can be extended 
+     * True if the duration of this lease can be extended
      * through renewal.
      */
     readonly leaseRenewable: boolean;
diff --git a/sdk/nodejs/kv/getSecretSubkeysV2.ts b/sdk/nodejs/kv/getSecretSubkeysV2.ts
index b9e00cc9d..088f26ef9 100644
--- a/sdk/nodejs/kv/getSecretSubkeysV2.ts
+++ b/sdk/nodejs/kv/getSecretSubkeysV2.ts
@@ -79,7 +79,7 @@ export interface GetSecretSubkeysV2Args {
      */
     namespace?: string;
     /**
-     * Specifies the version to return. If not 
+     * Specifies the version to return. If not
      * set the latest version is returned.
      */
     version?: number;
@@ -178,7 +178,7 @@ export interface GetSecretSubkeysV2OutputArgs {
      */
     namespace?: pulumi.Input;
     /**
-     * Specifies the version to return. If not 
+     * Specifies the version to return. If not
      * set the latest version is returned.
      */
     version?: pulumi.Input;
diff --git a/sdk/nodejs/mfaOkta.ts b/sdk/nodejs/mfaOkta.ts
index 82b7ff66f..fb45527ea 100644
--- a/sdk/nodejs/mfaOkta.ts
+++ b/sdk/nodejs/mfaOkta.ts
@@ -69,12 +69,12 @@ export class MfaOkta extends pulumi.CustomResource {
      */
     public readonly apiToken!: pulumi.Output;
     /**
-     * `(string)` - If set, will be used as the base domain for API requests. Examples are `okta.com`, 
+     * `(string)` - If set, will be used as the base domain for API requests. Examples are `okta.com`,
      * `oktapreview.com`, and `okta-emea.com`.
      */
     public readonly baseUrl!: pulumi.Output;
     /**
-     * `(string: )` - The mount to tie this method to for use in automatic mappings. 
+     * `(string: )` - The mount to tie this method to for use in automatic mappings.
      * The mapping will use the Name field of Aliases associated with this mount as the username in the mapping.
      */
     public readonly mountAccessor!: pulumi.Output;
@@ -94,12 +94,12 @@ export class MfaOkta extends pulumi.CustomResource {
      */
     public readonly orgName!: pulumi.Output;
     /**
-     * `(string: )` - If set to true, the username will only match the 
+     * `(string: )` - If set to true, the username will only match the
      * primary email for the account.
      */
     public readonly primaryEmail!: pulumi.Output;
     /**
-     * `(string)` - A format string for mapping Identity names to MFA method names. 
+     * `(string)` - A format string for mapping Identity names to MFA method names.
      * Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`.
      * If blank, the Alias's Name field will be used as-is. Currently-supported mappings:
      * - alias.name: The name returned by the mount configured via the `mountAccessor` parameter
@@ -166,12 +166,12 @@ export interface MfaOktaState {
      */
     apiToken?: pulumi.Input;
     /**
-     * `(string)` - If set, will be used as the base domain for API requests. Examples are `okta.com`, 
+     * `(string)` - If set, will be used as the base domain for API requests. Examples are `okta.com`,
      * `oktapreview.com`, and `okta-emea.com`.
      */
     baseUrl?: pulumi.Input;
     /**
-     * `(string: )` - The mount to tie this method to for use in automatic mappings. 
+     * `(string: )` - The mount to tie this method to for use in automatic mappings.
      * The mapping will use the Name field of Aliases associated with this mount as the username in the mapping.
      */
     mountAccessor?: pulumi.Input;
@@ -191,12 +191,12 @@ export interface MfaOktaState {
      */
     orgName?: pulumi.Input;
     /**
-     * `(string: )` - If set to true, the username will only match the 
+     * `(string: )` - If set to true, the username will only match the
      * primary email for the account.
      */
     primaryEmail?: pulumi.Input;
     /**
-     * `(string)` - A format string for mapping Identity names to MFA method names. 
+     * `(string)` - A format string for mapping Identity names to MFA method names.
      * Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`.
      * If blank, the Alias's Name field will be used as-is. Currently-supported mappings:
      * - alias.name: The name returned by the mount configured via the `mountAccessor` parameter
@@ -216,12 +216,12 @@ export interface MfaOktaArgs {
      */
     apiToken: pulumi.Input;
     /**
-     * `(string)` - If set, will be used as the base domain for API requests. Examples are `okta.com`, 
+     * `(string)` - If set, will be used as the base domain for API requests. Examples are `okta.com`,
      * `oktapreview.com`, and `okta-emea.com`.
      */
     baseUrl?: pulumi.Input;
     /**
-     * `(string: )` - The mount to tie this method to for use in automatic mappings. 
+     * `(string: )` - The mount to tie this method to for use in automatic mappings.
      * The mapping will use the Name field of Aliases associated with this mount as the username in the mapping.
      */
     mountAccessor: pulumi.Input;
@@ -241,12 +241,12 @@ export interface MfaOktaArgs {
      */
     orgName: pulumi.Input;
     /**
-     * `(string: )` - If set to true, the username will only match the 
+     * `(string: )` - If set to true, the username will only match the
      * primary email for the account.
      */
     primaryEmail?: pulumi.Input;
     /**
-     * `(string)` - A format string for mapping Identity names to MFA method names. 
+     * `(string)` - A format string for mapping Identity names to MFA method names.
      * Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`.
      * If blank, the Alias's Name field will be used as-is. Currently-supported mappings:
      * - alias.name: The name returned by the mount configured via the `mountAccessor` parameter
diff --git a/sdk/nodejs/mfaPingid.ts b/sdk/nodejs/mfaPingid.ts
index fd60cd5ca..64159029a 100644
--- a/sdk/nodejs/mfaPingid.ts
+++ b/sdk/nodejs/mfaPingid.ts
@@ -78,7 +78,7 @@ export class MfaPingid extends pulumi.CustomResource {
      */
     public /*out*/ readonly idpUrl!: pulumi.Output;
     /**
-     * `(string: )` - The mount to tie this method to for use in automatic mappings. 
+     * `(string: )` - The mount to tie this method to for use in automatic mappings.
      * The mapping will use the Name field of Aliases associated with this mount as the username in the mapping.
      */
     public readonly mountAccessor!: pulumi.Output;
@@ -115,7 +115,7 @@ export class MfaPingid extends pulumi.CustomResource {
      */
     public /*out*/ readonly useSignature!: pulumi.Output;
     /**
-     * `(string)` - A format string for mapping Identity names to MFA method names. 
+     * `(string)` - A format string for mapping Identity names to MFA method names.
      * Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`.
      * If blank, the Alias's Name field will be used as-is. Currently-supported mappings:
      * - alias.name: The name returned by the mount configured via the `mountAccessor` parameter
@@ -193,7 +193,7 @@ export interface MfaPingidState {
      */
     idpUrl?: pulumi.Input;
     /**
-     * `(string: )` - The mount to tie this method to for use in automatic mappings. 
+     * `(string: )` - The mount to tie this method to for use in automatic mappings.
      * The mapping will use the Name field of Aliases associated with this mount as the username in the mapping.
      */
     mountAccessor?: pulumi.Input;
@@ -230,7 +230,7 @@ export interface MfaPingidState {
      */
     useSignature?: pulumi.Input;
     /**
-     * `(string)` - A format string for mapping Identity names to MFA method names. 
+     * `(string)` - A format string for mapping Identity names to MFA method names.
      * Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`.
      * If blank, the Alias's Name field will be used as-is. Currently-supported mappings:
      * - alias.name: The name returned by the mount configured via the `mountAccessor` parameter
@@ -246,7 +246,7 @@ export interface MfaPingidState {
  */
 export interface MfaPingidArgs {
     /**
-     * `(string: )` - The mount to tie this method to for use in automatic mappings. 
+     * `(string: )` - The mount to tie this method to for use in automatic mappings.
      * The mapping will use the Name field of Aliases associated with this mount as the username in the mapping.
      */
     mountAccessor: pulumi.Input;
@@ -267,7 +267,7 @@ export interface MfaPingidArgs {
      */
     settingsFileBase64: pulumi.Input;
     /**
-     * `(string)` - A format string for mapping Identity names to MFA method names. 
+     * `(string)` - A format string for mapping Identity names to MFA method names.
      * Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`.
      * If blank, the Alias's Name field will be used as-is. Currently-supported mappings:
      * - alias.name: The name returned by the mount configured via the `mountAccessor` parameter
diff --git a/sdk/nodejs/mongodbatlas/secretRole.ts b/sdk/nodejs/mongodbatlas/secretRole.ts
index aa88a89bd..5ac2b4d94 100644
--- a/sdk/nodejs/mongodbatlas/secretRole.ts
+++ b/sdk/nodejs/mongodbatlas/secretRole.ts
@@ -100,7 +100,7 @@ export class SecretRole extends pulumi.CustomResource {
      */
     public readonly namespace!: pulumi.Output;
     /**
-     * Unique identifier for the organization to which the target API Key belongs. 
+     * Unique identifier for the organization to which the target API Key belongs.
      * Required if `projectId` is not set.
      */
     public readonly organizationId!: pulumi.Output;
@@ -203,7 +203,7 @@ export interface SecretRoleState {
      */
     namespace?: pulumi.Input;
     /**
-     * Unique identifier for the organization to which the target API Key belongs. 
+     * Unique identifier for the organization to which the target API Key belongs.
      * Required if `projectId` is not set.
      */
     organizationId?: pulumi.Input;
@@ -258,7 +258,7 @@ export interface SecretRoleArgs {
      */
     namespace?: pulumi.Input;
     /**
-     * Unique identifier for the organization to which the target API Key belongs. 
+     * Unique identifier for the organization to which the target API Key belongs.
      * Required if `projectId` is not set.
      */
     organizationId?: pulumi.Input;
diff --git a/sdk/nodejs/nomadSecretRole.ts b/sdk/nodejs/nomadSecretRole.ts
index 47c6aa5de..173c4238f 100644
--- a/sdk/nodejs/nomadSecretRole.ts
+++ b/sdk/nodejs/nomadSecretRole.ts
@@ -68,7 +68,7 @@ export class NomadSecretRole extends pulumi.CustomResource {
      */
     public readonly backend!: pulumi.Output;
     /**
-     * Specifies if the generated token should be global. Defaults to 
+     * Specifies if the generated token should be global. Defaults to
      * false.
      */
     public readonly global!: pulumi.Output;
@@ -80,7 +80,7 @@ export class NomadSecretRole extends pulumi.CustomResource {
      */
     public readonly namespace!: pulumi.Output;
     /**
-     * List of policies attached to the generated token. This setting is only used 
+     * List of policies attached to the generated token. This setting is only used
      * when `type` is 'client'.
      */
     public readonly policies!: pulumi.Output;
@@ -90,7 +90,7 @@ export class NomadSecretRole extends pulumi.CustomResource {
      */
     public readonly role!: pulumi.Output;
     /**
-     * Specifies the type of token to create when using this role. Valid 
+     * Specifies the type of token to create when using this role. Valid
      * settings are 'client' and 'management'. Defaults to 'client'.
      */
     public readonly type!: pulumi.Output;
@@ -143,7 +143,7 @@ export interface NomadSecretRoleState {
      */
     backend?: pulumi.Input;
     /**
-     * Specifies if the generated token should be global. Defaults to 
+     * Specifies if the generated token should be global. Defaults to
      * false.
      */
     global?: pulumi.Input;
@@ -155,7 +155,7 @@ export interface NomadSecretRoleState {
      */
     namespace?: pulumi.Input;
     /**
-     * List of policies attached to the generated token. This setting is only used 
+     * List of policies attached to the generated token. This setting is only used
      * when `type` is 'client'.
      */
     policies?: pulumi.Input[]>;
@@ -165,7 +165,7 @@ export interface NomadSecretRoleState {
      */
     role?: pulumi.Input;
     /**
-     * Specifies the type of token to create when using this role. Valid 
+     * Specifies the type of token to create when using this role. Valid
      * settings are 'client' and 'management'. Defaults to 'client'.
      */
     type?: pulumi.Input;
@@ -180,7 +180,7 @@ export interface NomadSecretRoleArgs {
      */
     backend: pulumi.Input;
     /**
-     * Specifies if the generated token should be global. Defaults to 
+     * Specifies if the generated token should be global. Defaults to
      * false.
      */
     global?: pulumi.Input;
@@ -192,7 +192,7 @@ export interface NomadSecretRoleArgs {
      */
     namespace?: pulumi.Input;
     /**
-     * List of policies attached to the generated token. This setting is only used 
+     * List of policies attached to the generated token. This setting is only used
      * when `type` is 'client'.
      */
     policies?: pulumi.Input[]>;
@@ -202,7 +202,7 @@ export interface NomadSecretRoleArgs {
      */
     role: pulumi.Input;
     /**
-     * Specifies the type of token to create when using this role. Valid 
+     * Specifies the type of token to create when using this role. Valid
      * settings are 'client' and 'management'. Defaults to 'client'.
      */
     type?: pulumi.Input;
diff --git a/sdk/nodejs/pkisecret/getBackendIssuer.ts b/sdk/nodejs/pkisecret/getBackendIssuer.ts
index cd5bc8bf5..1a44234bb 100644
--- a/sdk/nodejs/pkisecret/getBackendIssuer.ts
+++ b/sdk/nodejs/pkisecret/getBackendIssuer.ts
@@ -96,7 +96,7 @@ export interface GetBackendIssuerResult {
      */
     readonly leafNotAfterBehavior: string;
     /**
-     * Chain of issuer references to build this issuer's computed 
+     * Chain of issuer references to build this issuer's computed
      * CAChain field from, when non-empty.
      */
     readonly manualChains: string[];
diff --git a/sdk/nodejs/pkisecret/secretBackendCrlConfig.ts b/sdk/nodejs/pkisecret/secretBackendCrlConfig.ts
index 04af1058f..110cbd62a 100644
--- a/sdk/nodejs/pkisecret/secretBackendCrlConfig.ts
+++ b/sdk/nodejs/pkisecret/secretBackendCrlConfig.ts
@@ -79,7 +79,7 @@ export class SecretBackendCrlConfig extends pulumi.CustomResource {
      */
     public readonly disable!: pulumi.Output;
     /**
-     * Enables building of delta CRLs with up-to-date revocation information, 
+     * Enables building of delta CRLs with up-to-date revocation information,
      * augmenting the last complete CRL.  **Vault 1.12+**
      */
     public readonly enableDelta!: pulumi.Output;
@@ -99,7 +99,7 @@ export class SecretBackendCrlConfig extends pulumi.CustomResource {
      */
     public readonly ocspDisable!: pulumi.Output;
     /**
-     * The amount of time an OCSP response can be cached for, useful for OCSP stapling 
+     * The amount of time an OCSP response can be cached for, useful for OCSP stapling
      * refresh durations. **Vault 1.12+**
      */
     public readonly ocspExpiry!: pulumi.Output;
@@ -192,7 +192,7 @@ export interface SecretBackendCrlConfigState {
      */
     disable?: pulumi.Input;
     /**
-     * Enables building of delta CRLs with up-to-date revocation information, 
+     * Enables building of delta CRLs with up-to-date revocation information,
      * augmenting the last complete CRL.  **Vault 1.12+**
      */
     enableDelta?: pulumi.Input;
@@ -212,7 +212,7 @@ export interface SecretBackendCrlConfigState {
      */
     ocspDisable?: pulumi.Input;
     /**
-     * The amount of time an OCSP response can be cached for, useful for OCSP stapling 
+     * The amount of time an OCSP response can be cached for, useful for OCSP stapling
      * refresh durations. **Vault 1.12+**
      */
     ocspExpiry?: pulumi.Input;
@@ -256,7 +256,7 @@ export interface SecretBackendCrlConfigArgs {
      */
     disable?: pulumi.Input;
     /**
-     * Enables building of delta CRLs with up-to-date revocation information, 
+     * Enables building of delta CRLs with up-to-date revocation information,
      * augmenting the last complete CRL.  **Vault 1.12+**
      */
     enableDelta?: pulumi.Input;
@@ -276,7 +276,7 @@ export interface SecretBackendCrlConfigArgs {
      */
     ocspDisable?: pulumi.Input;
     /**
-     * The amount of time an OCSP response can be cached for, useful for OCSP stapling 
+     * The amount of time an OCSP response can be cached for, useful for OCSP stapling
      * refresh durations. **Vault 1.12+**
      */
     ocspExpiry?: pulumi.Input;
diff --git a/sdk/nodejs/pkisecret/secretBackendKey.ts b/sdk/nodejs/pkisecret/secretBackendKey.ts
index a4fe9ad53..ce5a75a35 100644
--- a/sdk/nodejs/pkisecret/secretBackendKey.ts
+++ b/sdk/nodejs/pkisecret/secretBackendKey.ts
@@ -48,7 +48,7 @@ export class SecretBackendKey extends pulumi.CustomResource {
      */
     public readonly backend!: pulumi.Output;
     /**
-     * Specifies the number of bits to use for the generated keys. 
+     * Specifies the number of bits to use for the generated keys.
      * Allowed values are 0 (universal default); with `key_type=rsa`, allowed values are:
      * 2048 (default), 3072, or 4096; with `key_type=ec`, allowed values are: 224, 256 (default),
      * 384, or 521; ignored with `key_type=ed25519`.
@@ -59,7 +59,7 @@ export class SecretBackendKey extends pulumi.CustomResource {
      */
     public /*out*/ readonly keyId!: pulumi.Output;
     /**
-     * When a new key is created with this request, optionally specifies the name for this. 
+     * When a new key is created with this request, optionally specifies the name for this.
      * The global ref `default` may not be used as a name.
      */
     public readonly keyName!: pulumi.Output;
@@ -141,7 +141,7 @@ export interface SecretBackendKeyState {
      */
     backend?: pulumi.Input;
     /**
-     * Specifies the number of bits to use for the generated keys. 
+     * Specifies the number of bits to use for the generated keys.
      * Allowed values are 0 (universal default); with `key_type=rsa`, allowed values are:
      * 2048 (default), 3072, or 4096; with `key_type=ec`, allowed values are: 224, 256 (default),
      * 384, or 521; ignored with `key_type=ed25519`.
@@ -152,7 +152,7 @@ export interface SecretBackendKeyState {
      */
     keyId?: pulumi.Input;
     /**
-     * When a new key is created with this request, optionally specifies the name for this. 
+     * When a new key is created with this request, optionally specifies the name for this.
      * The global ref `default` may not be used as a name.
      */
     keyName?: pulumi.Input;
@@ -190,14 +190,14 @@ export interface SecretBackendKeyArgs {
      */
     backend: pulumi.Input;
     /**
-     * Specifies the number of bits to use for the generated keys. 
+     * Specifies the number of bits to use for the generated keys.
      * Allowed values are 0 (universal default); with `key_type=rsa`, allowed values are:
      * 2048 (default), 3072, or 4096; with `key_type=ec`, allowed values are: 224, 256 (default),
      * 384, or 521; ignored with `key_type=ed25519`.
      */
     keyBits?: pulumi.Input;
     /**
-     * When a new key is created with this request, optionally specifies the name for this. 
+     * When a new key is created with this request, optionally specifies the name for this.
      * The global ref `default` may not be used as a name.
      */
     keyName?: pulumi.Input;
diff --git a/sdk/nodejs/pkisecret/secretBackendRootSignIntermediate.ts b/sdk/nodejs/pkisecret/secretBackendRootSignIntermediate.ts
index ec2bb5fd3..b83642fdd 100644
--- a/sdk/nodejs/pkisecret/secretBackendRootSignIntermediate.ts
+++ b/sdk/nodejs/pkisecret/secretBackendRootSignIntermediate.ts
@@ -70,7 +70,7 @@ export class SecretBackendRootSignIntermediate extends pulumi.CustomResource {
      */
     public /*out*/ readonly certificate!: pulumi.Output;
     /**
-     * The concatenation of the intermediate CA and the issuing CA certificates (PEM encoded). 
+     * The concatenation of the intermediate CA and the issuing CA certificates (PEM encoded).
      * Requires the `format` to be set to any of: pem, pem_bundle. The value will be empty for all other formats.
      */
     public /*out*/ readonly certificateBundle!: pulumi.Output;
@@ -280,7 +280,7 @@ export interface SecretBackendRootSignIntermediateState {
      */
     certificate?: pulumi.Input;
     /**
-     * The concatenation of the intermediate CA and the issuing CA certificates (PEM encoded). 
+     * The concatenation of the intermediate CA and the issuing CA certificates (PEM encoded).
      * Requires the `format` to be set to any of: pem, pem_bundle. The value will be empty for all other formats.
      */
     certificateBundle?: pulumi.Input;
diff --git a/sdk/nodejs/raftAutopilot.ts b/sdk/nodejs/raftAutopilot.ts
index 2e13dfb40..892c798e5 100644
--- a/sdk/nodejs/raftAutopilot.ts
+++ b/sdk/nodejs/raftAutopilot.ts
@@ -68,7 +68,7 @@ export class RaftAutopilot extends pulumi.CustomResource {
      */
     public readonly cleanupDeadServers!: pulumi.Output;
     /**
-     * Limit the amount of time a 
+     * Limit the amount of time a
      * server can go without leader contact before being considered failed. This only takes
      * effect when `cleanupDeadServers` is set.
      */
@@ -78,17 +78,17 @@ export class RaftAutopilot extends pulumi.CustomResource {
      */
     public readonly disableUpgradeMigration!: pulumi.Output;
     /**
-     * Limit the amount of time a server can go 
+     * Limit the amount of time a server can go
      * without leader contact before being considered unhealthy.
      */
     public readonly lastContactThreshold!: pulumi.Output;
     /**
-     * Maximum number of log entries in the Raft log 
+     * Maximum number of log entries in the Raft log
      * that a server can be behind its leader before being considered unhealthy.
      */
     public readonly maxTrailingLogs!: pulumi.Output;
     /**
-     * Minimum number of servers allowed in a cluster before 
+     * Minimum number of servers allowed in a cluster before
      * autopilot can prune dead servers. This should at least be 3. Applicable only for
      * voting nodes.
      */
@@ -101,7 +101,7 @@ export class RaftAutopilot extends pulumi.CustomResource {
      */
     public readonly namespace!: pulumi.Output;
     /**
-     * Minimum amount of time a server must be 
+     * Minimum amount of time a server must be
      * stable in the 'healthy' state before being added to the cluster.
      */
     public readonly serverStabilizationTime!: pulumi.Output;
@@ -153,7 +153,7 @@ export interface RaftAutopilotState {
      */
     cleanupDeadServers?: pulumi.Input;
     /**
-     * Limit the amount of time a 
+     * Limit the amount of time a
      * server can go without leader contact before being considered failed. This only takes
      * effect when `cleanupDeadServers` is set.
      */
@@ -163,17 +163,17 @@ export interface RaftAutopilotState {
      */
     disableUpgradeMigration?: pulumi.Input;
     /**
-     * Limit the amount of time a server can go 
+     * Limit the amount of time a server can go
      * without leader contact before being considered unhealthy.
      */
     lastContactThreshold?: pulumi.Input;
     /**
-     * Maximum number of log entries in the Raft log 
+     * Maximum number of log entries in the Raft log
      * that a server can be behind its leader before being considered unhealthy.
      */
     maxTrailingLogs?: pulumi.Input;
     /**
-     * Minimum number of servers allowed in a cluster before 
+     * Minimum number of servers allowed in a cluster before
      * autopilot can prune dead servers. This should at least be 3. Applicable only for
      * voting nodes.
      */
@@ -186,7 +186,7 @@ export interface RaftAutopilotState {
      */
     namespace?: pulumi.Input;
     /**
-     * Minimum amount of time a server must be 
+     * Minimum amount of time a server must be
      * stable in the 'healthy' state before being added to the cluster.
      */
     serverStabilizationTime?: pulumi.Input;
@@ -202,7 +202,7 @@ export interface RaftAutopilotArgs {
      */
     cleanupDeadServers?: pulumi.Input;
     /**
-     * Limit the amount of time a 
+     * Limit the amount of time a
      * server can go without leader contact before being considered failed. This only takes
      * effect when `cleanupDeadServers` is set.
      */
@@ -212,17 +212,17 @@ export interface RaftAutopilotArgs {
      */
     disableUpgradeMigration?: pulumi.Input;
     /**
-     * Limit the amount of time a server can go 
+     * Limit the amount of time a server can go
      * without leader contact before being considered unhealthy.
      */
     lastContactThreshold?: pulumi.Input;
     /**
-     * Maximum number of log entries in the Raft log 
+     * Maximum number of log entries in the Raft log
      * that a server can be behind its leader before being considered unhealthy.
      */
     maxTrailingLogs?: pulumi.Input;
     /**
-     * Minimum number of servers allowed in a cluster before 
+     * Minimum number of servers allowed in a cluster before
      * autopilot can prune dead servers. This should at least be 3. Applicable only for
      * voting nodes.
      */
@@ -235,7 +235,7 @@ export interface RaftAutopilotArgs {
      */
     namespace?: pulumi.Input;
     /**
-     * Minimum amount of time a server must be 
+     * Minimum amount of time a server must be
      * stable in the 'healthy' state before being added to the cluster.
      */
     serverStabilizationTime?: pulumi.Input;
diff --git a/sdk/nodejs/raftSnapshotAgentConfig.ts b/sdk/nodejs/raftSnapshotAgentConfig.ts
index 6ebb10548..2826f33a5 100644
--- a/sdk/nodejs/raftSnapshotAgentConfig.ts
+++ b/sdk/nodejs/raftSnapshotAgentConfig.ts
@@ -7,7 +7,7 @@ import * as utilities from "./utilities";
 /**
  * ## Example Usage
  *
- * ### Local Storage
+ * #### Local Storage
  * ```typescript
  * import * as pulumi from "@pulumi/pulumi";
  * import * as vault from "@pulumi/vault";
@@ -22,7 +22,7 @@ import * as utilities from "./utilities";
  * });
  * ```
  *
- * ### AWS S3
+ * #### AWS S3
  * ```typescript
  * import * as pulumi from "@pulumi/pulumi";
  * import * as aws from "@pulumi/aws";
@@ -46,7 +46,7 @@ import * as utilities from "./utilities";
  * });
  * ```
  *
- * ### Azure BLOB
+ * #### Azure BLOB
  *
  * ```typescript
  * import * as pulumi from "@pulumi/pulumi";
diff --git a/sdk/nodejs/saml/authBackend.ts b/sdk/nodejs/saml/authBackend.ts
index c1ea556fa..78c5cd6cf 100644
--- a/sdk/nodejs/saml/authBackend.ts
+++ b/sdk/nodejs/saml/authBackend.ts
@@ -5,6 +5,15 @@ import * as pulumi from "@pulumi/pulumi";
 import * as utilities from "../utilities";
 
 /**
+ * layout: "vault"
+ * page_title: "Vault: vault.saml.AuthBackend resource"
+ * sidebar_current: "docs-vault-saml-auth-backend"
+ * description: |-
+ * Manages SAML Auth mounts in Vault.
+ * 
+ *
+ * # vault\_saml\_auth\_backend
+ *
  * Manages a SAML Auth mount in a Vault server. See the [Vault
  * documentation](https://www.vaultproject.io/docs/auth/saml/) for more
  * information.
@@ -93,7 +102,7 @@ export class AuthBackend extends pulumi.CustomResource {
      */
     public readonly idpMetadataUrl!: pulumi.Output;
     /**
-     * The SSO URL of the identity provider. Mutually exclusive with 
+     * The SSO URL of the identity provider. Mutually exclusive with
      * `idpMetadataUrl`.
      */
     public readonly idpSsoUrl!: pulumi.Output;
@@ -202,7 +211,7 @@ export interface AuthBackendState {
      */
     idpMetadataUrl?: pulumi.Input;
     /**
-     * The SSO URL of the identity provider. Mutually exclusive with 
+     * The SSO URL of the identity provider. Mutually exclusive with
      * `idpMetadataUrl`.
      */
     idpSsoUrl?: pulumi.Input;
@@ -263,7 +272,7 @@ export interface AuthBackendArgs {
      */
     idpMetadataUrl?: pulumi.Input;
     /**
-     * The SSO URL of the identity provider. Mutually exclusive with 
+     * The SSO URL of the identity provider. Mutually exclusive with
      * `idpMetadataUrl`.
      */
     idpSsoUrl?: pulumi.Input;
diff --git a/sdk/nodejs/saml/authBackendRole.ts b/sdk/nodejs/saml/authBackendRole.ts
index d5d72490f..a288f7a7f 100644
--- a/sdk/nodejs/saml/authBackendRole.ts
+++ b/sdk/nodejs/saml/authBackendRole.ts
@@ -5,6 +5,15 @@ import * as pulumi from "@pulumi/pulumi";
 import * as utilities from "../utilities";
 
 /**
+ * layout: "vault"
+ * page_title: "Vault: vault.saml.AuthBackendRole resource"
+ * sidebar_current: "docs-vault-resource-saml-auth-backend-role"
+ * description: |-
+ * Manages SAML auth backend roles in Vault.
+ * 
+ *
+ * # vault\_saml\_auth\_backend\_role
+ *
  * Manages an SAML auth backend role in a Vault server. See the [Vault
  * documentation](https://www.vaultproject.io/docs/auth/saml.html) for more
  * information.
diff --git a/sdk/nodejs/secrets/syncAwsDestination.ts b/sdk/nodejs/secrets/syncAwsDestination.ts
index 364ff75b6..6a40e7102 100644
--- a/sdk/nodejs/secrets/syncAwsDestination.ts
+++ b/sdk/nodejs/secrets/syncAwsDestination.ts
@@ -80,7 +80,7 @@ export class SyncAwsDestination extends pulumi.CustomResource {
      */
     public readonly externalId!: pulumi.Output;
     /**
-     * Determines what level of information is synced as a distinct resource 
+     * Determines what level of information is synced as a distinct resource
      * at the destination. Supports `secret-path` and `secret-key`.
      */
     public readonly granularity!: pulumi.Output;
@@ -101,7 +101,7 @@ export class SyncAwsDestination extends pulumi.CustomResource {
      */
     public readonly region!: pulumi.Output;
     /**
-     * Specifies a role to assume when connecting to AWS. When assuming a role, 
+     * Specifies a role to assume when connecting to AWS. When assuming a role,
      * Vault uses temporary STS credentials to authenticate. An initial session with the proper trust relationship must
      * exist for Vault to be able to assume this role. The role can be in a different account.
      * The value is mutable as long as the new role targets the same AWS account ID. If not, the BE will return an error.
@@ -192,7 +192,7 @@ export interface SyncAwsDestinationState {
      */
     externalId?: pulumi.Input;
     /**
-     * Determines what level of information is synced as a distinct resource 
+     * Determines what level of information is synced as a distinct resource
      * at the destination. Supports `secret-path` and `secret-key`.
      */
     granularity?: pulumi.Input;
@@ -213,7 +213,7 @@ export interface SyncAwsDestinationState {
      */
     region?: pulumi.Input;
     /**
-     * Specifies a role to assume when connecting to AWS. When assuming a role, 
+     * Specifies a role to assume when connecting to AWS. When assuming a role,
      * Vault uses temporary STS credentials to authenticate. An initial session with the proper trust relationship must
      * exist for Vault to be able to assume this role. The role can be in a different account.
      * The value is mutable as long as the new role targets the same AWS account ID. If not, the BE will return an error.
@@ -260,7 +260,7 @@ export interface SyncAwsDestinationArgs {
      */
     externalId?: pulumi.Input;
     /**
-     * Determines what level of information is synced as a distinct resource 
+     * Determines what level of information is synced as a distinct resource
      * at the destination. Supports `secret-path` and `secret-key`.
      */
     granularity?: pulumi.Input;
@@ -281,7 +281,7 @@ export interface SyncAwsDestinationArgs {
      */
     region?: pulumi.Input;
     /**
-     * Specifies a role to assume when connecting to AWS. When assuming a role, 
+     * Specifies a role to assume when connecting to AWS. When assuming a role,
      * Vault uses temporary STS credentials to authenticate. An initial session with the proper trust relationship must
      * exist for Vault to be able to assume this role. The role can be in a different account.
      * The value is mutable as long as the new role targets the same AWS account ID. If not, the BE will return an error.
diff --git a/sdk/nodejs/secrets/syncGhDestination.ts b/sdk/nodejs/secrets/syncGhDestination.ts
index 1eeaa5c48..a7dec140f 100644
--- a/sdk/nodejs/secrets/syncGhDestination.ts
+++ b/sdk/nodejs/secrets/syncGhDestination.ts
@@ -63,8 +63,7 @@ export class SyncGhDestination extends pulumi.CustomResource {
      */
     public readonly accessToken!: pulumi.Output;
     /**
-     * The user-defined name of the GitHub App configuration. This is a reference to the name used   
-     * on the new endpoint when configuring the GitHub app on the Vault Server. Can be modified.
+     * The user-defined name of the GitHub App configuration. This is a reference to the name usedon the new endpoint when configuring the GitHub app on the Vault Server. Can be modified.
      * Takes precedence over the `accessToken` field.
      */
     public readonly appName!: pulumi.Output;
@@ -74,7 +73,7 @@ export class SyncGhDestination extends pulumi.CustomResource {
      */
     public readonly granularity!: pulumi.Output;
     /**
-     * The ID of the installation generated by GitHub when the app referenced by the `appName` 
+     * The ID of the installation generated by GitHub when the app referenced by the `appName`
      * was installed in the user’s GitHub account. Can be modified. Necessary if the `appName` field is also provided.
      */
     public readonly installationId!: pulumi.Output;
@@ -164,8 +163,7 @@ export interface SyncGhDestinationState {
      */
     accessToken?: pulumi.Input;
     /**
-     * The user-defined name of the GitHub App configuration. This is a reference to the name used   
-     * on the new endpoint when configuring the GitHub app on the Vault Server. Can be modified.
+     * The user-defined name of the GitHub App configuration. This is a reference to the name usedon the new endpoint when configuring the GitHub app on the Vault Server. Can be modified.
      * Takes precedence over the `accessToken` field.
      */
     appName?: pulumi.Input;
@@ -175,7 +173,7 @@ export interface SyncGhDestinationState {
      */
     granularity?: pulumi.Input;
     /**
-     * The ID of the installation generated by GitHub when the app referenced by the `appName` 
+     * The ID of the installation generated by GitHub when the app referenced by the `appName`
      * was installed in the user’s GitHub account. Can be modified. Necessary if the `appName` field is also provided.
      */
     installationId?: pulumi.Input;
@@ -223,8 +221,7 @@ export interface SyncGhDestinationArgs {
      */
     accessToken?: pulumi.Input;
     /**
-     * The user-defined name of the GitHub App configuration. This is a reference to the name used   
-     * on the new endpoint when configuring the GitHub app on the Vault Server. Can be modified.
+     * The user-defined name of the GitHub App configuration. This is a reference to the name usedon the new endpoint when configuring the GitHub app on the Vault Server. Can be modified.
      * Takes precedence over the `accessToken` field.
      */
     appName?: pulumi.Input;
@@ -234,7 +231,7 @@ export interface SyncGhDestinationArgs {
      */
     granularity?: pulumi.Input;
     /**
-     * The ID of the installation generated by GitHub when the app referenced by the `appName` 
+     * The ID of the installation generated by GitHub when the app referenced by the `appName`
      * was installed in the user’s GitHub account. Can be modified. Necessary if the `appName` field is also provided.
      */
     installationId?: pulumi.Input;
diff --git a/sdk/nodejs/ssh/secretBackendRole.ts b/sdk/nodejs/ssh/secretBackendRole.ts
index 97c6c2768..1921c7fa4 100644
--- a/sdk/nodejs/ssh/secretBackendRole.ts
+++ b/sdk/nodejs/ssh/secretBackendRole.ts
@@ -111,9 +111,7 @@ export class SecretBackendRole extends pulumi.CustomResource {
      */
     public readonly allowedExtensions!: pulumi.Output;
     /**
-     * Set of configuration blocks to define allowed  
-     * user key configuration, like key type and their lengths. Can be specified multiple times.
-     * *See Configuration-Options for more info*
+     * Set of configuration blocks to define alloweduser key configuration, like key type and their lengths. Can be specified multiple times.*See Configuration-Options for more info*
      */
     public readonly allowedUserKeyConfigs!: pulumi.Output;
     /**
@@ -305,9 +303,7 @@ export interface SecretBackendRoleState {
      */
     allowedExtensions?: pulumi.Input;
     /**
-     * Set of configuration blocks to define allowed  
-     * user key configuration, like key type and their lengths. Can be specified multiple times.
-     * *See Configuration-Options for more info*
+     * Set of configuration blocks to define alloweduser key configuration, like key type and their lengths. Can be specified multiple times.*See Configuration-Options for more info*
      */
     allowedUserKeyConfigs?: pulumi.Input[]>;
     /**
@@ -421,9 +417,7 @@ export interface SecretBackendRoleArgs {
      */
     allowedExtensions?: pulumi.Input;
     /**
-     * Set of configuration blocks to define allowed  
-     * user key configuration, like key type and their lengths. Can be specified multiple times.
-     * *See Configuration-Options for more info*
+     * Set of configuration blocks to define alloweduser key configuration, like key type and their lengths. Can be specified multiple times.*See Configuration-Options for more info*
      */
     allowedUserKeyConfigs?: pulumi.Input[]>;
     /**
diff --git a/sdk/nodejs/terraformcloud/secretCreds.ts b/sdk/nodejs/terraformcloud/secretCreds.ts
index 55faaadc0..7bdeadfa3 100644
--- a/sdk/nodejs/terraformcloud/secretCreds.ts
+++ b/sdk/nodejs/terraformcloud/secretCreds.ts
@@ -58,7 +58,7 @@ export class SecretCreds extends pulumi.CustomResource {
 
     public readonly backend!: pulumi.Output;
     /**
-     * The lease associated with the token. Only user tokens will have a 
+     * The lease associated with the token. Only user tokens will have a
      * Vault lease associated with them.
      */
     public /*out*/ readonly leaseId!: pulumi.Output;
@@ -87,7 +87,7 @@ export class SecretCreds extends pulumi.CustomResource {
      */
     public /*out*/ readonly token!: pulumi.Output;
     /**
-     * The public identifier for a specific token. It can be used 
+     * The public identifier for a specific token. It can be used
      * to look up information about a token or to revoke a token.
      */
     public /*out*/ readonly tokenId!: pulumi.Output;
@@ -143,7 +143,7 @@ export class SecretCreds extends pulumi.CustomResource {
 export interface SecretCredsState {
     backend?: pulumi.Input;
     /**
-     * The lease associated with the token. Only user tokens will have a 
+     * The lease associated with the token. Only user tokens will have a
      * Vault lease associated with them.
      */
     leaseId?: pulumi.Input;
@@ -172,7 +172,7 @@ export interface SecretCredsState {
      */
     token?: pulumi.Input;
     /**
-     * The public identifier for a specific token. It can be used 
+     * The public identifier for a specific token. It can be used
      * to look up information about a token or to revoke a token.
      */
     tokenId?: pulumi.Input;
diff --git a/sdk/nodejs/tokenauth/authBackendRole.ts b/sdk/nodejs/tokenauth/authBackendRole.ts
index 29e5ee9f2..90b35ab05 100644
--- a/sdk/nodejs/tokenauth/authBackendRole.ts
+++ b/sdk/nodejs/tokenauth/authBackendRole.ts
@@ -100,8 +100,6 @@ export class AuthBackendRole extends pulumi.CustomResource {
     public readonly orphan!: pulumi.Output;
     /**
      * Tokens created against this role will have the given suffix as part of their path in addition to the role name.
-     *
-     * > Due to a bug the resource. This *will* cause all existing tokens issued by this role to be revoked.
      */
     public readonly pathSuffix!: pulumi.Output;
     /**
@@ -248,8 +246,6 @@ export interface AuthBackendRoleState {
     orphan?: pulumi.Input;
     /**
      * Tokens created against this role will have the given suffix as part of their path in addition to the role name.
-     *
-     * > Due to a bug the resource. This *will* cause all existing tokens issued by this role to be revoked.
      */
     pathSuffix?: pulumi.Input;
     /**
@@ -335,8 +331,6 @@ export interface AuthBackendRoleArgs {
     orphan?: pulumi.Input;
     /**
      * Tokens created against this role will have the given suffix as part of their path in addition to the role name.
-     *
-     * > Due to a bug the resource. This *will* cause all existing tokens issued by this role to be revoked.
      */
     pathSuffix?: pulumi.Input;
     /**
diff --git a/sdk/nodejs/transform/template.ts b/sdk/nodejs/transform/template.ts
index 249103f77..e8f21555e 100644
--- a/sdk/nodejs/transform/template.ts
+++ b/sdk/nodejs/transform/template.ts
@@ -10,7 +10,7 @@ import * as utilities from "../utilities";
  * It creates or updates a template with the given name. If a template with the name does not exist,
  * it will be created. If the template exists, it will be updated with the new attributes.
  *
- * > Requires _Vault Enterprise with the Advanced Data Protection Transform Module_.
+ * > Requires *Vault Enterprise with the Advanced Data Protection Transform Module*.
  * See [Transform Secrets Engine](https://www.vaultproject.io/docs/secrets/transform)
  * for more information.
  *
diff --git a/sdk/nodejs/types/input.ts b/sdk/nodejs/types/input.ts
index 31ae319be..b42fc8ce4 100644
--- a/sdk/nodejs/types/input.ts
+++ b/sdk/nodejs/types/input.ts
@@ -2489,7 +2489,6 @@ export namespace gcp {
          * Specifies the type of tokens that should be returned by
          * the mount. Valid values are "default-service", "default-batch", "service", "batch".
          *
-         *
          * For more details on the usage of each argument consult the [Vault GCP API documentation](https://www.vaultproject.io/api-docs/auth/gcp#configure).
          */
         tokenType?: pulumi.Input;
diff --git a/sdk/nodejs/types/output.ts b/sdk/nodejs/types/output.ts
index d18cdd908..e0e67a2fc 100644
--- a/sdk/nodejs/types/output.ts
+++ b/sdk/nodejs/types/output.ts
@@ -2436,7 +2436,6 @@ export namespace gcp {
          * Specifies the type of tokens that should be returned by
          * the mount. Valid values are "default-service", "default-batch", "service", "batch".
          *
-         *
          * For more details on the usage of each argument consult the [Vault GCP API documentation](https://www.vaultproject.io/api-docs/auth/gcp#configure).
          */
         tokenType?: string;
diff --git a/sdk/python/pulumi_vault/audit.py b/sdk/python/pulumi_vault/audit.py
index cccc33c0a..063694c2f 100644
--- a/sdk/python/pulumi_vault/audit.py
+++ b/sdk/python/pulumi_vault/audit.py
@@ -252,7 +252,7 @@ def __init__(__self__,
         """
         ## Example Usage
 
-        ### File Audit Device)
+        ### file audit device)
 
         ```python
         import pulumi
@@ -265,7 +265,7 @@ def __init__(__self__,
             })
         ```
 
-        ### Socket Audit Device)
+        ### socket audit device)
 
         ```python
         import pulumi
@@ -313,7 +313,7 @@ def __init__(__self__,
         """
         ## Example Usage
 
-        ### File Audit Device)
+        ### file audit device)
 
         ```python
         import pulumi
@@ -326,7 +326,7 @@ def __init__(__self__,
             })
         ```
 
-        ### Socket Audit Device)
+        ### socket audit device)
 
         ```python
         import pulumi
diff --git a/sdk/python/pulumi_vault/aws/auth_backend_client.py b/sdk/python/pulumi_vault/aws/auth_backend_client.py
index 4eb3c9a97..425c5e2b8 100644
--- a/sdk/python/pulumi_vault/aws/auth_backend_client.py
+++ b/sdk/python/pulumi_vault/aws/auth_backend_client.py
@@ -41,11 +41,11 @@ def __init__(__self__, *,
         :param pulumi.Input[str] iam_server_id_header_value: The value to require in the
                `X-Vault-AWS-IAM-Server-ID` header as part of `GetCallerIdentity` requests
                that are used in the IAM auth method.
-        :param pulumi.Input[str] identity_token_audience: The audience claim value. Mutually exclusive with `access_key`. 
+        :param pulumi.Input[str] identity_token_audience: The audience claim value. Mutually exclusive with `access_key`.
                Requires Vault 1.17+. *Available only for Vault Enterprise*
         :param pulumi.Input[int] identity_token_ttl: The TTL of generated identity tokens in seconds. Requires Vault 1.17+.
                *Available only for Vault Enterprise*
-        :param pulumi.Input[int] max_retries: Number of max retries the client should use for recoverable errors. 
+        :param pulumi.Input[int] max_retries: Number of max retries the client should use for recoverable errors.
                The default `-1` falls back to the AWS SDK's default behavior.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
@@ -57,9 +57,9 @@ def __init__(__self__, *,
                auth backend.
         :param pulumi.Input[str] sts_endpoint: Override the URL Vault uses when making STS API
                calls.
-        :param pulumi.Input[str] sts_region: Override the default region when making STS API 
+        :param pulumi.Input[str] sts_region: Override the default region when making STS API
                calls. The `sts_endpoint` argument must be set when using `sts_region`.
-        :param pulumi.Input[bool] use_sts_region_from_client: Available in Vault v1.15+. If set, 
+        :param pulumi.Input[bool] use_sts_region_from_client: Available in Vault v1.15+. If set,
                overrides both `sts_endpoint` and `sts_region` to instead use the region
                specified in the client request headers for IAM-based authentication.
                This can be useful when you have client requests coming from different
@@ -164,7 +164,7 @@ def iam_server_id_header_value(self, value: Optional[pulumi.Input[str]]):
     @pulumi.getter(name="identityTokenAudience")
     def identity_token_audience(self) -> Optional[pulumi.Input[str]]:
         """
-        The audience claim value. Mutually exclusive with `access_key`. 
+        The audience claim value. Mutually exclusive with `access_key`.
         Requires Vault 1.17+. *Available only for Vault Enterprise*
         """
         return pulumi.get(self, "identity_token_audience")
@@ -190,7 +190,7 @@ def identity_token_ttl(self, value: Optional[pulumi.Input[int]]):
     @pulumi.getter(name="maxRetries")
     def max_retries(self) -> Optional[pulumi.Input[int]]:
         """
-        Number of max retries the client should use for recoverable errors. 
+        Number of max retries the client should use for recoverable errors.
         The default `-1` falls back to the AWS SDK's default behavior.
         """
         return pulumi.get(self, "max_retries")
@@ -257,7 +257,7 @@ def sts_endpoint(self, value: Optional[pulumi.Input[str]]):
     @pulumi.getter(name="stsRegion")
     def sts_region(self) -> Optional[pulumi.Input[str]]:
         """
-        Override the default region when making STS API 
+        Override the default region when making STS API
         calls. The `sts_endpoint` argument must be set when using `sts_region`.
         """
         return pulumi.get(self, "sts_region")
@@ -270,7 +270,7 @@ def sts_region(self, value: Optional[pulumi.Input[str]]):
     @pulumi.getter(name="useStsRegionFromClient")
     def use_sts_region_from_client(self) -> Optional[pulumi.Input[bool]]:
         """
-        Available in Vault v1.15+. If set, 
+        Available in Vault v1.15+. If set,
         overrides both `sts_endpoint` and `sts_region` to instead use the region
         specified in the client request headers for IAM-based authentication.
         This can be useful when you have client requests coming from different
@@ -313,11 +313,11 @@ def __init__(__self__, *,
         :param pulumi.Input[str] iam_server_id_header_value: The value to require in the
                `X-Vault-AWS-IAM-Server-ID` header as part of `GetCallerIdentity` requests
                that are used in the IAM auth method.
-        :param pulumi.Input[str] identity_token_audience: The audience claim value. Mutually exclusive with `access_key`. 
+        :param pulumi.Input[str] identity_token_audience: The audience claim value. Mutually exclusive with `access_key`.
                Requires Vault 1.17+. *Available only for Vault Enterprise*
         :param pulumi.Input[int] identity_token_ttl: The TTL of generated identity tokens in seconds. Requires Vault 1.17+.
                *Available only for Vault Enterprise*
-        :param pulumi.Input[int] max_retries: Number of max retries the client should use for recoverable errors. 
+        :param pulumi.Input[int] max_retries: Number of max retries the client should use for recoverable errors.
                The default `-1` falls back to the AWS SDK's default behavior.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
@@ -329,9 +329,9 @@ def __init__(__self__, *,
                auth backend.
         :param pulumi.Input[str] sts_endpoint: Override the URL Vault uses when making STS API
                calls.
-        :param pulumi.Input[str] sts_region: Override the default region when making STS API 
+        :param pulumi.Input[str] sts_region: Override the default region when making STS API
                calls. The `sts_endpoint` argument must be set when using `sts_region`.
-        :param pulumi.Input[bool] use_sts_region_from_client: Available in Vault v1.15+. If set, 
+        :param pulumi.Input[bool] use_sts_region_from_client: Available in Vault v1.15+. If set,
                overrides both `sts_endpoint` and `sts_region` to instead use the region
                specified in the client request headers for IAM-based authentication.
                This can be useful when you have client requests coming from different
@@ -436,7 +436,7 @@ def iam_server_id_header_value(self, value: Optional[pulumi.Input[str]]):
     @pulumi.getter(name="identityTokenAudience")
     def identity_token_audience(self) -> Optional[pulumi.Input[str]]:
         """
-        The audience claim value. Mutually exclusive with `access_key`. 
+        The audience claim value. Mutually exclusive with `access_key`.
         Requires Vault 1.17+. *Available only for Vault Enterprise*
         """
         return pulumi.get(self, "identity_token_audience")
@@ -462,7 +462,7 @@ def identity_token_ttl(self, value: Optional[pulumi.Input[int]]):
     @pulumi.getter(name="maxRetries")
     def max_retries(self) -> Optional[pulumi.Input[int]]:
         """
-        Number of max retries the client should use for recoverable errors. 
+        Number of max retries the client should use for recoverable errors.
         The default `-1` falls back to the AWS SDK's default behavior.
         """
         return pulumi.get(self, "max_retries")
@@ -529,7 +529,7 @@ def sts_endpoint(self, value: Optional[pulumi.Input[str]]):
     @pulumi.getter(name="stsRegion")
     def sts_region(self) -> Optional[pulumi.Input[str]]:
         """
-        Override the default region when making STS API 
+        Override the default region when making STS API
         calls. The `sts_endpoint` argument must be set when using `sts_region`.
         """
         return pulumi.get(self, "sts_region")
@@ -542,7 +542,7 @@ def sts_region(self, value: Optional[pulumi.Input[str]]):
     @pulumi.getter(name="useStsRegionFromClient")
     def use_sts_region_from_client(self) -> Optional[pulumi.Input[bool]]:
         """
-        Available in Vault v1.15+. If set, 
+        Available in Vault v1.15+. If set,
         overrides both `sts_endpoint` and `sts_region` to instead use the region
         specified in the client request headers for IAM-based authentication.
         This can be useful when you have client requests coming from different
@@ -622,11 +622,11 @@ def __init__(__self__,
         :param pulumi.Input[str] iam_server_id_header_value: The value to require in the
                `X-Vault-AWS-IAM-Server-ID` header as part of `GetCallerIdentity` requests
                that are used in the IAM auth method.
-        :param pulumi.Input[str] identity_token_audience: The audience claim value. Mutually exclusive with `access_key`. 
+        :param pulumi.Input[str] identity_token_audience: The audience claim value. Mutually exclusive with `access_key`.
                Requires Vault 1.17+. *Available only for Vault Enterprise*
         :param pulumi.Input[int] identity_token_ttl: The TTL of generated identity tokens in seconds. Requires Vault 1.17+.
                *Available only for Vault Enterprise*
-        :param pulumi.Input[int] max_retries: Number of max retries the client should use for recoverable errors. 
+        :param pulumi.Input[int] max_retries: Number of max retries the client should use for recoverable errors.
                The default `-1` falls back to the AWS SDK's default behavior.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
@@ -638,9 +638,9 @@ def __init__(__self__,
                auth backend.
         :param pulumi.Input[str] sts_endpoint: Override the URL Vault uses when making STS API
                calls.
-        :param pulumi.Input[str] sts_region: Override the default region when making STS API 
+        :param pulumi.Input[str] sts_region: Override the default region when making STS API
                calls. The `sts_endpoint` argument must be set when using `sts_region`.
-        :param pulumi.Input[bool] use_sts_region_from_client: Available in Vault v1.15+. If set, 
+        :param pulumi.Input[bool] use_sts_region_from_client: Available in Vault v1.15+. If set,
                overrides both `sts_endpoint` and `sts_region` to instead use the region
                specified in the client request headers for IAM-based authentication.
                This can be useful when you have client requests coming from different
@@ -782,11 +782,11 @@ def get(resource_name: str,
         :param pulumi.Input[str] iam_server_id_header_value: The value to require in the
                `X-Vault-AWS-IAM-Server-ID` header as part of `GetCallerIdentity` requests
                that are used in the IAM auth method.
-        :param pulumi.Input[str] identity_token_audience: The audience claim value. Mutually exclusive with `access_key`. 
+        :param pulumi.Input[str] identity_token_audience: The audience claim value. Mutually exclusive with `access_key`.
                Requires Vault 1.17+. *Available only for Vault Enterprise*
         :param pulumi.Input[int] identity_token_ttl: The TTL of generated identity tokens in seconds. Requires Vault 1.17+.
                *Available only for Vault Enterprise*
-        :param pulumi.Input[int] max_retries: Number of max retries the client should use for recoverable errors. 
+        :param pulumi.Input[int] max_retries: Number of max retries the client should use for recoverable errors.
                The default `-1` falls back to the AWS SDK's default behavior.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
@@ -798,9 +798,9 @@ def get(resource_name: str,
                auth backend.
         :param pulumi.Input[str] sts_endpoint: Override the URL Vault uses when making STS API
                calls.
-        :param pulumi.Input[str] sts_region: Override the default region when making STS API 
+        :param pulumi.Input[str] sts_region: Override the default region when making STS API
                calls. The `sts_endpoint` argument must be set when using `sts_region`.
-        :param pulumi.Input[bool] use_sts_region_from_client: Available in Vault v1.15+. If set, 
+        :param pulumi.Input[bool] use_sts_region_from_client: Available in Vault v1.15+. If set,
                overrides both `sts_endpoint` and `sts_region` to instead use the region
                specified in the client request headers for IAM-based authentication.
                This can be useful when you have client requests coming from different
@@ -876,7 +876,7 @@ def iam_server_id_header_value(self) -> pulumi.Output[Optional[str]]:
     @pulumi.getter(name="identityTokenAudience")
     def identity_token_audience(self) -> pulumi.Output[Optional[str]]:
         """
-        The audience claim value. Mutually exclusive with `access_key`. 
+        The audience claim value. Mutually exclusive with `access_key`.
         Requires Vault 1.17+. *Available only for Vault Enterprise*
         """
         return pulumi.get(self, "identity_token_audience")
@@ -894,7 +894,7 @@ def identity_token_ttl(self) -> pulumi.Output[int]:
     @pulumi.getter(name="maxRetries")
     def max_retries(self) -> pulumi.Output[Optional[int]]:
         """
-        Number of max retries the client should use for recoverable errors. 
+        Number of max retries the client should use for recoverable errors.
         The default `-1` falls back to the AWS SDK's default behavior.
         """
         return pulumi.get(self, "max_retries")
@@ -941,7 +941,7 @@ def sts_endpoint(self) -> pulumi.Output[Optional[str]]:
     @pulumi.getter(name="stsRegion")
     def sts_region(self) -> pulumi.Output[Optional[str]]:
         """
-        Override the default region when making STS API 
+        Override the default region when making STS API
         calls. The `sts_endpoint` argument must be set when using `sts_region`.
         """
         return pulumi.get(self, "sts_region")
@@ -950,7 +950,7 @@ def sts_region(self) -> pulumi.Output[Optional[str]]:
     @pulumi.getter(name="useStsRegionFromClient")
     def use_sts_region_from_client(self) -> pulumi.Output[bool]:
         """
-        Available in Vault v1.15+. If set, 
+        Available in Vault v1.15+. If set,
         overrides both `sts_endpoint` and `sts_region` to instead use the region
         specified in the client request headers for IAM-based authentication.
         This can be useful when you have client requests coming from different
diff --git a/sdk/python/pulumi_vault/aws/secret_backend_role.py b/sdk/python/pulumi_vault/aws/secret_backend_role.py
index 1be948123..c7e57c73b 100644
--- a/sdk/python/pulumi_vault/aws/secret_backend_role.py
+++ b/sdk/python/pulumi_vault/aws/secret_backend_role.py
@@ -41,7 +41,7 @@ def __init__(__self__, *,
                and a default TTL is specified on the role,
                then this default TTL will be used. Valid only when `credential_type` is one of
                `assumed_role` or `federation_token`.
-        :param pulumi.Input[str] external_id: External ID to set for assume role creds. 
+        :param pulumi.Input[str] external_id: External ID to set for assume role creds.
                Valid only when `credential_type` is set to `assumed_role`.
         :param pulumi.Input[Sequence[pulumi.Input[str]]] iam_groups: A list of IAM group names. IAM users generated
                against this vault role will be added to these IAM Groups. For a credential
@@ -60,7 +60,7 @@ def __init__(__self__, *,
                The value should not contain leading or trailing forward slashes.
                The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
-        :param pulumi.Input[str] permissions_boundary_arn: The ARN of the AWS Permissions 
+        :param pulumi.Input[str] permissions_boundary_arn: The ARN of the AWS Permissions
                Boundary to attach to IAM users created in the role. Valid only when
                `credential_type` is `iam_user`. If not specified, then no permissions boundary
                policy will be attached.
@@ -82,7 +82,7 @@ def __init__(__self__, *,
         :param pulumi.Input[Mapping[str, pulumi.Input[str]]] session_tags: A map of strings representing key/value pairs to be set
                during assume role creds creation. Valid only when `credential_type` is set to
                `assumed_role`.
-        :param pulumi.Input[str] user_path: The path for the user name. Valid only when 
+        :param pulumi.Input[str] user_path: The path for the user name. Valid only when
                `credential_type` is `iam_user`. Default is `/`.
         """
         pulumi.set(__self__, "backend", backend)
@@ -161,7 +161,7 @@ def default_sts_ttl(self, value: Optional[pulumi.Input[int]]):
     @pulumi.getter(name="externalId")
     def external_id(self) -> Optional[pulumi.Input[str]]:
         """
-        External ID to set for assume role creds. 
+        External ID to set for assume role creds.
         Valid only when `credential_type` is set to `assumed_role`.
         """
         return pulumi.get(self, "external_id")
@@ -246,7 +246,7 @@ def namespace(self, value: Optional[pulumi.Input[str]]):
     @pulumi.getter(name="permissionsBoundaryArn")
     def permissions_boundary_arn(self) -> Optional[pulumi.Input[str]]:
         """
-        The ARN of the AWS Permissions 
+        The ARN of the AWS Permissions
         Boundary to attach to IAM users created in the role. Valid only when
         `credential_type` is `iam_user`. If not specified, then no permissions boundary
         policy will be attached.
@@ -323,7 +323,7 @@ def session_tags(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[st
     @pulumi.getter(name="userPath")
     def user_path(self) -> Optional[pulumi.Input[str]]:
         """
-        The path for the user name. Valid only when 
+        The path for the user name. Valid only when
         `credential_type` is `iam_user`. Default is `/`.
         """
         return pulumi.get(self, "user_path")
@@ -363,7 +363,7 @@ def __init__(__self__, *,
                and a default TTL is specified on the role,
                then this default TTL will be used. Valid only when `credential_type` is one of
                `assumed_role` or `federation_token`.
-        :param pulumi.Input[str] external_id: External ID to set for assume role creds. 
+        :param pulumi.Input[str] external_id: External ID to set for assume role creds.
                Valid only when `credential_type` is set to `assumed_role`.
         :param pulumi.Input[Sequence[pulumi.Input[str]]] iam_groups: A list of IAM group names. IAM users generated
                against this vault role will be added to these IAM Groups. For a credential
@@ -382,7 +382,7 @@ def __init__(__self__, *,
                The value should not contain leading or trailing forward slashes.
                The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
-        :param pulumi.Input[str] permissions_boundary_arn: The ARN of the AWS Permissions 
+        :param pulumi.Input[str] permissions_boundary_arn: The ARN of the AWS Permissions
                Boundary to attach to IAM users created in the role. Valid only when
                `credential_type` is `iam_user`. If not specified, then no permissions boundary
                policy will be attached.
@@ -404,7 +404,7 @@ def __init__(__self__, *,
         :param pulumi.Input[Mapping[str, pulumi.Input[str]]] session_tags: A map of strings representing key/value pairs to be set
                during assume role creds creation. Valid only when `credential_type` is set to
                `assumed_role`.
-        :param pulumi.Input[str] user_path: The path for the user name. Valid only when 
+        :param pulumi.Input[str] user_path: The path for the user name. Valid only when
                `credential_type` is `iam_user`. Default is `/`.
         """
         if backend is not None:
@@ -485,7 +485,7 @@ def default_sts_ttl(self, value: Optional[pulumi.Input[int]]):
     @pulumi.getter(name="externalId")
     def external_id(self) -> Optional[pulumi.Input[str]]:
         """
-        External ID to set for assume role creds. 
+        External ID to set for assume role creds.
         Valid only when `credential_type` is set to `assumed_role`.
         """
         return pulumi.get(self, "external_id")
@@ -570,7 +570,7 @@ def namespace(self, value: Optional[pulumi.Input[str]]):
     @pulumi.getter(name="permissionsBoundaryArn")
     def permissions_boundary_arn(self) -> Optional[pulumi.Input[str]]:
         """
-        The ARN of the AWS Permissions 
+        The ARN of the AWS Permissions
         Boundary to attach to IAM users created in the role. Valid only when
         `credential_type` is `iam_user`. If not specified, then no permissions boundary
         policy will be attached.
@@ -647,7 +647,7 @@ def session_tags(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[st
     @pulumi.getter(name="userPath")
     def user_path(self) -> Optional[pulumi.Input[str]]:
         """
-        The path for the user name. Valid only when 
+        The path for the user name. Valid only when
         `credential_type` is `iam_user`. Default is `/`.
         """
         return pulumi.get(self, "user_path")
@@ -725,7 +725,7 @@ def __init__(__self__,
                and a default TTL is specified on the role,
                then this default TTL will be used. Valid only when `credential_type` is one of
                `assumed_role` or `federation_token`.
-        :param pulumi.Input[str] external_id: External ID to set for assume role creds. 
+        :param pulumi.Input[str] external_id: External ID to set for assume role creds.
                Valid only when `credential_type` is set to `assumed_role`.
         :param pulumi.Input[Sequence[pulumi.Input[str]]] iam_groups: A list of IAM group names. IAM users generated
                against this vault role will be added to these IAM Groups. For a credential
@@ -744,7 +744,7 @@ def __init__(__self__,
                The value should not contain leading or trailing forward slashes.
                The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
-        :param pulumi.Input[str] permissions_boundary_arn: The ARN of the AWS Permissions 
+        :param pulumi.Input[str] permissions_boundary_arn: The ARN of the AWS Permissions
                Boundary to attach to IAM users created in the role. Valid only when
                `credential_type` is `iam_user`. If not specified, then no permissions boundary
                policy will be attached.
@@ -766,7 +766,7 @@ def __init__(__self__,
         :param pulumi.Input[Mapping[str, pulumi.Input[str]]] session_tags: A map of strings representing key/value pairs to be set
                during assume role creds creation. Valid only when `credential_type` is set to
                `assumed_role`.
-        :param pulumi.Input[str] user_path: The path for the user name. Valid only when 
+        :param pulumi.Input[str] user_path: The path for the user name. Valid only when
                `credential_type` is `iam_user`. Default is `/`.
         """
         ...
@@ -910,7 +910,7 @@ def get(resource_name: str,
                and a default TTL is specified on the role,
                then this default TTL will be used. Valid only when `credential_type` is one of
                `assumed_role` or `federation_token`.
-        :param pulumi.Input[str] external_id: External ID to set for assume role creds. 
+        :param pulumi.Input[str] external_id: External ID to set for assume role creds.
                Valid only when `credential_type` is set to `assumed_role`.
         :param pulumi.Input[Sequence[pulumi.Input[str]]] iam_groups: A list of IAM group names. IAM users generated
                against this vault role will be added to these IAM Groups. For a credential
@@ -929,7 +929,7 @@ def get(resource_name: str,
                The value should not contain leading or trailing forward slashes.
                The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
-        :param pulumi.Input[str] permissions_boundary_arn: The ARN of the AWS Permissions 
+        :param pulumi.Input[str] permissions_boundary_arn: The ARN of the AWS Permissions
                Boundary to attach to IAM users created in the role. Valid only when
                `credential_type` is `iam_user`. If not specified, then no permissions boundary
                policy will be attached.
@@ -951,7 +951,7 @@ def get(resource_name: str,
         :param pulumi.Input[Mapping[str, pulumi.Input[str]]] session_tags: A map of strings representing key/value pairs to be set
                during assume role creds creation. Valid only when `credential_type` is set to
                `assumed_role`.
-        :param pulumi.Input[str] user_path: The path for the user name. Valid only when 
+        :param pulumi.Input[str] user_path: The path for the user name. Valid only when
                `credential_type` is `iam_user`. Default is `/`.
         """
         opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
@@ -1010,7 +1010,7 @@ def default_sts_ttl(self) -> pulumi.Output[int]:
     @pulumi.getter(name="externalId")
     def external_id(self) -> pulumi.Output[Optional[str]]:
         """
-        External ID to set for assume role creds. 
+        External ID to set for assume role creds.
         Valid only when `credential_type` is set to `assumed_role`.
         """
         return pulumi.get(self, "external_id")
@@ -1071,7 +1071,7 @@ def namespace(self) -> pulumi.Output[Optional[str]]:
     @pulumi.getter(name="permissionsBoundaryArn")
     def permissions_boundary_arn(self) -> pulumi.Output[Optional[str]]:
         """
-        The ARN of the AWS Permissions 
+        The ARN of the AWS Permissions
         Boundary to attach to IAM users created in the role. Valid only when
         `credential_type` is `iam_user`. If not specified, then no permissions boundary
         policy will be attached.
@@ -1128,7 +1128,7 @@ def session_tags(self) -> pulumi.Output[Optional[Mapping[str, str]]]:
     @pulumi.getter(name="userPath")
     def user_path(self) -> pulumi.Output[Optional[str]]:
         """
-        The path for the user name. Valid only when 
+        The path for the user name. Valid only when
         `credential_type` is `iam_user`. Default is `/`.
         """
         return pulumi.get(self, "user_path")
diff --git a/sdk/python/pulumi_vault/azure/backend.py b/sdk/python/pulumi_vault/azure/backend.py
index d8d5dde16..85ff75575 100644
--- a/sdk/python/pulumi_vault/azure/backend.py
+++ b/sdk/python/pulumi_vault/azure/backend.py
@@ -499,7 +499,7 @@ def __init__(__self__,
         """
         ## Example Usage
 
-        ### *Vault-1.9 And Above*
+        ### vault-1.9 and above
 
         You can setup the Azure secrets engine with Workload Identity Federation (WIF) for a secret-less configuration:
         ```python
@@ -527,7 +527,7 @@ def __init__(__self__,
             environment="AzurePublicCloud")
         ```
 
-        ### *Vault-1.8 And Below*
+        ### vault-1.8 and below
 
         ```python
         import pulumi
@@ -574,7 +574,7 @@ def __init__(__self__,
         """
         ## Example Usage
 
-        ### *Vault-1.9 And Above*
+        ### vault-1.9 and above
 
         You can setup the Azure secrets engine with Workload Identity Federation (WIF) for a secret-less configuration:
         ```python
@@ -602,7 +602,7 @@ def __init__(__self__,
             environment="AzurePublicCloud")
         ```
 
-        ### *Vault-1.8 And Below*
+        ### vault-1.8 and below
 
         ```python
         import pulumi
diff --git a/sdk/python/pulumi_vault/azure/get_access_credentials.py b/sdk/python/pulumi_vault/azure/get_access_credentials.py
index 465d80640..b043eb132 100644
--- a/sdk/python/pulumi_vault/azure/get_access_credentials.py
+++ b/sdk/python/pulumi_vault/azure/get_access_credentials.py
@@ -238,30 +238,27 @@ def get_access_credentials(backend: Optional[str] = None,
            read credentials from, with no leading or trailing `/`s.
     :param str environment: The Azure environment to use during credential validation.
            Defaults to the environment configured in the Vault backend.
-           Some possible values: `AzurePublicCloud`, `AzureGovernmentCloud`
-           *See the caveats section for more information on this field.*
-    :param int max_cred_validation_seconds: If 'validate_creds' is true, 
+           Some possible values: `AzurePublicCloud`, `AzureGovernmentCloud`*See the caveats section for more information on this field.*
+    :param int max_cred_validation_seconds: If 'validate_creds' is true,
            the number of seconds after which to give up validating credentials. Defaults
            to 300.
     :param str namespace: The namespace of the target resource.
            The value should not contain leading or trailing forward slashes.
            The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
            *Available only for Vault Enterprise*.
-    :param int num_seconds_between_tests: If 'validate_creds' is true, 
+    :param int num_seconds_between_tests: If 'validate_creds' is true,
            the number of seconds to wait between each test of generated credentials.
            Defaults to 1.
-    :param int num_sequential_successes: If 'validate_creds' is true, 
+    :param int num_sequential_successes: If 'validate_creds' is true,
            the number of sequential successes required to validate generated
            credentials. Defaults to 8.
     :param str role: The name of the Azure secret backend role to read
            credentials from, with no leading or trailing `/`s.
     :param str subscription_id: The subscription ID to use during credential
-           validation. Defaults to the subscription ID configured in the Vault `backend`.
-           *See the caveats section for more information on this field.*
+           validation. Defaults to the subscription ID configured in the Vault `backend`.*See the caveats section for more information on this field.*
     :param str tenant_id: The tenant ID to use during credential validation.
-           Defaults to the tenant ID configured in the Vault `backend`.
-           *See the caveats section for more information on this field.*
-    :param bool validate_creds: Whether generated credentials should be 
+           Defaults to the tenant ID configured in the Vault `backend`.*See the caveats section for more information on this field.*
+    :param bool validate_creds: Whether generated credentials should be
            validated before being returned. Defaults to `false`, which returns
            credentials without checking whether they have fully propagated throughout
            Azure Active Directory. Designating `true` activates testing.
@@ -337,30 +334,27 @@ def get_access_credentials_output(backend: Optional[pulumi.Input[str]] = None,
            read credentials from, with no leading or trailing `/`s.
     :param str environment: The Azure environment to use during credential validation.
            Defaults to the environment configured in the Vault backend.
-           Some possible values: `AzurePublicCloud`, `AzureGovernmentCloud`
-           *See the caveats section for more information on this field.*
-    :param int max_cred_validation_seconds: If 'validate_creds' is true, 
+           Some possible values: `AzurePublicCloud`, `AzureGovernmentCloud`*See the caveats section for more information on this field.*
+    :param int max_cred_validation_seconds: If 'validate_creds' is true,
            the number of seconds after which to give up validating credentials. Defaults
            to 300.
     :param str namespace: The namespace of the target resource.
            The value should not contain leading or trailing forward slashes.
            The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
            *Available only for Vault Enterprise*.
-    :param int num_seconds_between_tests: If 'validate_creds' is true, 
+    :param int num_seconds_between_tests: If 'validate_creds' is true,
            the number of seconds to wait between each test of generated credentials.
            Defaults to 1.
-    :param int num_sequential_successes: If 'validate_creds' is true, 
+    :param int num_sequential_successes: If 'validate_creds' is true,
            the number of sequential successes required to validate generated
            credentials. Defaults to 8.
     :param str role: The name of the Azure secret backend role to read
            credentials from, with no leading or trailing `/`s.
     :param str subscription_id: The subscription ID to use during credential
-           validation. Defaults to the subscription ID configured in the Vault `backend`.
-           *See the caveats section for more information on this field.*
+           validation. Defaults to the subscription ID configured in the Vault `backend`.*See the caveats section for more information on this field.*
     :param str tenant_id: The tenant ID to use during credential validation.
-           Defaults to the tenant ID configured in the Vault `backend`.
-           *See the caveats section for more information on this field.*
-    :param bool validate_creds: Whether generated credentials should be 
+           Defaults to the tenant ID configured in the Vault `backend`.*See the caveats section for more information on this field.*
+    :param bool validate_creds: Whether generated credentials should be
            validated before being returned. Defaults to `false`, which returns
            credentials without checking whether they have fully propagated throughout
            Azure Active Directory. Designating `true` activates testing.
diff --git a/sdk/python/pulumi_vault/consul/secret_backend.py b/sdk/python/pulumi_vault/consul/secret_backend.py
index 683e01b83..8aa488abc 100644
--- a/sdk/python/pulumi_vault/consul/secret_backend.py
+++ b/sdk/python/pulumi_vault/consul/secret_backend.py
@@ -529,7 +529,7 @@ def __init__(__self__,
         """
         ## Example Usage
 
-        ### Creating a standard backend resource:
+        #### Creating a standard backend resource:
         ```python
         import pulumi
         import pulumi_vault as vault
@@ -541,7 +541,7 @@ def __init__(__self__,
             token="4240861b-ce3d-8530-115a-521ff070dd29")
         ```
 
-        ### Creating a backend resource to bootstrap a new Consul instance:
+        #### Creating a backend resource to bootstrap a new Consul instance:
         ```python
         import pulumi
         import pulumi_vault as vault
@@ -595,7 +595,7 @@ def __init__(__self__,
         """
         ## Example Usage
 
-        ### Creating a standard backend resource:
+        #### Creating a standard backend resource:
         ```python
         import pulumi
         import pulumi_vault as vault
@@ -607,7 +607,7 @@ def __init__(__self__,
             token="4240861b-ce3d-8530-115a-521ff070dd29")
         ```
 
-        ### Creating a backend resource to bootstrap a new Consul instance:
+        #### Creating a backend resource to bootstrap a new Consul instance:
         ```python
         import pulumi
         import pulumi_vault as vault
diff --git a/sdk/python/pulumi_vault/database/secrets_mount.py b/sdk/python/pulumi_vault/database/secrets_mount.py
index fea240e31..57a5c22ad 100644
--- a/sdk/python/pulumi_vault/database/secrets_mount.py
+++ b/sdk/python/pulumi_vault/database/secrets_mount.py
@@ -61,55 +61,37 @@ def __init__(__self__, *,
         :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_response_headers: List of headers to allow and pass from the request to the plugin
         :param pulumi.Input[Sequence[pulumi.Input[str]]] audit_non_hmac_request_keys: Specifies the list of keys that will not be HMAC'd by audit devices in the request data object.
         :param pulumi.Input[Sequence[pulumi.Input[str]]] audit_non_hmac_response_keys: Specifies the list of keys that will not be HMAC'd by audit devices in the response data object.
-        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountCassandraArgs']]] cassandras: A nested block containing configuration options for Cassandra connections.  
-               *See Configuration Options for more info*
-        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountCouchbaseArgs']]] couchbases: A nested block containing configuration options for Couchbase connections.  
-               *See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountCassandraArgs']]] cassandras: A nested block containing configuration options for Cassandra connections.*See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountCouchbaseArgs']]] couchbases: A nested block containing configuration options for Couchbase connections.*See Configuration Options for more info*
         :param pulumi.Input[int] default_lease_ttl_seconds: Default lease duration for tokens and secrets in seconds
         :param pulumi.Input[Sequence[pulumi.Input[str]]] delegated_auth_accessors: List of headers to allow and pass from the request to the plugin
         :param pulumi.Input[str] description: Human-friendly description of the mount
-        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountElasticsearchArgs']]] elasticsearches: A nested block containing configuration options for Elasticsearch connections.  
-               *See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountElasticsearchArgs']]] elasticsearches: A nested block containing configuration options for Elasticsearch connections.*See Configuration Options for more info*
         :param pulumi.Input[bool] external_entropy_access: Boolean flag that can be explicitly set to true to enable the secrets engine to access Vault's external entropy source
-        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountHanaArgs']]] hanas: A nested block containing configuration options for SAP HanaDB connections.  
-               *See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountHanaArgs']]] hanas: A nested block containing configuration options for SAP HanaDB connections.*See Configuration Options for more info*
         :param pulumi.Input[str] identity_token_key: The key to use for signing plugin workload identity tokens
-        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountInfluxdbArgs']]] influxdbs: A nested block containing configuration options for InfluxDB connections.  
-               *See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountInfluxdbArgs']]] influxdbs: A nested block containing configuration options for InfluxDB connections.*See Configuration Options for more info*
         :param pulumi.Input[str] listing_visibility: Specifies whether to show this mount in the UI-specific listing endpoint
         :param pulumi.Input[bool] local: Boolean flag that can be explicitly set to true to enforce local mount in HA environment
         :param pulumi.Input[int] max_lease_ttl_seconds: Maximum possible lease duration for tokens and secrets in seconds
-        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountMongodbatlaArgs']]] mongodbatlas: A nested block containing configuration options for MongoDB Atlas connections.  
-               *See Configuration Options for more info*
-        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountMongodbArgs']]] mongodbs: A nested block containing configuration options for MongoDB connections.  
-               *See Configuration Options for more info*
-        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountMssqlArgs']]] mssqls: A nested block containing configuration options for MSSQL connections.  
-               *See Configuration Options for more info*
-        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountMysqlAuroraArgs']]] mysql_auroras: A nested block containing configuration options for Aurora MySQL connections.  
-               *See Configuration Options for more info*
-        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountMysqlLegacyArgs']]] mysql_legacies: A nested block containing configuration options for legacy MySQL connections.  
-               *See Configuration Options for more info*
-        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountMysqlRdArgs']]] mysql_rds: A nested block containing configuration options for RDS MySQL connections.  
-               *See Configuration Options for more info*
-        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountMysqlArgs']]] mysqls: A nested block containing configuration options for MySQL connections.  
-               *See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountMongodbatlaArgs']]] mongodbatlas: A nested block containing configuration options for MongoDB Atlas connections.*See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountMongodbArgs']]] mongodbs: A nested block containing configuration options for MongoDB connections.*See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountMssqlArgs']]] mssqls: A nested block containing configuration options for MSSQL connections.*See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountMysqlAuroraArgs']]] mysql_auroras: A nested block containing configuration options for Aurora MySQL connections.*See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountMysqlLegacyArgs']]] mysql_legacies: A nested block containing configuration options for legacy MySQL connections.*See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountMysqlRdArgs']]] mysql_rds: A nested block containing configuration options for RDS MySQL connections.*See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountMysqlArgs']]] mysqls: A nested block containing configuration options for MySQL connections.*See Configuration Options for more info*
         :param pulumi.Input[str] namespace: Target namespace. (requires Enterprise)
         :param pulumi.Input[Mapping[str, pulumi.Input[str]]] options: Specifies mount type specific options that are passed to the backend
-        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountOracleArgs']]] oracles: A nested block containing configuration options for Oracle connections.  
-               *See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountOracleArgs']]] oracles: A nested block containing configuration options for Oracle connections.*See Configuration Options for more info*
         :param pulumi.Input[Sequence[pulumi.Input[str]]] passthrough_request_headers: List of headers to allow and pass from the request to the plugin
         :param pulumi.Input[str] plugin_version: Specifies the semantic version of the plugin to use, e.g. 'v1.0.0'
-        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountPostgresqlArgs']]] postgresqls: A nested block containing configuration options for PostgreSQL connections.  
-               *See Configuration Options for more info*
-        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountRediArgs']]] redis: A nested block containing configuration options for Redis connections.  
-               *See Configuration Options for more info*
-        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountRedisElasticachArgs']]] redis_elasticaches: A nested block containing configuration options for Redis ElastiCache connections.  
-               *See Configuration Options for more info*
-        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountRedshiftArgs']]] redshifts: A nested block containing configuration options for AWS Redshift connections.  
-               *See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountPostgresqlArgs']]] postgresqls: A nested block containing configuration options for PostgreSQL connections.*See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountRediArgs']]] redis: A nested block containing configuration options for Redis connections.*See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountRedisElasticachArgs']]] redis_elasticaches: A nested block containing configuration options for Redis ElastiCache connections.*See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountRedshiftArgs']]] redshifts: A nested block containing configuration options for AWS Redshift connections.*See Configuration Options for more info*
         :param pulumi.Input[bool] seal_wrap: Boolean flag that can be explicitly set to true to enable seal wrapping for the mount, causing values stored by the mount to be wrapped by the seal's encryption capability
-        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountSnowflakeArgs']]] snowflakes: A nested block containing configuration options for Snowflake connections.  
-               *See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountSnowflakeArgs']]] snowflakes: A nested block containing configuration options for Snowflake connections.*See Configuration Options for more info*
         """
         pulumi.set(__self__, "path", path)
         if allowed_managed_keys is not None:
@@ -249,8 +231,7 @@ def audit_non_hmac_response_keys(self, value: Optional[pulumi.Input[Sequence[pul
     @pulumi.getter
     def cassandras(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMountCassandraArgs']]]]:
         """
-        A nested block containing configuration options for Cassandra connections.  
-        *See Configuration Options for more info*
+        A nested block containing configuration options for Cassandra connections.*See Configuration Options for more info*
         """
         return pulumi.get(self, "cassandras")
 
@@ -262,8 +243,7 @@ def cassandras(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['Secrets
     @pulumi.getter
     def couchbases(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMountCouchbaseArgs']]]]:
         """
-        A nested block containing configuration options for Couchbase connections.  
-        *See Configuration Options for more info*
+        A nested block containing configuration options for Couchbase connections.*See Configuration Options for more info*
         """
         return pulumi.get(self, "couchbases")
 
@@ -311,8 +291,7 @@ def description(self, value: Optional[pulumi.Input[str]]):
     @pulumi.getter
     def elasticsearches(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMountElasticsearchArgs']]]]:
         """
-        A nested block containing configuration options for Elasticsearch connections.  
-        *See Configuration Options for more info*
+        A nested block containing configuration options for Elasticsearch connections.*See Configuration Options for more info*
         """
         return pulumi.get(self, "elasticsearches")
 
@@ -336,8 +315,7 @@ def external_entropy_access(self, value: Optional[pulumi.Input[bool]]):
     @pulumi.getter
     def hanas(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMountHanaArgs']]]]:
         """
-        A nested block containing configuration options for SAP HanaDB connections.  
-        *See Configuration Options for more info*
+        A nested block containing configuration options for SAP HanaDB connections.*See Configuration Options for more info*
         """
         return pulumi.get(self, "hanas")
 
@@ -361,8 +339,7 @@ def identity_token_key(self, value: Optional[pulumi.Input[str]]):
     @pulumi.getter
     def influxdbs(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMountInfluxdbArgs']]]]:
         """
-        A nested block containing configuration options for InfluxDB connections.  
-        *See Configuration Options for more info*
+        A nested block containing configuration options for InfluxDB connections.*See Configuration Options for more info*
         """
         return pulumi.get(self, "influxdbs")
 
@@ -410,8 +387,7 @@ def max_lease_ttl_seconds(self, value: Optional[pulumi.Input[int]]):
     @pulumi.getter
     def mongodbatlas(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMountMongodbatlaArgs']]]]:
         """
-        A nested block containing configuration options for MongoDB Atlas connections.  
-        *See Configuration Options for more info*
+        A nested block containing configuration options for MongoDB Atlas connections.*See Configuration Options for more info*
         """
         return pulumi.get(self, "mongodbatlas")
 
@@ -423,8 +399,7 @@ def mongodbatlas(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['Secre
     @pulumi.getter
     def mongodbs(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMountMongodbArgs']]]]:
         """
-        A nested block containing configuration options for MongoDB connections.  
-        *See Configuration Options for more info*
+        A nested block containing configuration options for MongoDB connections.*See Configuration Options for more info*
         """
         return pulumi.get(self, "mongodbs")
 
@@ -436,8 +411,7 @@ def mongodbs(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMo
     @pulumi.getter
     def mssqls(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMountMssqlArgs']]]]:
         """
-        A nested block containing configuration options for MSSQL connections.  
-        *See Configuration Options for more info*
+        A nested block containing configuration options for MSSQL connections.*See Configuration Options for more info*
         """
         return pulumi.get(self, "mssqls")
 
@@ -449,8 +423,7 @@ def mssqls(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMoun
     @pulumi.getter(name="mysqlAuroras")
     def mysql_auroras(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMountMysqlAuroraArgs']]]]:
         """
-        A nested block containing configuration options for Aurora MySQL connections.  
-        *See Configuration Options for more info*
+        A nested block containing configuration options for Aurora MySQL connections.*See Configuration Options for more info*
         """
         return pulumi.get(self, "mysql_auroras")
 
@@ -462,8 +435,7 @@ def mysql_auroras(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['Secr
     @pulumi.getter(name="mysqlLegacies")
     def mysql_legacies(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMountMysqlLegacyArgs']]]]:
         """
-        A nested block containing configuration options for legacy MySQL connections.  
-        *See Configuration Options for more info*
+        A nested block containing configuration options for legacy MySQL connections.*See Configuration Options for more info*
         """
         return pulumi.get(self, "mysql_legacies")
 
@@ -475,8 +447,7 @@ def mysql_legacies(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['Sec
     @pulumi.getter(name="mysqlRds")
     def mysql_rds(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMountMysqlRdArgs']]]]:
         """
-        A nested block containing configuration options for RDS MySQL connections.  
-        *See Configuration Options for more info*
+        A nested block containing configuration options for RDS MySQL connections.*See Configuration Options for more info*
         """
         return pulumi.get(self, "mysql_rds")
 
@@ -488,8 +459,7 @@ def mysql_rds(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['SecretsM
     @pulumi.getter
     def mysqls(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMountMysqlArgs']]]]:
         """
-        A nested block containing configuration options for MySQL connections.  
-        *See Configuration Options for more info*
+        A nested block containing configuration options for MySQL connections.*See Configuration Options for more info*
         """
         return pulumi.get(self, "mysqls")
 
@@ -525,8 +495,7 @@ def options(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]
     @pulumi.getter
     def oracles(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMountOracleArgs']]]]:
         """
-        A nested block containing configuration options for Oracle connections.  
-        *See Configuration Options for more info*
+        A nested block containing configuration options for Oracle connections.*See Configuration Options for more info*
         """
         return pulumi.get(self, "oracles")
 
@@ -562,8 +531,7 @@ def plugin_version(self, value: Optional[pulumi.Input[str]]):
     @pulumi.getter
     def postgresqls(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMountPostgresqlArgs']]]]:
         """
-        A nested block containing configuration options for PostgreSQL connections.  
-        *See Configuration Options for more info*
+        A nested block containing configuration options for PostgreSQL connections.*See Configuration Options for more info*
         """
         return pulumi.get(self, "postgresqls")
 
@@ -575,8 +543,7 @@ def postgresqls(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['Secret
     @pulumi.getter
     def redis(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMountRediArgs']]]]:
         """
-        A nested block containing configuration options for Redis connections.  
-        *See Configuration Options for more info*
+        A nested block containing configuration options for Redis connections.*See Configuration Options for more info*
         """
         return pulumi.get(self, "redis")
 
@@ -588,8 +555,7 @@ def redis(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMount
     @pulumi.getter(name="redisElasticaches")
     def redis_elasticaches(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMountRedisElasticachArgs']]]]:
         """
-        A nested block containing configuration options for Redis ElastiCache connections.  
-        *See Configuration Options for more info*
+        A nested block containing configuration options for Redis ElastiCache connections.*See Configuration Options for more info*
         """
         return pulumi.get(self, "redis_elasticaches")
 
@@ -601,8 +567,7 @@ def redis_elasticaches(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[
     @pulumi.getter
     def redshifts(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMountRedshiftArgs']]]]:
         """
-        A nested block containing configuration options for AWS Redshift connections.  
-        *See Configuration Options for more info*
+        A nested block containing configuration options for AWS Redshift connections.*See Configuration Options for more info*
         """
         return pulumi.get(self, "redshifts")
 
@@ -626,8 +591,7 @@ def seal_wrap(self, value: Optional[pulumi.Input[bool]]):
     @pulumi.getter
     def snowflakes(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMountSnowflakeArgs']]]]:
         """
-        A nested block containing configuration options for Snowflake connections.  
-        *See Configuration Options for more info*
+        A nested block containing configuration options for Snowflake connections.*See Configuration Options for more info*
         """
         return pulumi.get(self, "snowflakes")
 
@@ -686,57 +650,39 @@ def __init__(__self__, *,
         :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_response_headers: List of headers to allow and pass from the request to the plugin
         :param pulumi.Input[Sequence[pulumi.Input[str]]] audit_non_hmac_request_keys: Specifies the list of keys that will not be HMAC'd by audit devices in the request data object.
         :param pulumi.Input[Sequence[pulumi.Input[str]]] audit_non_hmac_response_keys: Specifies the list of keys that will not be HMAC'd by audit devices in the response data object.
-        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountCassandraArgs']]] cassandras: A nested block containing configuration options for Cassandra connections.  
-               *See Configuration Options for more info*
-        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountCouchbaseArgs']]] couchbases: A nested block containing configuration options for Couchbase connections.  
-               *See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountCassandraArgs']]] cassandras: A nested block containing configuration options for Cassandra connections.*See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountCouchbaseArgs']]] couchbases: A nested block containing configuration options for Couchbase connections.*See Configuration Options for more info*
         :param pulumi.Input[int] default_lease_ttl_seconds: Default lease duration for tokens and secrets in seconds
         :param pulumi.Input[Sequence[pulumi.Input[str]]] delegated_auth_accessors: List of headers to allow and pass from the request to the plugin
         :param pulumi.Input[str] description: Human-friendly description of the mount
-        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountElasticsearchArgs']]] elasticsearches: A nested block containing configuration options for Elasticsearch connections.  
-               *See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountElasticsearchArgs']]] elasticsearches: A nested block containing configuration options for Elasticsearch connections.*See Configuration Options for more info*
         :param pulumi.Input[int] engine_count: The total number of database secrets engines configured.
         :param pulumi.Input[bool] external_entropy_access: Boolean flag that can be explicitly set to true to enable the secrets engine to access Vault's external entropy source
-        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountHanaArgs']]] hanas: A nested block containing configuration options for SAP HanaDB connections.  
-               *See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountHanaArgs']]] hanas: A nested block containing configuration options for SAP HanaDB connections.*See Configuration Options for more info*
         :param pulumi.Input[str] identity_token_key: The key to use for signing plugin workload identity tokens
-        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountInfluxdbArgs']]] influxdbs: A nested block containing configuration options for InfluxDB connections.  
-               *See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountInfluxdbArgs']]] influxdbs: A nested block containing configuration options for InfluxDB connections.*See Configuration Options for more info*
         :param pulumi.Input[str] listing_visibility: Specifies whether to show this mount in the UI-specific listing endpoint
         :param pulumi.Input[bool] local: Boolean flag that can be explicitly set to true to enforce local mount in HA environment
         :param pulumi.Input[int] max_lease_ttl_seconds: Maximum possible lease duration for tokens and secrets in seconds
-        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountMongodbatlaArgs']]] mongodbatlas: A nested block containing configuration options for MongoDB Atlas connections.  
-               *See Configuration Options for more info*
-        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountMongodbArgs']]] mongodbs: A nested block containing configuration options for MongoDB connections.  
-               *See Configuration Options for more info*
-        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountMssqlArgs']]] mssqls: A nested block containing configuration options for MSSQL connections.  
-               *See Configuration Options for more info*
-        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountMysqlAuroraArgs']]] mysql_auroras: A nested block containing configuration options for Aurora MySQL connections.  
-               *See Configuration Options for more info*
-        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountMysqlLegacyArgs']]] mysql_legacies: A nested block containing configuration options for legacy MySQL connections.  
-               *See Configuration Options for more info*
-        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountMysqlRdArgs']]] mysql_rds: A nested block containing configuration options for RDS MySQL connections.  
-               *See Configuration Options for more info*
-        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountMysqlArgs']]] mysqls: A nested block containing configuration options for MySQL connections.  
-               *See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountMongodbatlaArgs']]] mongodbatlas: A nested block containing configuration options for MongoDB Atlas connections.*See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountMongodbArgs']]] mongodbs: A nested block containing configuration options for MongoDB connections.*See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountMssqlArgs']]] mssqls: A nested block containing configuration options for MSSQL connections.*See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountMysqlAuroraArgs']]] mysql_auroras: A nested block containing configuration options for Aurora MySQL connections.*See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountMysqlLegacyArgs']]] mysql_legacies: A nested block containing configuration options for legacy MySQL connections.*See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountMysqlRdArgs']]] mysql_rds: A nested block containing configuration options for RDS MySQL connections.*See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountMysqlArgs']]] mysqls: A nested block containing configuration options for MySQL connections.*See Configuration Options for more info*
         :param pulumi.Input[str] namespace: Target namespace. (requires Enterprise)
         :param pulumi.Input[Mapping[str, pulumi.Input[str]]] options: Specifies mount type specific options that are passed to the backend
-        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountOracleArgs']]] oracles: A nested block containing configuration options for Oracle connections.  
-               *See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountOracleArgs']]] oracles: A nested block containing configuration options for Oracle connections.*See Configuration Options for more info*
         :param pulumi.Input[Sequence[pulumi.Input[str]]] passthrough_request_headers: List of headers to allow and pass from the request to the plugin
         :param pulumi.Input[str] path: Where the secret backend will be mounted
         :param pulumi.Input[str] plugin_version: Specifies the semantic version of the plugin to use, e.g. 'v1.0.0'
-        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountPostgresqlArgs']]] postgresqls: A nested block containing configuration options for PostgreSQL connections.  
-               *See Configuration Options for more info*
-        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountRediArgs']]] redis: A nested block containing configuration options for Redis connections.  
-               *See Configuration Options for more info*
-        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountRedisElasticachArgs']]] redis_elasticaches: A nested block containing configuration options for Redis ElastiCache connections.  
-               *See Configuration Options for more info*
-        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountRedshiftArgs']]] redshifts: A nested block containing configuration options for AWS Redshift connections.  
-               *See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountPostgresqlArgs']]] postgresqls: A nested block containing configuration options for PostgreSQL connections.*See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountRediArgs']]] redis: A nested block containing configuration options for Redis connections.*See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountRedisElasticachArgs']]] redis_elasticaches: A nested block containing configuration options for Redis ElastiCache connections.*See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountRedshiftArgs']]] redshifts: A nested block containing configuration options for AWS Redshift connections.*See Configuration Options for more info*
         :param pulumi.Input[bool] seal_wrap: Boolean flag that can be explicitly set to true to enable seal wrapping for the mount, causing values stored by the mount to be wrapped by the seal's encryption capability
-        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountSnowflakeArgs']]] snowflakes: A nested block containing configuration options for Snowflake connections.  
-               *See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input['SecretsMountSnowflakeArgs']]] snowflakes: A nested block containing configuration options for Snowflake connections.*See Configuration Options for more info*
         """
         if accessor is not None:
             pulumi.set(__self__, "accessor", accessor)
@@ -881,8 +827,7 @@ def audit_non_hmac_response_keys(self, value: Optional[pulumi.Input[Sequence[pul
     @pulumi.getter
     def cassandras(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMountCassandraArgs']]]]:
         """
-        A nested block containing configuration options for Cassandra connections.  
-        *See Configuration Options for more info*
+        A nested block containing configuration options for Cassandra connections.*See Configuration Options for more info*
         """
         return pulumi.get(self, "cassandras")
 
@@ -894,8 +839,7 @@ def cassandras(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['Secrets
     @pulumi.getter
     def couchbases(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMountCouchbaseArgs']]]]:
         """
-        A nested block containing configuration options for Couchbase connections.  
-        *See Configuration Options for more info*
+        A nested block containing configuration options for Couchbase connections.*See Configuration Options for more info*
         """
         return pulumi.get(self, "couchbases")
 
@@ -943,8 +887,7 @@ def description(self, value: Optional[pulumi.Input[str]]):
     @pulumi.getter
     def elasticsearches(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMountElasticsearchArgs']]]]:
         """
-        A nested block containing configuration options for Elasticsearch connections.  
-        *See Configuration Options for more info*
+        A nested block containing configuration options for Elasticsearch connections.*See Configuration Options for more info*
         """
         return pulumi.get(self, "elasticsearches")
 
@@ -980,8 +923,7 @@ def external_entropy_access(self, value: Optional[pulumi.Input[bool]]):
     @pulumi.getter
     def hanas(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMountHanaArgs']]]]:
         """
-        A nested block containing configuration options for SAP HanaDB connections.  
-        *See Configuration Options for more info*
+        A nested block containing configuration options for SAP HanaDB connections.*See Configuration Options for more info*
         """
         return pulumi.get(self, "hanas")
 
@@ -1005,8 +947,7 @@ def identity_token_key(self, value: Optional[pulumi.Input[str]]):
     @pulumi.getter
     def influxdbs(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMountInfluxdbArgs']]]]:
         """
-        A nested block containing configuration options for InfluxDB connections.  
-        *See Configuration Options for more info*
+        A nested block containing configuration options for InfluxDB connections.*See Configuration Options for more info*
         """
         return pulumi.get(self, "influxdbs")
 
@@ -1054,8 +995,7 @@ def max_lease_ttl_seconds(self, value: Optional[pulumi.Input[int]]):
     @pulumi.getter
     def mongodbatlas(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMountMongodbatlaArgs']]]]:
         """
-        A nested block containing configuration options for MongoDB Atlas connections.  
-        *See Configuration Options for more info*
+        A nested block containing configuration options for MongoDB Atlas connections.*See Configuration Options for more info*
         """
         return pulumi.get(self, "mongodbatlas")
 
@@ -1067,8 +1007,7 @@ def mongodbatlas(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['Secre
     @pulumi.getter
     def mongodbs(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMountMongodbArgs']]]]:
         """
-        A nested block containing configuration options for MongoDB connections.  
-        *See Configuration Options for more info*
+        A nested block containing configuration options for MongoDB connections.*See Configuration Options for more info*
         """
         return pulumi.get(self, "mongodbs")
 
@@ -1080,8 +1019,7 @@ def mongodbs(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMo
     @pulumi.getter
     def mssqls(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMountMssqlArgs']]]]:
         """
-        A nested block containing configuration options for MSSQL connections.  
-        *See Configuration Options for more info*
+        A nested block containing configuration options for MSSQL connections.*See Configuration Options for more info*
         """
         return pulumi.get(self, "mssqls")
 
@@ -1093,8 +1031,7 @@ def mssqls(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMoun
     @pulumi.getter(name="mysqlAuroras")
     def mysql_auroras(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMountMysqlAuroraArgs']]]]:
         """
-        A nested block containing configuration options for Aurora MySQL connections.  
-        *See Configuration Options for more info*
+        A nested block containing configuration options for Aurora MySQL connections.*See Configuration Options for more info*
         """
         return pulumi.get(self, "mysql_auroras")
 
@@ -1106,8 +1043,7 @@ def mysql_auroras(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['Secr
     @pulumi.getter(name="mysqlLegacies")
     def mysql_legacies(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMountMysqlLegacyArgs']]]]:
         """
-        A nested block containing configuration options for legacy MySQL connections.  
-        *See Configuration Options for more info*
+        A nested block containing configuration options for legacy MySQL connections.*See Configuration Options for more info*
         """
         return pulumi.get(self, "mysql_legacies")
 
@@ -1119,8 +1055,7 @@ def mysql_legacies(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['Sec
     @pulumi.getter(name="mysqlRds")
     def mysql_rds(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMountMysqlRdArgs']]]]:
         """
-        A nested block containing configuration options for RDS MySQL connections.  
-        *See Configuration Options for more info*
+        A nested block containing configuration options for RDS MySQL connections.*See Configuration Options for more info*
         """
         return pulumi.get(self, "mysql_rds")
 
@@ -1132,8 +1067,7 @@ def mysql_rds(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['SecretsM
     @pulumi.getter
     def mysqls(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMountMysqlArgs']]]]:
         """
-        A nested block containing configuration options for MySQL connections.  
-        *See Configuration Options for more info*
+        A nested block containing configuration options for MySQL connections.*See Configuration Options for more info*
         """
         return pulumi.get(self, "mysqls")
 
@@ -1169,8 +1103,7 @@ def options(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]
     @pulumi.getter
     def oracles(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMountOracleArgs']]]]:
         """
-        A nested block containing configuration options for Oracle connections.  
-        *See Configuration Options for more info*
+        A nested block containing configuration options for Oracle connections.*See Configuration Options for more info*
         """
         return pulumi.get(self, "oracles")
 
@@ -1218,8 +1151,7 @@ def plugin_version(self, value: Optional[pulumi.Input[str]]):
     @pulumi.getter
     def postgresqls(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMountPostgresqlArgs']]]]:
         """
-        A nested block containing configuration options for PostgreSQL connections.  
-        *See Configuration Options for more info*
+        A nested block containing configuration options for PostgreSQL connections.*See Configuration Options for more info*
         """
         return pulumi.get(self, "postgresqls")
 
@@ -1231,8 +1163,7 @@ def postgresqls(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['Secret
     @pulumi.getter
     def redis(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMountRediArgs']]]]:
         """
-        A nested block containing configuration options for Redis connections.  
-        *See Configuration Options for more info*
+        A nested block containing configuration options for Redis connections.*See Configuration Options for more info*
         """
         return pulumi.get(self, "redis")
 
@@ -1244,8 +1175,7 @@ def redis(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMount
     @pulumi.getter(name="redisElasticaches")
     def redis_elasticaches(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMountRedisElasticachArgs']]]]:
         """
-        A nested block containing configuration options for Redis ElastiCache connections.  
-        *See Configuration Options for more info*
+        A nested block containing configuration options for Redis ElastiCache connections.*See Configuration Options for more info*
         """
         return pulumi.get(self, "redis_elasticaches")
 
@@ -1257,8 +1187,7 @@ def redis_elasticaches(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[
     @pulumi.getter
     def redshifts(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMountRedshiftArgs']]]]:
         """
-        A nested block containing configuration options for AWS Redshift connections.  
-        *See Configuration Options for more info*
+        A nested block containing configuration options for AWS Redshift connections.*See Configuration Options for more info*
         """
         return pulumi.get(self, "redshifts")
 
@@ -1282,8 +1211,7 @@ def seal_wrap(self, value: Optional[pulumi.Input[bool]]):
     @pulumi.getter
     def snowflakes(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['SecretsMountSnowflakeArgs']]]]:
         """
-        A nested block containing configuration options for Snowflake connections.  
-        *See Configuration Options for more info*
+        A nested block containing configuration options for Snowflake connections.*See Configuration Options for more info*
         """
         return pulumi.get(self, "snowflakes")
 
@@ -1393,56 +1321,38 @@ def __init__(__self__,
         :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_response_headers: List of headers to allow and pass from the request to the plugin
         :param pulumi.Input[Sequence[pulumi.Input[str]]] audit_non_hmac_request_keys: Specifies the list of keys that will not be HMAC'd by audit devices in the request data object.
         :param pulumi.Input[Sequence[pulumi.Input[str]]] audit_non_hmac_response_keys: Specifies the list of keys that will not be HMAC'd by audit devices in the response data object.
-        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountCassandraArgs', 'SecretsMountCassandraArgsDict']]]] cassandras: A nested block containing configuration options for Cassandra connections.  
-               *See Configuration Options for more info*
-        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountCouchbaseArgs', 'SecretsMountCouchbaseArgsDict']]]] couchbases: A nested block containing configuration options for Couchbase connections.  
-               *See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountCassandraArgs', 'SecretsMountCassandraArgsDict']]]] cassandras: A nested block containing configuration options for Cassandra connections.*See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountCouchbaseArgs', 'SecretsMountCouchbaseArgsDict']]]] couchbases: A nested block containing configuration options for Couchbase connections.*See Configuration Options for more info*
         :param pulumi.Input[int] default_lease_ttl_seconds: Default lease duration for tokens and secrets in seconds
         :param pulumi.Input[Sequence[pulumi.Input[str]]] delegated_auth_accessors: List of headers to allow and pass from the request to the plugin
         :param pulumi.Input[str] description: Human-friendly description of the mount
-        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountElasticsearchArgs', 'SecretsMountElasticsearchArgsDict']]]] elasticsearches: A nested block containing configuration options for Elasticsearch connections.  
-               *See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountElasticsearchArgs', 'SecretsMountElasticsearchArgsDict']]]] elasticsearches: A nested block containing configuration options for Elasticsearch connections.*See Configuration Options for more info*
         :param pulumi.Input[bool] external_entropy_access: Boolean flag that can be explicitly set to true to enable the secrets engine to access Vault's external entropy source
-        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountHanaArgs', 'SecretsMountHanaArgsDict']]]] hanas: A nested block containing configuration options for SAP HanaDB connections.  
-               *See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountHanaArgs', 'SecretsMountHanaArgsDict']]]] hanas: A nested block containing configuration options for SAP HanaDB connections.*See Configuration Options for more info*
         :param pulumi.Input[str] identity_token_key: The key to use for signing plugin workload identity tokens
-        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountInfluxdbArgs', 'SecretsMountInfluxdbArgsDict']]]] influxdbs: A nested block containing configuration options for InfluxDB connections.  
-               *See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountInfluxdbArgs', 'SecretsMountInfluxdbArgsDict']]]] influxdbs: A nested block containing configuration options for InfluxDB connections.*See Configuration Options for more info*
         :param pulumi.Input[str] listing_visibility: Specifies whether to show this mount in the UI-specific listing endpoint
         :param pulumi.Input[bool] local: Boolean flag that can be explicitly set to true to enforce local mount in HA environment
         :param pulumi.Input[int] max_lease_ttl_seconds: Maximum possible lease duration for tokens and secrets in seconds
-        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountMongodbatlaArgs', 'SecretsMountMongodbatlaArgsDict']]]] mongodbatlas: A nested block containing configuration options for MongoDB Atlas connections.  
-               *See Configuration Options for more info*
-        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountMongodbArgs', 'SecretsMountMongodbArgsDict']]]] mongodbs: A nested block containing configuration options for MongoDB connections.  
-               *See Configuration Options for more info*
-        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountMssqlArgs', 'SecretsMountMssqlArgsDict']]]] mssqls: A nested block containing configuration options for MSSQL connections.  
-               *See Configuration Options for more info*
-        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountMysqlAuroraArgs', 'SecretsMountMysqlAuroraArgsDict']]]] mysql_auroras: A nested block containing configuration options for Aurora MySQL connections.  
-               *See Configuration Options for more info*
-        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountMysqlLegacyArgs', 'SecretsMountMysqlLegacyArgsDict']]]] mysql_legacies: A nested block containing configuration options for legacy MySQL connections.  
-               *See Configuration Options for more info*
-        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountMysqlRdArgs', 'SecretsMountMysqlRdArgsDict']]]] mysql_rds: A nested block containing configuration options for RDS MySQL connections.  
-               *See Configuration Options for more info*
-        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountMysqlArgs', 'SecretsMountMysqlArgsDict']]]] mysqls: A nested block containing configuration options for MySQL connections.  
-               *See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountMongodbatlaArgs', 'SecretsMountMongodbatlaArgsDict']]]] mongodbatlas: A nested block containing configuration options for MongoDB Atlas connections.*See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountMongodbArgs', 'SecretsMountMongodbArgsDict']]]] mongodbs: A nested block containing configuration options for MongoDB connections.*See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountMssqlArgs', 'SecretsMountMssqlArgsDict']]]] mssqls: A nested block containing configuration options for MSSQL connections.*See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountMysqlAuroraArgs', 'SecretsMountMysqlAuroraArgsDict']]]] mysql_auroras: A nested block containing configuration options for Aurora MySQL connections.*See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountMysqlLegacyArgs', 'SecretsMountMysqlLegacyArgsDict']]]] mysql_legacies: A nested block containing configuration options for legacy MySQL connections.*See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountMysqlRdArgs', 'SecretsMountMysqlRdArgsDict']]]] mysql_rds: A nested block containing configuration options for RDS MySQL connections.*See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountMysqlArgs', 'SecretsMountMysqlArgsDict']]]] mysqls: A nested block containing configuration options for MySQL connections.*See Configuration Options for more info*
         :param pulumi.Input[str] namespace: Target namespace. (requires Enterprise)
         :param pulumi.Input[Mapping[str, pulumi.Input[str]]] options: Specifies mount type specific options that are passed to the backend
-        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountOracleArgs', 'SecretsMountOracleArgsDict']]]] oracles: A nested block containing configuration options for Oracle connections.  
-               *See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountOracleArgs', 'SecretsMountOracleArgsDict']]]] oracles: A nested block containing configuration options for Oracle connections.*See Configuration Options for more info*
         :param pulumi.Input[Sequence[pulumi.Input[str]]] passthrough_request_headers: List of headers to allow and pass from the request to the plugin
         :param pulumi.Input[str] path: Where the secret backend will be mounted
         :param pulumi.Input[str] plugin_version: Specifies the semantic version of the plugin to use, e.g. 'v1.0.0'
-        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountPostgresqlArgs', 'SecretsMountPostgresqlArgsDict']]]] postgresqls: A nested block containing configuration options for PostgreSQL connections.  
-               *See Configuration Options for more info*
-        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountRediArgs', 'SecretsMountRediArgsDict']]]] redis: A nested block containing configuration options for Redis connections.  
-               *See Configuration Options for more info*
-        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountRedisElasticachArgs', 'SecretsMountRedisElasticachArgsDict']]]] redis_elasticaches: A nested block containing configuration options for Redis ElastiCache connections.  
-               *See Configuration Options for more info*
-        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountRedshiftArgs', 'SecretsMountRedshiftArgsDict']]]] redshifts: A nested block containing configuration options for AWS Redshift connections.  
-               *See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountPostgresqlArgs', 'SecretsMountPostgresqlArgsDict']]]] postgresqls: A nested block containing configuration options for PostgreSQL connections.*See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountRediArgs', 'SecretsMountRediArgsDict']]]] redis: A nested block containing configuration options for Redis connections.*See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountRedisElasticachArgs', 'SecretsMountRedisElasticachArgsDict']]]] redis_elasticaches: A nested block containing configuration options for Redis ElastiCache connections.*See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountRedshiftArgs', 'SecretsMountRedshiftArgsDict']]]] redshifts: A nested block containing configuration options for AWS Redshift connections.*See Configuration Options for more info*
         :param pulumi.Input[bool] seal_wrap: Boolean flag that can be explicitly set to true to enable seal wrapping for the mount, causing values stored by the mount to be wrapped by the seal's encryption capability
-        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountSnowflakeArgs', 'SecretsMountSnowflakeArgsDict']]]] snowflakes: A nested block containing configuration options for Snowflake connections.  
-               *See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountSnowflakeArgs', 'SecretsMountSnowflakeArgsDict']]]] snowflakes: A nested block containing configuration options for Snowflake connections.*See Configuration Options for more info*
         """
         ...
     @overload
@@ -1663,57 +1573,39 @@ def get(resource_name: str,
         :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_response_headers: List of headers to allow and pass from the request to the plugin
         :param pulumi.Input[Sequence[pulumi.Input[str]]] audit_non_hmac_request_keys: Specifies the list of keys that will not be HMAC'd by audit devices in the request data object.
         :param pulumi.Input[Sequence[pulumi.Input[str]]] audit_non_hmac_response_keys: Specifies the list of keys that will not be HMAC'd by audit devices in the response data object.
-        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountCassandraArgs', 'SecretsMountCassandraArgsDict']]]] cassandras: A nested block containing configuration options for Cassandra connections.  
-               *See Configuration Options for more info*
-        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountCouchbaseArgs', 'SecretsMountCouchbaseArgsDict']]]] couchbases: A nested block containing configuration options for Couchbase connections.  
-               *See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountCassandraArgs', 'SecretsMountCassandraArgsDict']]]] cassandras: A nested block containing configuration options for Cassandra connections.*See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountCouchbaseArgs', 'SecretsMountCouchbaseArgsDict']]]] couchbases: A nested block containing configuration options for Couchbase connections.*See Configuration Options for more info*
         :param pulumi.Input[int] default_lease_ttl_seconds: Default lease duration for tokens and secrets in seconds
         :param pulumi.Input[Sequence[pulumi.Input[str]]] delegated_auth_accessors: List of headers to allow and pass from the request to the plugin
         :param pulumi.Input[str] description: Human-friendly description of the mount
-        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountElasticsearchArgs', 'SecretsMountElasticsearchArgsDict']]]] elasticsearches: A nested block containing configuration options for Elasticsearch connections.  
-               *See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountElasticsearchArgs', 'SecretsMountElasticsearchArgsDict']]]] elasticsearches: A nested block containing configuration options for Elasticsearch connections.*See Configuration Options for more info*
         :param pulumi.Input[int] engine_count: The total number of database secrets engines configured.
         :param pulumi.Input[bool] external_entropy_access: Boolean flag that can be explicitly set to true to enable the secrets engine to access Vault's external entropy source
-        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountHanaArgs', 'SecretsMountHanaArgsDict']]]] hanas: A nested block containing configuration options for SAP HanaDB connections.  
-               *See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountHanaArgs', 'SecretsMountHanaArgsDict']]]] hanas: A nested block containing configuration options for SAP HanaDB connections.*See Configuration Options for more info*
         :param pulumi.Input[str] identity_token_key: The key to use for signing plugin workload identity tokens
-        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountInfluxdbArgs', 'SecretsMountInfluxdbArgsDict']]]] influxdbs: A nested block containing configuration options for InfluxDB connections.  
-               *See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountInfluxdbArgs', 'SecretsMountInfluxdbArgsDict']]]] influxdbs: A nested block containing configuration options for InfluxDB connections.*See Configuration Options for more info*
         :param pulumi.Input[str] listing_visibility: Specifies whether to show this mount in the UI-specific listing endpoint
         :param pulumi.Input[bool] local: Boolean flag that can be explicitly set to true to enforce local mount in HA environment
         :param pulumi.Input[int] max_lease_ttl_seconds: Maximum possible lease duration for tokens and secrets in seconds
-        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountMongodbatlaArgs', 'SecretsMountMongodbatlaArgsDict']]]] mongodbatlas: A nested block containing configuration options for MongoDB Atlas connections.  
-               *See Configuration Options for more info*
-        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountMongodbArgs', 'SecretsMountMongodbArgsDict']]]] mongodbs: A nested block containing configuration options for MongoDB connections.  
-               *See Configuration Options for more info*
-        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountMssqlArgs', 'SecretsMountMssqlArgsDict']]]] mssqls: A nested block containing configuration options for MSSQL connections.  
-               *See Configuration Options for more info*
-        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountMysqlAuroraArgs', 'SecretsMountMysqlAuroraArgsDict']]]] mysql_auroras: A nested block containing configuration options for Aurora MySQL connections.  
-               *See Configuration Options for more info*
-        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountMysqlLegacyArgs', 'SecretsMountMysqlLegacyArgsDict']]]] mysql_legacies: A nested block containing configuration options for legacy MySQL connections.  
-               *See Configuration Options for more info*
-        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountMysqlRdArgs', 'SecretsMountMysqlRdArgsDict']]]] mysql_rds: A nested block containing configuration options for RDS MySQL connections.  
-               *See Configuration Options for more info*
-        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountMysqlArgs', 'SecretsMountMysqlArgsDict']]]] mysqls: A nested block containing configuration options for MySQL connections.  
-               *See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountMongodbatlaArgs', 'SecretsMountMongodbatlaArgsDict']]]] mongodbatlas: A nested block containing configuration options for MongoDB Atlas connections.*See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountMongodbArgs', 'SecretsMountMongodbArgsDict']]]] mongodbs: A nested block containing configuration options for MongoDB connections.*See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountMssqlArgs', 'SecretsMountMssqlArgsDict']]]] mssqls: A nested block containing configuration options for MSSQL connections.*See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountMysqlAuroraArgs', 'SecretsMountMysqlAuroraArgsDict']]]] mysql_auroras: A nested block containing configuration options for Aurora MySQL connections.*See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountMysqlLegacyArgs', 'SecretsMountMysqlLegacyArgsDict']]]] mysql_legacies: A nested block containing configuration options for legacy MySQL connections.*See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountMysqlRdArgs', 'SecretsMountMysqlRdArgsDict']]]] mysql_rds: A nested block containing configuration options for RDS MySQL connections.*See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountMysqlArgs', 'SecretsMountMysqlArgsDict']]]] mysqls: A nested block containing configuration options for MySQL connections.*See Configuration Options for more info*
         :param pulumi.Input[str] namespace: Target namespace. (requires Enterprise)
         :param pulumi.Input[Mapping[str, pulumi.Input[str]]] options: Specifies mount type specific options that are passed to the backend
-        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountOracleArgs', 'SecretsMountOracleArgsDict']]]] oracles: A nested block containing configuration options for Oracle connections.  
-               *See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountOracleArgs', 'SecretsMountOracleArgsDict']]]] oracles: A nested block containing configuration options for Oracle connections.*See Configuration Options for more info*
         :param pulumi.Input[Sequence[pulumi.Input[str]]] passthrough_request_headers: List of headers to allow and pass from the request to the plugin
         :param pulumi.Input[str] path: Where the secret backend will be mounted
         :param pulumi.Input[str] plugin_version: Specifies the semantic version of the plugin to use, e.g. 'v1.0.0'
-        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountPostgresqlArgs', 'SecretsMountPostgresqlArgsDict']]]] postgresqls: A nested block containing configuration options for PostgreSQL connections.  
-               *See Configuration Options for more info*
-        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountRediArgs', 'SecretsMountRediArgsDict']]]] redis: A nested block containing configuration options for Redis connections.  
-               *See Configuration Options for more info*
-        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountRedisElasticachArgs', 'SecretsMountRedisElasticachArgsDict']]]] redis_elasticaches: A nested block containing configuration options for Redis ElastiCache connections.  
-               *See Configuration Options for more info*
-        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountRedshiftArgs', 'SecretsMountRedshiftArgsDict']]]] redshifts: A nested block containing configuration options for AWS Redshift connections.  
-               *See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountPostgresqlArgs', 'SecretsMountPostgresqlArgsDict']]]] postgresqls: A nested block containing configuration options for PostgreSQL connections.*See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountRediArgs', 'SecretsMountRediArgsDict']]]] redis: A nested block containing configuration options for Redis connections.*See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountRedisElasticachArgs', 'SecretsMountRedisElasticachArgsDict']]]] redis_elasticaches: A nested block containing configuration options for Redis ElastiCache connections.*See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountRedshiftArgs', 'SecretsMountRedshiftArgsDict']]]] redshifts: A nested block containing configuration options for AWS Redshift connections.*See Configuration Options for more info*
         :param pulumi.Input[bool] seal_wrap: Boolean flag that can be explicitly set to true to enable seal wrapping for the mount, causing values stored by the mount to be wrapped by the seal's encryption capability
-        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountSnowflakeArgs', 'SecretsMountSnowflakeArgsDict']]]] snowflakes: A nested block containing configuration options for Snowflake connections.  
-               *See Configuration Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretsMountSnowflakeArgs', 'SecretsMountSnowflakeArgsDict']]]] snowflakes: A nested block containing configuration options for Snowflake connections.*See Configuration Options for more info*
         """
         opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
 
@@ -1805,8 +1697,7 @@ def audit_non_hmac_response_keys(self) -> pulumi.Output[Sequence[str]]:
     @pulumi.getter
     def cassandras(self) -> pulumi.Output[Optional[Sequence['outputs.SecretsMountCassandra']]]:
         """
-        A nested block containing configuration options for Cassandra connections.  
-        *See Configuration Options for more info*
+        A nested block containing configuration options for Cassandra connections.*See Configuration Options for more info*
         """
         return pulumi.get(self, "cassandras")
 
@@ -1814,8 +1705,7 @@ def cassandras(self) -> pulumi.Output[Optional[Sequence['outputs.SecretsMountCas
     @pulumi.getter
     def couchbases(self) -> pulumi.Output[Optional[Sequence['outputs.SecretsMountCouchbase']]]:
         """
-        A nested block containing configuration options for Couchbase connections.  
-        *See Configuration Options for more info*
+        A nested block containing configuration options for Couchbase connections.*See Configuration Options for more info*
         """
         return pulumi.get(self, "couchbases")
 
@@ -1847,8 +1737,7 @@ def description(self) -> pulumi.Output[Optional[str]]:
     @pulumi.getter
     def elasticsearches(self) -> pulumi.Output[Optional[Sequence['outputs.SecretsMountElasticsearch']]]:
         """
-        A nested block containing configuration options for Elasticsearch connections.  
-        *See Configuration Options for more info*
+        A nested block containing configuration options for Elasticsearch connections.*See Configuration Options for more info*
         """
         return pulumi.get(self, "elasticsearches")
 
@@ -1872,8 +1761,7 @@ def external_entropy_access(self) -> pulumi.Output[Optional[bool]]:
     @pulumi.getter
     def hanas(self) -> pulumi.Output[Optional[Sequence['outputs.SecretsMountHana']]]:
         """
-        A nested block containing configuration options for SAP HanaDB connections.  
-        *See Configuration Options for more info*
+        A nested block containing configuration options for SAP HanaDB connections.*See Configuration Options for more info*
         """
         return pulumi.get(self, "hanas")
 
@@ -1889,8 +1777,7 @@ def identity_token_key(self) -> pulumi.Output[Optional[str]]:
     @pulumi.getter
     def influxdbs(self) -> pulumi.Output[Optional[Sequence['outputs.SecretsMountInfluxdb']]]:
         """
-        A nested block containing configuration options for InfluxDB connections.  
-        *See Configuration Options for more info*
+        A nested block containing configuration options for InfluxDB connections.*See Configuration Options for more info*
         """
         return pulumi.get(self, "influxdbs")
 
@@ -1922,8 +1809,7 @@ def max_lease_ttl_seconds(self) -> pulumi.Output[int]:
     @pulumi.getter
     def mongodbatlas(self) -> pulumi.Output[Optional[Sequence['outputs.SecretsMountMongodbatla']]]:
         """
-        A nested block containing configuration options for MongoDB Atlas connections.  
-        *See Configuration Options for more info*
+        A nested block containing configuration options for MongoDB Atlas connections.*See Configuration Options for more info*
         """
         return pulumi.get(self, "mongodbatlas")
 
@@ -1931,8 +1817,7 @@ def mongodbatlas(self) -> pulumi.Output[Optional[Sequence['outputs.SecretsMountM
     @pulumi.getter
     def mongodbs(self) -> pulumi.Output[Optional[Sequence['outputs.SecretsMountMongodb']]]:
         """
-        A nested block containing configuration options for MongoDB connections.  
-        *See Configuration Options for more info*
+        A nested block containing configuration options for MongoDB connections.*See Configuration Options for more info*
         """
         return pulumi.get(self, "mongodbs")
 
@@ -1940,8 +1825,7 @@ def mongodbs(self) -> pulumi.Output[Optional[Sequence['outputs.SecretsMountMongo
     @pulumi.getter
     def mssqls(self) -> pulumi.Output[Optional[Sequence['outputs.SecretsMountMssql']]]:
         """
-        A nested block containing configuration options for MSSQL connections.  
-        *See Configuration Options for more info*
+        A nested block containing configuration options for MSSQL connections.*See Configuration Options for more info*
         """
         return pulumi.get(self, "mssqls")
 
@@ -1949,8 +1833,7 @@ def mssqls(self) -> pulumi.Output[Optional[Sequence['outputs.SecretsMountMssql']
     @pulumi.getter(name="mysqlAuroras")
     def mysql_auroras(self) -> pulumi.Output[Optional[Sequence['outputs.SecretsMountMysqlAurora']]]:
         """
-        A nested block containing configuration options for Aurora MySQL connections.  
-        *See Configuration Options for more info*
+        A nested block containing configuration options for Aurora MySQL connections.*See Configuration Options for more info*
         """
         return pulumi.get(self, "mysql_auroras")
 
@@ -1958,8 +1841,7 @@ def mysql_auroras(self) -> pulumi.Output[Optional[Sequence['outputs.SecretsMount
     @pulumi.getter(name="mysqlLegacies")
     def mysql_legacies(self) -> pulumi.Output[Optional[Sequence['outputs.SecretsMountMysqlLegacy']]]:
         """
-        A nested block containing configuration options for legacy MySQL connections.  
-        *See Configuration Options for more info*
+        A nested block containing configuration options for legacy MySQL connections.*See Configuration Options for more info*
         """
         return pulumi.get(self, "mysql_legacies")
 
@@ -1967,8 +1849,7 @@ def mysql_legacies(self) -> pulumi.Output[Optional[Sequence['outputs.SecretsMoun
     @pulumi.getter(name="mysqlRds")
     def mysql_rds(self) -> pulumi.Output[Optional[Sequence['outputs.SecretsMountMysqlRd']]]:
         """
-        A nested block containing configuration options for RDS MySQL connections.  
-        *See Configuration Options for more info*
+        A nested block containing configuration options for RDS MySQL connections.*See Configuration Options for more info*
         """
         return pulumi.get(self, "mysql_rds")
 
@@ -1976,8 +1857,7 @@ def mysql_rds(self) -> pulumi.Output[Optional[Sequence['outputs.SecretsMountMysq
     @pulumi.getter
     def mysqls(self) -> pulumi.Output[Optional[Sequence['outputs.SecretsMountMysql']]]:
         """
-        A nested block containing configuration options for MySQL connections.  
-        *See Configuration Options for more info*
+        A nested block containing configuration options for MySQL connections.*See Configuration Options for more info*
         """
         return pulumi.get(self, "mysqls")
 
@@ -2001,8 +1881,7 @@ def options(self) -> pulumi.Output[Optional[Mapping[str, str]]]:
     @pulumi.getter
     def oracles(self) -> pulumi.Output[Optional[Sequence['outputs.SecretsMountOracle']]]:
         """
-        A nested block containing configuration options for Oracle connections.  
-        *See Configuration Options for more info*
+        A nested block containing configuration options for Oracle connections.*See Configuration Options for more info*
         """
         return pulumi.get(self, "oracles")
 
@@ -2034,8 +1913,7 @@ def plugin_version(self) -> pulumi.Output[Optional[str]]:
     @pulumi.getter
     def postgresqls(self) -> pulumi.Output[Optional[Sequence['outputs.SecretsMountPostgresql']]]:
         """
-        A nested block containing configuration options for PostgreSQL connections.  
-        *See Configuration Options for more info*
+        A nested block containing configuration options for PostgreSQL connections.*See Configuration Options for more info*
         """
         return pulumi.get(self, "postgresqls")
 
@@ -2043,8 +1921,7 @@ def postgresqls(self) -> pulumi.Output[Optional[Sequence['outputs.SecretsMountPo
     @pulumi.getter
     def redis(self) -> pulumi.Output[Optional[Sequence['outputs.SecretsMountRedi']]]:
         """
-        A nested block containing configuration options for Redis connections.  
-        *See Configuration Options for more info*
+        A nested block containing configuration options for Redis connections.*See Configuration Options for more info*
         """
         return pulumi.get(self, "redis")
 
@@ -2052,8 +1929,7 @@ def redis(self) -> pulumi.Output[Optional[Sequence['outputs.SecretsMountRedi']]]
     @pulumi.getter(name="redisElasticaches")
     def redis_elasticaches(self) -> pulumi.Output[Optional[Sequence['outputs.SecretsMountRedisElasticach']]]:
         """
-        A nested block containing configuration options for Redis ElastiCache connections.  
-        *See Configuration Options for more info*
+        A nested block containing configuration options for Redis ElastiCache connections.*See Configuration Options for more info*
         """
         return pulumi.get(self, "redis_elasticaches")
 
@@ -2061,8 +1937,7 @@ def redis_elasticaches(self) -> pulumi.Output[Optional[Sequence['outputs.Secrets
     @pulumi.getter
     def redshifts(self) -> pulumi.Output[Optional[Sequence['outputs.SecretsMountRedshift']]]:
         """
-        A nested block containing configuration options for AWS Redshift connections.  
-        *See Configuration Options for more info*
+        A nested block containing configuration options for AWS Redshift connections.*See Configuration Options for more info*
         """
         return pulumi.get(self, "redshifts")
 
@@ -2078,8 +1953,7 @@ def seal_wrap(self) -> pulumi.Output[bool]:
     @pulumi.getter
     def snowflakes(self) -> pulumi.Output[Optional[Sequence['outputs.SecretsMountSnowflake']]]:
         """
-        A nested block containing configuration options for Snowflake connections.  
-        *See Configuration Options for more info*
+        A nested block containing configuration options for Snowflake connections.*See Configuration Options for more info*
         """
         return pulumi.get(self, "snowflakes")
 
diff --git a/sdk/python/pulumi_vault/gcp/_inputs.py b/sdk/python/pulumi_vault/gcp/_inputs.py
index a967ad5a8..914414589 100644
--- a/sdk/python/pulumi_vault/gcp/_inputs.py
+++ b/sdk/python/pulumi_vault/gcp/_inputs.py
@@ -124,7 +124,6 @@ def __init__(__self__, *,
         :param pulumi.Input[str] token_type: Specifies the type of tokens that should be returned by
                the mount. Valid values are "default-service", "default-batch", "service", "batch".
                
-               
                For more details on the usage of each argument consult the [Vault GCP API documentation](https://www.vaultproject.io/api-docs/auth/gcp#configure).
         """
         if allowed_response_headers is not None:
@@ -244,7 +243,6 @@ def token_type(self) -> Optional[pulumi.Input[str]]:
         Specifies the type of tokens that should be returned by
         the mount. Valid values are "default-service", "default-batch", "service", "batch".
 
-
         For more details on the usage of each argument consult the [Vault GCP API documentation](https://www.vaultproject.io/api-docs/auth/gcp#configure).
         """
         return pulumi.get(self, "token_type")
diff --git a/sdk/python/pulumi_vault/gcp/outputs.py b/sdk/python/pulumi_vault/gcp/outputs.py
index e3e4bf621..5decf9e06 100644
--- a/sdk/python/pulumi_vault/gcp/outputs.py
+++ b/sdk/python/pulumi_vault/gcp/outputs.py
@@ -139,7 +139,6 @@ def __init__(__self__, *,
         :param str token_type: Specifies the type of tokens that should be returned by
                the mount. Valid values are "default-service", "default-batch", "service", "batch".
                
-               
                For more details on the usage of each argument consult the [Vault GCP API documentation](https://www.vaultproject.io/api-docs/auth/gcp#configure).
         """
         if allowed_response_headers is not None:
@@ -231,7 +230,6 @@ def token_type(self) -> Optional[str]:
         Specifies the type of tokens that should be returned by
         the mount. Valid values are "default-service", "default-batch", "service", "batch".
 
-
         For more details on the usage of each argument consult the [Vault GCP API documentation](https://www.vaultproject.io/api-docs/auth/gcp#configure).
         """
         return pulumi.get(self, "token_type")
diff --git a/sdk/python/pulumi_vault/get_nomad_access_token.py b/sdk/python/pulumi_vault/get_nomad_access_token.py
index 430677027..6408c5d4c 100644
--- a/sdk/python/pulumi_vault/get_nomad_access_token.py
+++ b/sdk/python/pulumi_vault/get_nomad_access_token.py
@@ -45,7 +45,7 @@ def __init__(__self__, accessor_id=None, backend=None, id=None, namespace=None,
     @pulumi.getter(name="accessorId")
     def accessor_id(self) -> str:
         """
-        The public identifier for a specific token. It can be used 
+        The public identifier for a specific token. It can be used
         to look up information about a token or to revoke a token.
         """
         return pulumi.get(self, "accessor_id")
diff --git a/sdk/python/pulumi_vault/identity/get_oidc_openid_config.py b/sdk/python/pulumi_vault/identity/get_oidc_openid_config.py
index 50954b459..386002bbc 100644
--- a/sdk/python/pulumi_vault/identity/get_oidc_openid_config.py
+++ b/sdk/python/pulumi_vault/identity/get_oidc_openid_config.py
@@ -96,7 +96,7 @@ def id(self) -> str:
     @pulumi.getter(name="idTokenSigningAlgValuesSupporteds")
     def id_token_signing_alg_values_supporteds(self) -> Sequence[str]:
         """
-        The signing algorithms supported by 
+        The signing algorithms supported by
         the provider.
         """
         return pulumi.get(self, "id_token_signing_alg_values_supporteds")
@@ -131,7 +131,7 @@ def namespace(self) -> Optional[str]:
     @pulumi.getter(name="requestUriParameterSupported")
     def request_uri_parameter_supported(self) -> bool:
         """
-        Specifies whether Request URI Parameter is 
+        Specifies whether Request URI Parameter is
         supported by the provider.
         """
         return pulumi.get(self, "request_uri_parameter_supported")
diff --git a/sdk/python/pulumi_vault/identity/get_oidc_public_keys.py b/sdk/python/pulumi_vault/identity/get_oidc_public_keys.py
index 882413859..c55738e4e 100644
--- a/sdk/python/pulumi_vault/identity/get_oidc_public_keys.py
+++ b/sdk/python/pulumi_vault/identity/get_oidc_public_keys.py
@@ -47,7 +47,7 @@ def id(self) -> str:
     @pulumi.getter
     def keys(self) -> Sequence[Mapping[str, str]]:
         """
-        The public portion of keys for an OIDC provider. 
+        The public portion of keys for an OIDC provider.
         Clients can use them to validate the authenticity of an identity token.
         """
         return pulumi.get(self, "keys")
diff --git a/sdk/python/pulumi_vault/identity/group_member_group_ids.py b/sdk/python/pulumi_vault/identity/group_member_group_ids.py
index 38a7a719b..0244f5072 100644
--- a/sdk/python/pulumi_vault/identity/group_member_group_ids.py
+++ b/sdk/python/pulumi_vault/identity/group_member_group_ids.py
@@ -205,6 +205,15 @@ def __init__(__self__,
                  namespace: Optional[pulumi.Input[str]] = None,
                  __props__=None):
         """
+        layout: "vault"
+        page_title: "Vault: identity.GroupMemberGroupIds resource"
+        sidebar_current: "docs-vault-resource-identity-group-member-group-ids"
+        description: |-
+        Manages member groups for an Identity Group for Vault.
+        
+
+        # vault\\_identity\\_group\\_member\\_group\\_ids
+
         Manages member groups for an Identity Group for Vault. The
         [Identity secrets engine](https://www.vaultproject.io/docs/secrets/identity/index.html)
         is the identity management solution for Vault.
@@ -283,6 +292,15 @@ def __init__(__self__,
                  args: GroupMemberGroupIdsArgs,
                  opts: Optional[pulumi.ResourceOptions] = None):
         """
+        layout: "vault"
+        page_title: "Vault: identity.GroupMemberGroupIds resource"
+        sidebar_current: "docs-vault-resource-identity-group-member-group-ids"
+        description: |-
+        Manages member groups for an Identity Group for Vault.
+        
+
+        # vault\\_identity\\_group\\_member\\_group\\_ids
+
         Manages member groups for an Identity Group for Vault. The
         [Identity secrets engine](https://www.vaultproject.io/docs/secrets/identity/index.html)
         is the identity management solution for Vault.
diff --git a/sdk/python/pulumi_vault/identity/oidc_client.py b/sdk/python/pulumi_vault/identity/oidc_client.py
index c34f04de5..3b2eb9eeb 100644
--- a/sdk/python/pulumi_vault/identity/oidc_client.py
+++ b/sdk/python/pulumi_vault/identity/oidc_client.py
@@ -28,7 +28,7 @@ def __init__(__self__, *,
         :param pulumi.Input[Sequence[pulumi.Input[str]]] assignments: A list of assignment resources associated with the client.
         :param pulumi.Input[str] client_type: The client type based on its ability to maintain confidentiality of credentials.
                The following client types are supported: `confidential`, `public`. Defaults to `confidential`.
-        :param pulumi.Input[int] id_token_ttl: The time-to-live for ID tokens obtained by the client. 
+        :param pulumi.Input[int] id_token_ttl: The time-to-live for ID tokens obtained by the client.
                The value should be less than the `verification_ttl` on the key.
         :param pulumi.Input[str] key: A reference to a named key resource in Vault.
                This cannot be modified after creation. If not provided, the `default`
@@ -38,7 +38,7 @@ def __init__(__self__, *,
                The value should not contain leading or trailing forward slashes.
                The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] redirect_uris: Redirection URI values used by the client. 
+        :param pulumi.Input[Sequence[pulumi.Input[str]]] redirect_uris: Redirection URI values used by the client.
                One of these values must exactly match the `redirect_uri` parameter value
                used in each authentication request.
         """
@@ -100,7 +100,7 @@ def client_type(self, value: Optional[pulumi.Input[str]]):
     @pulumi.getter(name="idTokenTtl")
     def id_token_ttl(self) -> Optional[pulumi.Input[int]]:
         """
-        The time-to-live for ID tokens obtained by the client. 
+        The time-to-live for ID tokens obtained by the client.
         The value should be less than the `verification_ttl` on the key.
         """
         return pulumi.get(self, "id_token_ttl")
@@ -154,7 +154,7 @@ def namespace(self, value: Optional[pulumi.Input[str]]):
     @pulumi.getter(name="redirectUris")
     def redirect_uris(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
         """
-        Redirection URI values used by the client. 
+        Redirection URI values used by the client.
         One of these values must exactly match the `redirect_uri` parameter value
         used in each authentication request.
         """
@@ -187,7 +187,7 @@ def __init__(__self__, *,
                For public OpenID Clients `client_secret` is set to an empty string `""`
         :param pulumi.Input[str] client_type: The client type based on its ability to maintain confidentiality of credentials.
                The following client types are supported: `confidential`, `public`. Defaults to `confidential`.
-        :param pulumi.Input[int] id_token_ttl: The time-to-live for ID tokens obtained by the client. 
+        :param pulumi.Input[int] id_token_ttl: The time-to-live for ID tokens obtained by the client.
                The value should be less than the `verification_ttl` on the key.
         :param pulumi.Input[str] key: A reference to a named key resource in Vault.
                This cannot be modified after creation. If not provided, the `default`
@@ -197,7 +197,7 @@ def __init__(__self__, *,
                The value should not contain leading or trailing forward slashes.
                The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] redirect_uris: Redirection URI values used by the client. 
+        :param pulumi.Input[Sequence[pulumi.Input[str]]] redirect_uris: Redirection URI values used by the client.
                One of these values must exactly match the `redirect_uri` parameter value
                used in each authentication request.
         """
@@ -288,7 +288,7 @@ def client_type(self, value: Optional[pulumi.Input[str]]):
     @pulumi.getter(name="idTokenTtl")
     def id_token_ttl(self) -> Optional[pulumi.Input[int]]:
         """
-        The time-to-live for ID tokens obtained by the client. 
+        The time-to-live for ID tokens obtained by the client.
         The value should be less than the `verification_ttl` on the key.
         """
         return pulumi.get(self, "id_token_ttl")
@@ -342,7 +342,7 @@ def namespace(self, value: Optional[pulumi.Input[str]]):
     @pulumi.getter(name="redirectUris")
     def redirect_uris(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
         """
-        Redirection URI values used by the client. 
+        Redirection URI values used by the client.
         One of these values must exactly match the `redirect_uri` parameter value
         used in each authentication request.
         """
@@ -407,7 +407,7 @@ def __init__(__self__,
         :param pulumi.Input[Sequence[pulumi.Input[str]]] assignments: A list of assignment resources associated with the client.
         :param pulumi.Input[str] client_type: The client type based on its ability to maintain confidentiality of credentials.
                The following client types are supported: `confidential`, `public`. Defaults to `confidential`.
-        :param pulumi.Input[int] id_token_ttl: The time-to-live for ID tokens obtained by the client. 
+        :param pulumi.Input[int] id_token_ttl: The time-to-live for ID tokens obtained by the client.
                The value should be less than the `verification_ttl` on the key.
         :param pulumi.Input[str] key: A reference to a named key resource in Vault.
                This cannot be modified after creation. If not provided, the `default`
@@ -417,7 +417,7 @@ def __init__(__self__,
                The value should not contain leading or trailing forward slashes.
                The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] redirect_uris: Redirection URI values used by the client. 
+        :param pulumi.Input[Sequence[pulumi.Input[str]]] redirect_uris: Redirection URI values used by the client.
                One of these values must exactly match the `redirect_uri` parameter value
                used in each authentication request.
         """
@@ -539,7 +539,7 @@ def get(resource_name: str,
                For public OpenID Clients `client_secret` is set to an empty string `""`
         :param pulumi.Input[str] client_type: The client type based on its ability to maintain confidentiality of credentials.
                The following client types are supported: `confidential`, `public`. Defaults to `confidential`.
-        :param pulumi.Input[int] id_token_ttl: The time-to-live for ID tokens obtained by the client. 
+        :param pulumi.Input[int] id_token_ttl: The time-to-live for ID tokens obtained by the client.
                The value should be less than the `verification_ttl` on the key.
         :param pulumi.Input[str] key: A reference to a named key resource in Vault.
                This cannot be modified after creation. If not provided, the `default`
@@ -549,7 +549,7 @@ def get(resource_name: str,
                The value should not contain leading or trailing forward slashes.
                The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] redirect_uris: Redirection URI values used by the client. 
+        :param pulumi.Input[Sequence[pulumi.Input[str]]] redirect_uris: Redirection URI values used by the client.
                One of these values must exactly match the `redirect_uri` parameter value
                used in each authentication request.
         """
@@ -615,7 +615,7 @@ def client_type(self) -> pulumi.Output[str]:
     @pulumi.getter(name="idTokenTtl")
     def id_token_ttl(self) -> pulumi.Output[int]:
         """
-        The time-to-live for ID tokens obtained by the client. 
+        The time-to-live for ID tokens obtained by the client.
         The value should be less than the `verification_ttl` on the key.
         """
         return pulumi.get(self, "id_token_ttl")
@@ -653,7 +653,7 @@ def namespace(self) -> pulumi.Output[Optional[str]]:
     @pulumi.getter(name="redirectUris")
     def redirect_uris(self) -> pulumi.Output[Optional[Sequence[str]]]:
         """
-        Redirection URI values used by the client. 
+        Redirection URI values used by the client.
         One of these values must exactly match the `redirect_uri` parameter value
         used in each authentication request.
         """
diff --git a/sdk/python/pulumi_vault/identity/oidc_provider.py b/sdk/python/pulumi_vault/identity/oidc_provider.py
index 943521fcb..b8a560d69 100644
--- a/sdk/python/pulumi_vault/identity/oidc_provider.py
+++ b/sdk/python/pulumi_vault/identity/oidc_provider.py
@@ -22,7 +22,7 @@ def __init__(__self__, *,
                  scopes_supporteds: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None):
         """
         The set of arguments for constructing a OidcProvider resource.
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_client_ids: The client IDs that are permitted to use the provider. 
+        :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_client_ids: The client IDs that are permitted to use the provider.
                If empty, no clients are allowed. If `*`, all clients are allowed.
         :param pulumi.Input[bool] https_enabled: Set to true if the issuer endpoint uses HTTPS.
         :param pulumi.Input[str] issuer_host: The host for the issuer. Can be either host or host:port.
@@ -50,7 +50,7 @@ def __init__(__self__, *,
     @pulumi.getter(name="allowedClientIds")
     def allowed_client_ids(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
         """
-        The client IDs that are permitted to use the provider. 
+        The client IDs that are permitted to use the provider.
         If empty, no clients are allowed. If `*`, all clients are allowed.
         """
         return pulumi.get(self, "allowed_client_ids")
@@ -135,7 +135,7 @@ def __init__(__self__, *,
                  scopes_supporteds: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None):
         """
         Input properties used for looking up and filtering OidcProvider resources.
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_client_ids: The client IDs that are permitted to use the provider. 
+        :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_client_ids: The client IDs that are permitted to use the provider.
                If empty, no clients are allowed. If `*`, all clients are allowed.
         :param pulumi.Input[bool] https_enabled: Set to true if the issuer endpoint uses HTTPS.
         :param pulumi.Input[str] issuer: Specifies what will be used as the `scheme://host:port`
@@ -168,7 +168,7 @@ def __init__(__self__, *,
     @pulumi.getter(name="allowedClientIds")
     def allowed_client_ids(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
         """
-        The client IDs that are permitted to use the provider. 
+        The client IDs that are permitted to use the provider.
         If empty, no clients are allowed. If `*`, all clients are allowed.
         """
         return pulumi.get(self, "allowed_client_ids")
@@ -322,7 +322,7 @@ def __init__(__self__,
 
         :param str resource_name: The name of the resource.
         :param pulumi.ResourceOptions opts: Options for the resource.
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_client_ids: The client IDs that are permitted to use the provider. 
+        :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_client_ids: The client IDs that are permitted to use the provider.
                If empty, no clients are allowed. If `*`, all clients are allowed.
         :param pulumi.Input[bool] https_enabled: Set to true if the issuer endpoint uses HTTPS.
         :param pulumi.Input[str] issuer_host: The host for the issuer. Can be either host or host:port.
@@ -453,7 +453,7 @@ def get(resource_name: str,
         :param str resource_name: The unique name of the resulting resource.
         :param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
         :param pulumi.ResourceOptions opts: Options for the resource.
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_client_ids: The client IDs that are permitted to use the provider. 
+        :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_client_ids: The client IDs that are permitted to use the provider.
                If empty, no clients are allowed. If `*`, all clients are allowed.
         :param pulumi.Input[bool] https_enabled: Set to true if the issuer endpoint uses HTTPS.
         :param pulumi.Input[str] issuer: Specifies what will be used as the `scheme://host:port`
@@ -484,7 +484,7 @@ def get(resource_name: str,
     @pulumi.getter(name="allowedClientIds")
     def allowed_client_ids(self) -> pulumi.Output[Optional[Sequence[str]]]:
         """
-        The client IDs that are permitted to use the provider. 
+        The client IDs that are permitted to use the provider.
         If empty, no clients are allowed. If `*`, all clients are allowed.
         """
         return pulumi.get(self, "allowed_client_ids")
diff --git a/sdk/python/pulumi_vault/jwt/auth_backend_role.py b/sdk/python/pulumi_vault/jwt/auth_backend_role.py
index 60efef198..146719391 100644
--- a/sdk/python/pulumi_vault/jwt/auth_backend_role.py
+++ b/sdk/python/pulumi_vault/jwt/auth_backend_role.py
@@ -76,7 +76,7 @@ def __init__(__self__, *,
                the set of groups to which the user belongs; this will be used as the names
                for the Identity group aliases created due to a successful login. The claim
                value must be a list of strings.
-        :param pulumi.Input[int] max_age: Specifies the allowable elapsed time in seconds since the last time 
+        :param pulumi.Input[int] max_age: Specifies the allowable elapsed time in seconds since the last time
                the user was actively authenticated with the OIDC provider.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
@@ -340,7 +340,7 @@ def groups_claim(self, value: Optional[pulumi.Input[str]]):
     @pulumi.getter(name="maxAge")
     def max_age(self) -> Optional[pulumi.Input[int]]:
         """
-        Specifies the allowable elapsed time in seconds since the last time 
+        Specifies the allowable elapsed time in seconds since the last time
         the user was actively authenticated with the OIDC provider.
         """
         return pulumi.get(self, "max_age")
@@ -602,7 +602,7 @@ def __init__(__self__, *,
                the set of groups to which the user belongs; this will be used as the names
                for the Identity group aliases created due to a successful login. The claim
                value must be a list of strings.
-        :param pulumi.Input[int] max_age: Specifies the allowable elapsed time in seconds since the last time 
+        :param pulumi.Input[int] max_age: Specifies the allowable elapsed time in seconds since the last time
                the user was actively authenticated with the OIDC provider.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
@@ -846,7 +846,7 @@ def groups_claim(self, value: Optional[pulumi.Input[str]]):
     @pulumi.getter(name="maxAge")
     def max_age(self) -> Optional[pulumi.Input[int]]:
         """
-        Specifies the allowable elapsed time in seconds since the last time 
+        Specifies the allowable elapsed time in seconds since the last time
         the user was actively authenticated with the OIDC provider.
         """
         return pulumi.get(self, "max_age")
@@ -1197,7 +1197,7 @@ def __init__(__self__,
                the set of groups to which the user belongs; this will be used as the names
                for the Identity group aliases created due to a successful login. The claim
                value must be a list of strings.
-        :param pulumi.Input[int] max_age: Specifies the allowable elapsed time in seconds since the last time 
+        :param pulumi.Input[int] max_age: Specifies the allowable elapsed time in seconds since the last time
                the user was actively authenticated with the OIDC provider.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
@@ -1455,7 +1455,7 @@ def get(resource_name: str,
                the set of groups to which the user belongs; this will be used as the names
                for the Identity group aliases created due to a successful login. The claim
                value must be a list of strings.
-        :param pulumi.Input[int] max_age: Specifies the allowable elapsed time in seconds since the last time 
+        :param pulumi.Input[int] max_age: Specifies the allowable elapsed time in seconds since the last time
                the user was actively authenticated with the OIDC provider.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
@@ -1631,7 +1631,7 @@ def groups_claim(self) -> pulumi.Output[Optional[str]]:
     @pulumi.getter(name="maxAge")
     def max_age(self) -> pulumi.Output[Optional[int]]:
         """
-        Specifies the allowable elapsed time in seconds since the last time 
+        Specifies the allowable elapsed time in seconds since the last time
         the user was actively authenticated with the OIDC provider.
         """
         return pulumi.get(self, "max_age")
diff --git a/sdk/python/pulumi_vault/kubernetes/get_service_account_token.py b/sdk/python/pulumi_vault/kubernetes/get_service_account_token.py
index 466742fee..0eb3ca58a 100644
--- a/sdk/python/pulumi_vault/kubernetes/get_service_account_token.py
+++ b/sdk/python/pulumi_vault/kubernetes/get_service_account_token.py
@@ -215,19 +215,19 @@ def get_service_account_token(backend: Optional[str] = None,
     ```
 
 
-    :param str backend: The Kubernetes secret backend to generate service account 
+    :param str backend: The Kubernetes secret backend to generate service account
            tokens from.
-    :param bool cluster_role_binding: If true, generate a ClusterRoleBinding to grant 
+    :param bool cluster_role_binding: If true, generate a ClusterRoleBinding to grant
            permissions across the whole cluster instead of within a namespace.
-    :param str kubernetes_namespace: The name of the Kubernetes namespace in which to 
+    :param str kubernetes_namespace: The name of the Kubernetes namespace in which to
            generate the credentials.
     :param str namespace: The namespace of the target resource.
            The value should not contain leading or trailing forward slashes.
            The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
            *Available only for Vault Enterprise*.
-    :param str role: The name of the Kubernetes secret backend role to generate service 
+    :param str role: The name of the Kubernetes secret backend role to generate service
            account tokens from.
-    :param str ttl: The TTL of the generated Kubernetes service account token, specified in 
+    :param str ttl: The TTL of the generated Kubernetes service account token, specified in
            seconds or as a Go duration format string.
     """
     __args__ = dict()
@@ -302,19 +302,19 @@ def get_service_account_token_output(backend: Optional[pulumi.Input[str]] = None
     ```
 
 
-    :param str backend: The Kubernetes secret backend to generate service account 
+    :param str backend: The Kubernetes secret backend to generate service account
            tokens from.
-    :param bool cluster_role_binding: If true, generate a ClusterRoleBinding to grant 
+    :param bool cluster_role_binding: If true, generate a ClusterRoleBinding to grant
            permissions across the whole cluster instead of within a namespace.
-    :param str kubernetes_namespace: The name of the Kubernetes namespace in which to 
+    :param str kubernetes_namespace: The name of the Kubernetes namespace in which to
            generate the credentials.
     :param str namespace: The namespace of the target resource.
            The value should not contain leading or trailing forward slashes.
            The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
            *Available only for Vault Enterprise*.
-    :param str role: The name of the Kubernetes secret backend role to generate service 
+    :param str role: The name of the Kubernetes secret backend role to generate service
            account tokens from.
-    :param str ttl: The TTL of the generated Kubernetes service account token, specified in 
+    :param str ttl: The TTL of the generated Kubernetes service account token, specified in
            seconds or as a Go duration format string.
     """
     ...
diff --git a/sdk/python/pulumi_vault/kubernetes/secret_backend.py b/sdk/python/pulumi_vault/kubernetes/secret_backend.py
index d20705a03..7c7220e87 100644
--- a/sdk/python/pulumi_vault/kubernetes/secret_backend.py
+++ b/sdk/python/pulumi_vault/kubernetes/secret_backend.py
@@ -46,15 +46,15 @@ def __init__(__self__, *,
         :param pulumi.Input[int] default_lease_ttl_seconds: Default lease duration for tokens and secrets in seconds
         :param pulumi.Input[Sequence[pulumi.Input[str]]] delegated_auth_accessors: List of headers to allow and pass from the request to the plugin
         :param pulumi.Input[str] description: Human-friendly description of the mount
-        :param pulumi.Input[bool] disable_local_ca_jwt: Disable defaulting to the local CA certificate and 
+        :param pulumi.Input[bool] disable_local_ca_jwt: Disable defaulting to the local CA certificate and
                service account JWT when Vault is running in a Kubernetes pod.
         :param pulumi.Input[bool] external_entropy_access: Enable the secrets engine to access Vault's external entropy source
         :param pulumi.Input[str] identity_token_key: The key to use for signing plugin workload identity tokens
-        :param pulumi.Input[str] kubernetes_ca_cert: A PEM-encoded CA certificate used by the 
+        :param pulumi.Input[str] kubernetes_ca_cert: A PEM-encoded CA certificate used by the
                secrets engine to verify the Kubernetes API server certificate. Defaults to the local
                pod’s CA if Vault is running in Kubernetes. Otherwise, defaults to the root CA set where
                Vault is running.
-        :param pulumi.Input[str] kubernetes_host: The Kubernetes API URL to connect to. Required if the 
+        :param pulumi.Input[str] kubernetes_host: The Kubernetes API URL to connect to. Required if the
                standard pod environment variables `KUBERNETES_SERVICE_HOST` or `KUBERNETES_SERVICE_PORT`
                are not set on the host that Vault is running on.
         :param pulumi.Input[str] listing_visibility: Specifies whether to show this mount in the UI-specific listing endpoint
@@ -216,7 +216,7 @@ def description(self, value: Optional[pulumi.Input[str]]):
     @pulumi.getter(name="disableLocalCaJwt")
     def disable_local_ca_jwt(self) -> Optional[pulumi.Input[bool]]:
         """
-        Disable defaulting to the local CA certificate and 
+        Disable defaulting to the local CA certificate and
         service account JWT when Vault is running in a Kubernetes pod.
         """
         return pulumi.get(self, "disable_local_ca_jwt")
@@ -253,7 +253,7 @@ def identity_token_key(self, value: Optional[pulumi.Input[str]]):
     @pulumi.getter(name="kubernetesCaCert")
     def kubernetes_ca_cert(self) -> Optional[pulumi.Input[str]]:
         """
-        A PEM-encoded CA certificate used by the 
+        A PEM-encoded CA certificate used by the
         secrets engine to verify the Kubernetes API server certificate. Defaults to the local
         pod’s CA if Vault is running in Kubernetes. Otherwise, defaults to the root CA set where
         Vault is running.
@@ -268,7 +268,7 @@ def kubernetes_ca_cert(self, value: Optional[pulumi.Input[str]]):
     @pulumi.getter(name="kubernetesHost")
     def kubernetes_host(self) -> Optional[pulumi.Input[str]]:
         """
-        The Kubernetes API URL to connect to. Required if the 
+        The Kubernetes API URL to connect to. Required if the
         standard pod environment variables `KUBERNETES_SERVICE_HOST` or `KUBERNETES_SERVICE_PORT`
         are not set on the host that Vault is running on.
         """
@@ -428,15 +428,15 @@ def __init__(__self__, *,
         :param pulumi.Input[int] default_lease_ttl_seconds: Default lease duration for tokens and secrets in seconds
         :param pulumi.Input[Sequence[pulumi.Input[str]]] delegated_auth_accessors: List of headers to allow and pass from the request to the plugin
         :param pulumi.Input[str] description: Human-friendly description of the mount
-        :param pulumi.Input[bool] disable_local_ca_jwt: Disable defaulting to the local CA certificate and 
+        :param pulumi.Input[bool] disable_local_ca_jwt: Disable defaulting to the local CA certificate and
                service account JWT when Vault is running in a Kubernetes pod.
         :param pulumi.Input[bool] external_entropy_access: Enable the secrets engine to access Vault's external entropy source
         :param pulumi.Input[str] identity_token_key: The key to use for signing plugin workload identity tokens
-        :param pulumi.Input[str] kubernetes_ca_cert: A PEM-encoded CA certificate used by the 
+        :param pulumi.Input[str] kubernetes_ca_cert: A PEM-encoded CA certificate used by the
                secrets engine to verify the Kubernetes API server certificate. Defaults to the local
                pod’s CA if Vault is running in Kubernetes. Otherwise, defaults to the root CA set where
                Vault is running.
-        :param pulumi.Input[str] kubernetes_host: The Kubernetes API URL to connect to. Required if the 
+        :param pulumi.Input[str] kubernetes_host: The Kubernetes API URL to connect to. Required if the
                standard pod environment variables `KUBERNETES_SERVICE_HOST` or `KUBERNETES_SERVICE_PORT`
                are not set on the host that Vault is running on.
         :param pulumi.Input[str] listing_visibility: Specifies whether to show this mount in the UI-specific listing endpoint
@@ -602,7 +602,7 @@ def description(self, value: Optional[pulumi.Input[str]]):
     @pulumi.getter(name="disableLocalCaJwt")
     def disable_local_ca_jwt(self) -> Optional[pulumi.Input[bool]]:
         """
-        Disable defaulting to the local CA certificate and 
+        Disable defaulting to the local CA certificate and
         service account JWT when Vault is running in a Kubernetes pod.
         """
         return pulumi.get(self, "disable_local_ca_jwt")
@@ -639,7 +639,7 @@ def identity_token_key(self, value: Optional[pulumi.Input[str]]):
     @pulumi.getter(name="kubernetesCaCert")
     def kubernetes_ca_cert(self) -> Optional[pulumi.Input[str]]:
         """
-        A PEM-encoded CA certificate used by the 
+        A PEM-encoded CA certificate used by the
         secrets engine to verify the Kubernetes API server certificate. Defaults to the local
         pod’s CA if Vault is running in Kubernetes. Otherwise, defaults to the root CA set where
         Vault is running.
@@ -654,7 +654,7 @@ def kubernetes_ca_cert(self, value: Optional[pulumi.Input[str]]):
     @pulumi.getter(name="kubernetesHost")
     def kubernetes_host(self) -> Optional[pulumi.Input[str]]:
         """
-        The Kubernetes API URL to connect to. Required if the 
+        The Kubernetes API URL to connect to. Required if the
         standard pod environment variables `KUBERNETES_SERVICE_HOST` or `KUBERNETES_SERVICE_PORT`
         are not set on the host that Vault is running on.
         """
@@ -854,15 +854,15 @@ def __init__(__self__,
         :param pulumi.Input[int] default_lease_ttl_seconds: Default lease duration for tokens and secrets in seconds
         :param pulumi.Input[Sequence[pulumi.Input[str]]] delegated_auth_accessors: List of headers to allow and pass from the request to the plugin
         :param pulumi.Input[str] description: Human-friendly description of the mount
-        :param pulumi.Input[bool] disable_local_ca_jwt: Disable defaulting to the local CA certificate and 
+        :param pulumi.Input[bool] disable_local_ca_jwt: Disable defaulting to the local CA certificate and
                service account JWT when Vault is running in a Kubernetes pod.
         :param pulumi.Input[bool] external_entropy_access: Enable the secrets engine to access Vault's external entropy source
         :param pulumi.Input[str] identity_token_key: The key to use for signing plugin workload identity tokens
-        :param pulumi.Input[str] kubernetes_ca_cert: A PEM-encoded CA certificate used by the 
+        :param pulumi.Input[str] kubernetes_ca_cert: A PEM-encoded CA certificate used by the
                secrets engine to verify the Kubernetes API server certificate. Defaults to the local
                pod’s CA if Vault is running in Kubernetes. Otherwise, defaults to the root CA set where
                Vault is running.
-        :param pulumi.Input[str] kubernetes_host: The Kubernetes API URL to connect to. Required if the 
+        :param pulumi.Input[str] kubernetes_host: The Kubernetes API URL to connect to. Required if the
                standard pod environment variables `KUBERNETES_SERVICE_HOST` or `KUBERNETES_SERVICE_PORT`
                are not set on the host that Vault is running on.
         :param pulumi.Input[str] listing_visibility: Specifies whether to show this mount in the UI-specific listing endpoint
@@ -1035,15 +1035,15 @@ def get(resource_name: str,
         :param pulumi.Input[int] default_lease_ttl_seconds: Default lease duration for tokens and secrets in seconds
         :param pulumi.Input[Sequence[pulumi.Input[str]]] delegated_auth_accessors: List of headers to allow and pass from the request to the plugin
         :param pulumi.Input[str] description: Human-friendly description of the mount
-        :param pulumi.Input[bool] disable_local_ca_jwt: Disable defaulting to the local CA certificate and 
+        :param pulumi.Input[bool] disable_local_ca_jwt: Disable defaulting to the local CA certificate and
                service account JWT when Vault is running in a Kubernetes pod.
         :param pulumi.Input[bool] external_entropy_access: Enable the secrets engine to access Vault's external entropy source
         :param pulumi.Input[str] identity_token_key: The key to use for signing plugin workload identity tokens
-        :param pulumi.Input[str] kubernetes_ca_cert: A PEM-encoded CA certificate used by the 
+        :param pulumi.Input[str] kubernetes_ca_cert: A PEM-encoded CA certificate used by the
                secrets engine to verify the Kubernetes API server certificate. Defaults to the local
                pod’s CA if Vault is running in Kubernetes. Otherwise, defaults to the root CA set where
                Vault is running.
-        :param pulumi.Input[str] kubernetes_host: The Kubernetes API URL to connect to. Required if the 
+        :param pulumi.Input[str] kubernetes_host: The Kubernetes API URL to connect to. Required if the
                standard pod environment variables `KUBERNETES_SERVICE_HOST` or `KUBERNETES_SERVICE_PORT`
                are not set on the host that Vault is running on.
         :param pulumi.Input[str] listing_visibility: Specifies whether to show this mount in the UI-specific listing endpoint
@@ -1159,7 +1159,7 @@ def description(self) -> pulumi.Output[Optional[str]]:
     @pulumi.getter(name="disableLocalCaJwt")
     def disable_local_ca_jwt(self) -> pulumi.Output[Optional[bool]]:
         """
-        Disable defaulting to the local CA certificate and 
+        Disable defaulting to the local CA certificate and
         service account JWT when Vault is running in a Kubernetes pod.
         """
         return pulumi.get(self, "disable_local_ca_jwt")
@@ -1184,7 +1184,7 @@ def identity_token_key(self) -> pulumi.Output[Optional[str]]:
     @pulumi.getter(name="kubernetesCaCert")
     def kubernetes_ca_cert(self) -> pulumi.Output[Optional[str]]:
         """
-        A PEM-encoded CA certificate used by the 
+        A PEM-encoded CA certificate used by the
         secrets engine to verify the Kubernetes API server certificate. Defaults to the local
         pod’s CA if Vault is running in Kubernetes. Otherwise, defaults to the root CA set where
         Vault is running.
@@ -1195,7 +1195,7 @@ def kubernetes_ca_cert(self) -> pulumi.Output[Optional[str]]:
     @pulumi.getter(name="kubernetesHost")
     def kubernetes_host(self) -> pulumi.Output[Optional[str]]:
         """
-        The Kubernetes API URL to connect to. Required if the 
+        The Kubernetes API URL to connect to. Required if the
         standard pod environment variables `KUBERNETES_SERVICE_HOST` or `KUBERNETES_SERVICE_PORT`
         are not set on the host that Vault is running on.
         """
diff --git a/sdk/python/pulumi_vault/kubernetes/secret_backend_role.py b/sdk/python/pulumi_vault/kubernetes/secret_backend_role.py
index a710fbb64..219e38418 100644
--- a/sdk/python/pulumi_vault/kubernetes/secret_backend_role.py
+++ b/sdk/python/pulumi_vault/kubernetes/secret_backend_role.py
@@ -32,31 +32,31 @@ def __init__(__self__, *,
         The set of arguments for constructing a SecretBackendRole resource.
         :param pulumi.Input[str] backend: The path of the Kubernetes Secrets Engine backend mount to create
                the role in.
-        :param pulumi.Input[str] allowed_kubernetes_namespace_selector: A label selector for Kubernetes namespaces 
+        :param pulumi.Input[str] allowed_kubernetes_namespace_selector: A label selector for Kubernetes namespaces
                in which credentials can be generated. Accepts either a JSON or YAML object. The value should be
                of type [LabelSelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.24/#labelselector-v1-meta).
                If set with `allowed_kubernetes_namespace`, the conditions are `OR`ed.
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_kubernetes_namespaces: The list of Kubernetes namespaces this role 
+        :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_kubernetes_namespaces: The list of Kubernetes namespaces this role
                can generate credentials for. If set to `*` all namespaces are allowed. If set with
                `allowed_kubernetes_namespace_selector`, the conditions are `OR`ed.
-        :param pulumi.Input[Mapping[str, pulumi.Input[str]]] extra_annotations: Additional annotations to apply to all generated 
+        :param pulumi.Input[Mapping[str, pulumi.Input[str]]] extra_annotations: Additional annotations to apply to all generated
                Kubernetes objects.
-        :param pulumi.Input[Mapping[str, pulumi.Input[str]]] extra_labels: Additional labels to apply to all generated Kubernetes 
+        :param pulumi.Input[Mapping[str, pulumi.Input[str]]] extra_labels: Additional labels to apply to all generated Kubernetes
                objects.
                
                This resource also directly accepts all Mount fields.
-        :param pulumi.Input[str] generated_role_rules: The Role or ClusterRole rules to use when generating 
+        :param pulumi.Input[str] generated_role_rules: The Role or ClusterRole rules to use when generating
                a role. Accepts either JSON or YAML formatted rules. Mutually exclusive with `service_account_name`
                and `kubernetes_role_name`. If set, the entire chain of Kubernetes objects will be generated
                when credentials are requested.
-        :param pulumi.Input[str] kubernetes_role_name: The pre-existing Role or ClusterRole to bind a 
+        :param pulumi.Input[str] kubernetes_role_name: The pre-existing Role or ClusterRole to bind a
                generated service account to. Mutually exclusive with `service_account_name` and
                `generated_role_rules`. If set, Kubernetes token, service account, and role
                binding objects will be created when credentials are requested.
-        :param pulumi.Input[str] kubernetes_role_type: Specifies whether the Kubernetes role is a Role or 
+        :param pulumi.Input[str] kubernetes_role_type: Specifies whether the Kubernetes role is a Role or
                ClusterRole.
         :param pulumi.Input[str] name: The name of the role.
-        :param pulumi.Input[str] name_template: The name template to use when generating service accounts, 
+        :param pulumi.Input[str] name_template: The name template to use when generating service accounts,
                roles and role bindings. If unset, a default template is used.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
@@ -113,7 +113,7 @@ def backend(self, value: pulumi.Input[str]):
     @pulumi.getter(name="allowedKubernetesNamespaceSelector")
     def allowed_kubernetes_namespace_selector(self) -> Optional[pulumi.Input[str]]:
         """
-        A label selector for Kubernetes namespaces 
+        A label selector for Kubernetes namespaces
         in which credentials can be generated. Accepts either a JSON or YAML object. The value should be
         of type [LabelSelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.24/#labelselector-v1-meta).
         If set with `allowed_kubernetes_namespace`, the conditions are `OR`ed.
@@ -128,7 +128,7 @@ def allowed_kubernetes_namespace_selector(self, value: Optional[pulumi.Input[str
     @pulumi.getter(name="allowedKubernetesNamespaces")
     def allowed_kubernetes_namespaces(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
         """
-        The list of Kubernetes namespaces this role 
+        The list of Kubernetes namespaces this role
         can generate credentials for. If set to `*` all namespaces are allowed. If set with
         `allowed_kubernetes_namespace_selector`, the conditions are `OR`ed.
         """
@@ -142,7 +142,7 @@ def allowed_kubernetes_namespaces(self, value: Optional[pulumi.Input[Sequence[pu
     @pulumi.getter(name="extraAnnotations")
     def extra_annotations(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
         """
-        Additional annotations to apply to all generated 
+        Additional annotations to apply to all generated
         Kubernetes objects.
         """
         return pulumi.get(self, "extra_annotations")
@@ -155,7 +155,7 @@ def extra_annotations(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Inp
     @pulumi.getter(name="extraLabels")
     def extra_labels(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
         """
-        Additional labels to apply to all generated Kubernetes 
+        Additional labels to apply to all generated Kubernetes
         objects.
 
         This resource also directly accepts all Mount fields.
@@ -170,7 +170,7 @@ def extra_labels(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[st
     @pulumi.getter(name="generatedRoleRules")
     def generated_role_rules(self) -> Optional[pulumi.Input[str]]:
         """
-        The Role or ClusterRole rules to use when generating 
+        The Role or ClusterRole rules to use when generating
         a role. Accepts either JSON or YAML formatted rules. Mutually exclusive with `service_account_name`
         and `kubernetes_role_name`. If set, the entire chain of Kubernetes objects will be generated
         when credentials are requested.
@@ -185,7 +185,7 @@ def generated_role_rules(self, value: Optional[pulumi.Input[str]]):
     @pulumi.getter(name="kubernetesRoleName")
     def kubernetes_role_name(self) -> Optional[pulumi.Input[str]]:
         """
-        The pre-existing Role or ClusterRole to bind a 
+        The pre-existing Role or ClusterRole to bind a
         generated service account to. Mutually exclusive with `service_account_name` and
         `generated_role_rules`. If set, Kubernetes token, service account, and role
         binding objects will be created when credentials are requested.
@@ -200,7 +200,7 @@ def kubernetes_role_name(self, value: Optional[pulumi.Input[str]]):
     @pulumi.getter(name="kubernetesRoleType")
     def kubernetes_role_type(self) -> Optional[pulumi.Input[str]]:
         """
-        Specifies whether the Kubernetes role is a Role or 
+        Specifies whether the Kubernetes role is a Role or
         ClusterRole.
         """
         return pulumi.get(self, "kubernetes_role_type")
@@ -225,7 +225,7 @@ def name(self, value: Optional[pulumi.Input[str]]):
     @pulumi.getter(name="nameTemplate")
     def name_template(self) -> Optional[pulumi.Input[str]]:
         """
-        The name template to use when generating service accounts, 
+        The name template to use when generating service accounts,
         roles and role bindings. If unset, a default template is used.
         """
         return pulumi.get(self, "name_template")
@@ -307,33 +307,33 @@ def __init__(__self__, *,
                  token_max_ttl: Optional[pulumi.Input[int]] = None):
         """
         Input properties used for looking up and filtering SecretBackendRole resources.
-        :param pulumi.Input[str] allowed_kubernetes_namespace_selector: A label selector for Kubernetes namespaces 
+        :param pulumi.Input[str] allowed_kubernetes_namespace_selector: A label selector for Kubernetes namespaces
                in which credentials can be generated. Accepts either a JSON or YAML object. The value should be
                of type [LabelSelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.24/#labelselector-v1-meta).
                If set with `allowed_kubernetes_namespace`, the conditions are `OR`ed.
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_kubernetes_namespaces: The list of Kubernetes namespaces this role 
+        :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_kubernetes_namespaces: The list of Kubernetes namespaces this role
                can generate credentials for. If set to `*` all namespaces are allowed. If set with
                `allowed_kubernetes_namespace_selector`, the conditions are `OR`ed.
         :param pulumi.Input[str] backend: The path of the Kubernetes Secrets Engine backend mount to create
                the role in.
-        :param pulumi.Input[Mapping[str, pulumi.Input[str]]] extra_annotations: Additional annotations to apply to all generated 
+        :param pulumi.Input[Mapping[str, pulumi.Input[str]]] extra_annotations: Additional annotations to apply to all generated
                Kubernetes objects.
-        :param pulumi.Input[Mapping[str, pulumi.Input[str]]] extra_labels: Additional labels to apply to all generated Kubernetes 
+        :param pulumi.Input[Mapping[str, pulumi.Input[str]]] extra_labels: Additional labels to apply to all generated Kubernetes
                objects.
                
                This resource also directly accepts all Mount fields.
-        :param pulumi.Input[str] generated_role_rules: The Role or ClusterRole rules to use when generating 
+        :param pulumi.Input[str] generated_role_rules: The Role or ClusterRole rules to use when generating
                a role. Accepts either JSON or YAML formatted rules. Mutually exclusive with `service_account_name`
                and `kubernetes_role_name`. If set, the entire chain of Kubernetes objects will be generated
                when credentials are requested.
-        :param pulumi.Input[str] kubernetes_role_name: The pre-existing Role or ClusterRole to bind a 
+        :param pulumi.Input[str] kubernetes_role_name: The pre-existing Role or ClusterRole to bind a
                generated service account to. Mutually exclusive with `service_account_name` and
                `generated_role_rules`. If set, Kubernetes token, service account, and role
                binding objects will be created when credentials are requested.
-        :param pulumi.Input[str] kubernetes_role_type: Specifies whether the Kubernetes role is a Role or 
+        :param pulumi.Input[str] kubernetes_role_type: Specifies whether the Kubernetes role is a Role or
                ClusterRole.
         :param pulumi.Input[str] name: The name of the role.
-        :param pulumi.Input[str] name_template: The name template to use when generating service accounts, 
+        :param pulumi.Input[str] name_template: The name template to use when generating service accounts,
                roles and role bindings. If unset, a default template is used.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
@@ -378,7 +378,7 @@ def __init__(__self__, *,
     @pulumi.getter(name="allowedKubernetesNamespaceSelector")
     def allowed_kubernetes_namespace_selector(self) -> Optional[pulumi.Input[str]]:
         """
-        A label selector for Kubernetes namespaces 
+        A label selector for Kubernetes namespaces
         in which credentials can be generated. Accepts either a JSON or YAML object. The value should be
         of type [LabelSelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.24/#labelselector-v1-meta).
         If set with `allowed_kubernetes_namespace`, the conditions are `OR`ed.
@@ -393,7 +393,7 @@ def allowed_kubernetes_namespace_selector(self, value: Optional[pulumi.Input[str
     @pulumi.getter(name="allowedKubernetesNamespaces")
     def allowed_kubernetes_namespaces(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
         """
-        The list of Kubernetes namespaces this role 
+        The list of Kubernetes namespaces this role
         can generate credentials for. If set to `*` all namespaces are allowed. If set with
         `allowed_kubernetes_namespace_selector`, the conditions are `OR`ed.
         """
@@ -420,7 +420,7 @@ def backend(self, value: Optional[pulumi.Input[str]]):
     @pulumi.getter(name="extraAnnotations")
     def extra_annotations(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
         """
-        Additional annotations to apply to all generated 
+        Additional annotations to apply to all generated
         Kubernetes objects.
         """
         return pulumi.get(self, "extra_annotations")
@@ -433,7 +433,7 @@ def extra_annotations(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Inp
     @pulumi.getter(name="extraLabels")
     def extra_labels(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
         """
-        Additional labels to apply to all generated Kubernetes 
+        Additional labels to apply to all generated Kubernetes
         objects.
 
         This resource also directly accepts all Mount fields.
@@ -448,7 +448,7 @@ def extra_labels(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[st
     @pulumi.getter(name="generatedRoleRules")
     def generated_role_rules(self) -> Optional[pulumi.Input[str]]:
         """
-        The Role or ClusterRole rules to use when generating 
+        The Role or ClusterRole rules to use when generating
         a role. Accepts either JSON or YAML formatted rules. Mutually exclusive with `service_account_name`
         and `kubernetes_role_name`. If set, the entire chain of Kubernetes objects will be generated
         when credentials are requested.
@@ -463,7 +463,7 @@ def generated_role_rules(self, value: Optional[pulumi.Input[str]]):
     @pulumi.getter(name="kubernetesRoleName")
     def kubernetes_role_name(self) -> Optional[pulumi.Input[str]]:
         """
-        The pre-existing Role or ClusterRole to bind a 
+        The pre-existing Role or ClusterRole to bind a
         generated service account to. Mutually exclusive with `service_account_name` and
         `generated_role_rules`. If set, Kubernetes token, service account, and role
         binding objects will be created when credentials are requested.
@@ -478,7 +478,7 @@ def kubernetes_role_name(self, value: Optional[pulumi.Input[str]]):
     @pulumi.getter(name="kubernetesRoleType")
     def kubernetes_role_type(self) -> Optional[pulumi.Input[str]]:
         """
-        Specifies whether the Kubernetes role is a Role or 
+        Specifies whether the Kubernetes role is a Role or
         ClusterRole.
         """
         return pulumi.get(self, "kubernetes_role_type")
@@ -503,7 +503,7 @@ def name(self, value: Optional[pulumi.Input[str]]):
     @pulumi.getter(name="nameTemplate")
     def name_template(self) -> Optional[pulumi.Input[str]]:
         """
-        The name template to use when generating service accounts, 
+        The name template to use when generating service accounts,
         roles and role bindings. If unset, a default template is used.
         """
         return pulumi.get(self, "name_template")
@@ -699,33 +699,33 @@ def __init__(__self__,
 
         :param str resource_name: The name of the resource.
         :param pulumi.ResourceOptions opts: Options for the resource.
-        :param pulumi.Input[str] allowed_kubernetes_namespace_selector: A label selector for Kubernetes namespaces 
+        :param pulumi.Input[str] allowed_kubernetes_namespace_selector: A label selector for Kubernetes namespaces
                in which credentials can be generated. Accepts either a JSON or YAML object. The value should be
                of type [LabelSelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.24/#labelselector-v1-meta).
                If set with `allowed_kubernetes_namespace`, the conditions are `OR`ed.
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_kubernetes_namespaces: The list of Kubernetes namespaces this role 
+        :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_kubernetes_namespaces: The list of Kubernetes namespaces this role
                can generate credentials for. If set to `*` all namespaces are allowed. If set with
                `allowed_kubernetes_namespace_selector`, the conditions are `OR`ed.
         :param pulumi.Input[str] backend: The path of the Kubernetes Secrets Engine backend mount to create
                the role in.
-        :param pulumi.Input[Mapping[str, pulumi.Input[str]]] extra_annotations: Additional annotations to apply to all generated 
+        :param pulumi.Input[Mapping[str, pulumi.Input[str]]] extra_annotations: Additional annotations to apply to all generated
                Kubernetes objects.
-        :param pulumi.Input[Mapping[str, pulumi.Input[str]]] extra_labels: Additional labels to apply to all generated Kubernetes 
+        :param pulumi.Input[Mapping[str, pulumi.Input[str]]] extra_labels: Additional labels to apply to all generated Kubernetes
                objects.
                
                This resource also directly accepts all Mount fields.
-        :param pulumi.Input[str] generated_role_rules: The Role or ClusterRole rules to use when generating 
+        :param pulumi.Input[str] generated_role_rules: The Role or ClusterRole rules to use when generating
                a role. Accepts either JSON or YAML formatted rules. Mutually exclusive with `service_account_name`
                and `kubernetes_role_name`. If set, the entire chain of Kubernetes objects will be generated
                when credentials are requested.
-        :param pulumi.Input[str] kubernetes_role_name: The pre-existing Role or ClusterRole to bind a 
+        :param pulumi.Input[str] kubernetes_role_name: The pre-existing Role or ClusterRole to bind a
                generated service account to. Mutually exclusive with `service_account_name` and
                `generated_role_rules`. If set, Kubernetes token, service account, and role
                binding objects will be created when credentials are requested.
-        :param pulumi.Input[str] kubernetes_role_type: Specifies whether the Kubernetes role is a Role or 
+        :param pulumi.Input[str] kubernetes_role_type: Specifies whether the Kubernetes role is a Role or
                ClusterRole.
         :param pulumi.Input[str] name: The name of the role.
-        :param pulumi.Input[str] name_template: The name template to use when generating service accounts, 
+        :param pulumi.Input[str] name_template: The name template to use when generating service accounts,
                roles and role bindings. If unset, a default template is used.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
@@ -939,33 +939,33 @@ def get(resource_name: str,
         :param str resource_name: The unique name of the resulting resource.
         :param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
         :param pulumi.ResourceOptions opts: Options for the resource.
-        :param pulumi.Input[str] allowed_kubernetes_namespace_selector: A label selector for Kubernetes namespaces 
+        :param pulumi.Input[str] allowed_kubernetes_namespace_selector: A label selector for Kubernetes namespaces
                in which credentials can be generated. Accepts either a JSON or YAML object. The value should be
                of type [LabelSelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.24/#labelselector-v1-meta).
                If set with `allowed_kubernetes_namespace`, the conditions are `OR`ed.
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_kubernetes_namespaces: The list of Kubernetes namespaces this role 
+        :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_kubernetes_namespaces: The list of Kubernetes namespaces this role
                can generate credentials for. If set to `*` all namespaces are allowed. If set with
                `allowed_kubernetes_namespace_selector`, the conditions are `OR`ed.
         :param pulumi.Input[str] backend: The path of the Kubernetes Secrets Engine backend mount to create
                the role in.
-        :param pulumi.Input[Mapping[str, pulumi.Input[str]]] extra_annotations: Additional annotations to apply to all generated 
+        :param pulumi.Input[Mapping[str, pulumi.Input[str]]] extra_annotations: Additional annotations to apply to all generated
                Kubernetes objects.
-        :param pulumi.Input[Mapping[str, pulumi.Input[str]]] extra_labels: Additional labels to apply to all generated Kubernetes 
+        :param pulumi.Input[Mapping[str, pulumi.Input[str]]] extra_labels: Additional labels to apply to all generated Kubernetes
                objects.
                
                This resource also directly accepts all Mount fields.
-        :param pulumi.Input[str] generated_role_rules: The Role or ClusterRole rules to use when generating 
+        :param pulumi.Input[str] generated_role_rules: The Role or ClusterRole rules to use when generating
                a role. Accepts either JSON or YAML formatted rules. Mutually exclusive with `service_account_name`
                and `kubernetes_role_name`. If set, the entire chain of Kubernetes objects will be generated
                when credentials are requested.
-        :param pulumi.Input[str] kubernetes_role_name: The pre-existing Role or ClusterRole to bind a 
+        :param pulumi.Input[str] kubernetes_role_name: The pre-existing Role or ClusterRole to bind a
                generated service account to. Mutually exclusive with `service_account_name` and
                `generated_role_rules`. If set, Kubernetes token, service account, and role
                binding objects will be created when credentials are requested.
-        :param pulumi.Input[str] kubernetes_role_type: Specifies whether the Kubernetes role is a Role or 
+        :param pulumi.Input[str] kubernetes_role_type: Specifies whether the Kubernetes role is a Role or
                ClusterRole.
         :param pulumi.Input[str] name: The name of the role.
-        :param pulumi.Input[str] name_template: The name template to use when generating service accounts, 
+        :param pulumi.Input[str] name_template: The name template to use when generating service accounts,
                roles and role bindings. If unset, a default template is used.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
@@ -1001,7 +1001,7 @@ def get(resource_name: str,
     @pulumi.getter(name="allowedKubernetesNamespaceSelector")
     def allowed_kubernetes_namespace_selector(self) -> pulumi.Output[Optional[str]]:
         """
-        A label selector for Kubernetes namespaces 
+        A label selector for Kubernetes namespaces
         in which credentials can be generated. Accepts either a JSON or YAML object. The value should be
         of type [LabelSelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.24/#labelselector-v1-meta).
         If set with `allowed_kubernetes_namespace`, the conditions are `OR`ed.
@@ -1012,7 +1012,7 @@ def allowed_kubernetes_namespace_selector(self) -> pulumi.Output[Optional[str]]:
     @pulumi.getter(name="allowedKubernetesNamespaces")
     def allowed_kubernetes_namespaces(self) -> pulumi.Output[Optional[Sequence[str]]]:
         """
-        The list of Kubernetes namespaces this role 
+        The list of Kubernetes namespaces this role
         can generate credentials for. If set to `*` all namespaces are allowed. If set with
         `allowed_kubernetes_namespace_selector`, the conditions are `OR`ed.
         """
@@ -1031,7 +1031,7 @@ def backend(self) -> pulumi.Output[str]:
     @pulumi.getter(name="extraAnnotations")
     def extra_annotations(self) -> pulumi.Output[Optional[Mapping[str, str]]]:
         """
-        Additional annotations to apply to all generated 
+        Additional annotations to apply to all generated
         Kubernetes objects.
         """
         return pulumi.get(self, "extra_annotations")
@@ -1040,7 +1040,7 @@ def extra_annotations(self) -> pulumi.Output[Optional[Mapping[str, str]]]:
     @pulumi.getter(name="extraLabels")
     def extra_labels(self) -> pulumi.Output[Optional[Mapping[str, str]]]:
         """
-        Additional labels to apply to all generated Kubernetes 
+        Additional labels to apply to all generated Kubernetes
         objects.
 
         This resource also directly accepts all Mount fields.
@@ -1051,7 +1051,7 @@ def extra_labels(self) -> pulumi.Output[Optional[Mapping[str, str]]]:
     @pulumi.getter(name="generatedRoleRules")
     def generated_role_rules(self) -> pulumi.Output[Optional[str]]:
         """
-        The Role or ClusterRole rules to use when generating 
+        The Role or ClusterRole rules to use when generating
         a role. Accepts either JSON or YAML formatted rules. Mutually exclusive with `service_account_name`
         and `kubernetes_role_name`. If set, the entire chain of Kubernetes objects will be generated
         when credentials are requested.
@@ -1062,7 +1062,7 @@ def generated_role_rules(self) -> pulumi.Output[Optional[str]]:
     @pulumi.getter(name="kubernetesRoleName")
     def kubernetes_role_name(self) -> pulumi.Output[Optional[str]]:
         """
-        The pre-existing Role or ClusterRole to bind a 
+        The pre-existing Role or ClusterRole to bind a
         generated service account to. Mutually exclusive with `service_account_name` and
         `generated_role_rules`. If set, Kubernetes token, service account, and role
         binding objects will be created when credentials are requested.
@@ -1073,7 +1073,7 @@ def kubernetes_role_name(self) -> pulumi.Output[Optional[str]]:
     @pulumi.getter(name="kubernetesRoleType")
     def kubernetes_role_type(self) -> pulumi.Output[Optional[str]]:
         """
-        Specifies whether the Kubernetes role is a Role or 
+        Specifies whether the Kubernetes role is a Role or
         ClusterRole.
         """
         return pulumi.get(self, "kubernetes_role_type")
@@ -1090,7 +1090,7 @@ def name(self) -> pulumi.Output[str]:
     @pulumi.getter(name="nameTemplate")
     def name_template(self) -> pulumi.Output[Optional[str]]:
         """
-        The name template to use when generating service accounts, 
+        The name template to use when generating service accounts,
         roles and role bindings. If unset, a default template is used.
         """
         return pulumi.get(self, "name_template")
diff --git a/sdk/python/pulumi_vault/kv/get_secret.py b/sdk/python/pulumi_vault/kv/get_secret.py
index 5b0504bda..a7a3457b2 100644
--- a/sdk/python/pulumi_vault/kv/get_secret.py
+++ b/sdk/python/pulumi_vault/kv/get_secret.py
@@ -79,7 +79,7 @@ def id(self) -> str:
     @pulumi.getter(name="leaseDuration")
     def lease_duration(self) -> int:
         """
-        The duration of the secret lease, in seconds. Once 
+        The duration of the secret lease, in seconds. Once
         this time has passed any plan generated with this data may fail to apply.
         """
         return pulumi.get(self, "lease_duration")
@@ -96,7 +96,7 @@ def lease_id(self) -> str:
     @pulumi.getter(name="leaseRenewable")
     def lease_renewable(self) -> bool:
         """
-        True if the duration of this lease can be extended 
+        True if the duration of this lease can be extended
         through renewal.
         """
         return pulumi.get(self, "lease_renewable")
diff --git a/sdk/python/pulumi_vault/kv/get_secret_subkeys_v2.py b/sdk/python/pulumi_vault/kv/get_secret_subkeys_v2.py
index bb335b0cb..24c2f16c5 100644
--- a/sdk/python/pulumi_vault/kv/get_secret_subkeys_v2.py
+++ b/sdk/python/pulumi_vault/kv/get_secret_subkeys_v2.py
@@ -175,7 +175,7 @@ def get_secret_subkeys_v2(depth: Optional[int] = None,
            The value should not contain leading or trailing forward slashes.
            The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
            *Available only for Vault Enterprise*.
-    :param int version: Specifies the version to return. If not 
+    :param int version: Specifies the version to return. If not
            set the latest version is returned.
     """
     __args__ = dict()
@@ -250,7 +250,7 @@ def get_secret_subkeys_v2_output(depth: Optional[pulumi.Input[Optional[int]]] =
            The value should not contain leading or trailing forward slashes.
            The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
            *Available only for Vault Enterprise*.
-    :param int version: Specifies the version to return. If not 
+    :param int version: Specifies the version to return. If not
            set the latest version is returned.
     """
     ...
diff --git a/sdk/python/pulumi_vault/mfa_okta.py b/sdk/python/pulumi_vault/mfa_okta.py
index 3e783de77..6289d3298 100644
--- a/sdk/python/pulumi_vault/mfa_okta.py
+++ b/sdk/python/pulumi_vault/mfa_okta.py
@@ -25,19 +25,19 @@ def __init__(__self__, *,
         """
         The set of arguments for constructing a MfaOkta resource.
         :param pulumi.Input[str] api_token: `(string: )` - Okta API key.
-        :param pulumi.Input[str] mount_accessor: `(string: )` - The mount to tie this method to for use in automatic mappings. 
+        :param pulumi.Input[str] mount_accessor: `(string: )` - The mount to tie this method to for use in automatic mappings.
                The mapping will use the Name field of Aliases associated with this mount as the username in the mapping.
         :param pulumi.Input[str] org_name: `(string: )` - Name of the organization to be used in the Okta API.
-        :param pulumi.Input[str] base_url: `(string)` - If set, will be used as the base domain for API requests. Examples are `okta.com`, 
+        :param pulumi.Input[str] base_url: `(string)` - If set, will be used as the base domain for API requests. Examples are `okta.com`,
                `oktapreview.com`, and `okta-emea.com`.
         :param pulumi.Input[str] name: `(string: )` – Name of the MFA method.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
                The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
-        :param pulumi.Input[bool] primary_email: `(string: )` - If set to true, the username will only match the 
+        :param pulumi.Input[bool] primary_email: `(string: )` - If set to true, the username will only match the
                primary email for the account.
-        :param pulumi.Input[str] username_format: `(string)` - A format string for mapping Identity names to MFA method names. 
+        :param pulumi.Input[str] username_format: `(string)` - A format string for mapping Identity names to MFA method names.
                Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`.
                If blank, the Alias's Name field will be used as-is. Currently-supported mappings:
                - alias.name: The name returned by the mount configured via the `mount_accessor` parameter
@@ -75,7 +75,7 @@ def api_token(self, value: pulumi.Input[str]):
     @pulumi.getter(name="mountAccessor")
     def mount_accessor(self) -> pulumi.Input[str]:
         """
-        `(string: )` - The mount to tie this method to for use in automatic mappings. 
+        `(string: )` - The mount to tie this method to for use in automatic mappings.
         The mapping will use the Name field of Aliases associated with this mount as the username in the mapping.
         """
         return pulumi.get(self, "mount_accessor")
@@ -100,7 +100,7 @@ def org_name(self, value: pulumi.Input[str]):
     @pulumi.getter(name="baseUrl")
     def base_url(self) -> Optional[pulumi.Input[str]]:
         """
-        `(string)` - If set, will be used as the base domain for API requests. Examples are `okta.com`, 
+        `(string)` - If set, will be used as the base domain for API requests. Examples are `okta.com`,
         `oktapreview.com`, and `okta-emea.com`.
         """
         return pulumi.get(self, "base_url")
@@ -140,7 +140,7 @@ def namespace(self, value: Optional[pulumi.Input[str]]):
     @pulumi.getter(name="primaryEmail")
     def primary_email(self) -> Optional[pulumi.Input[bool]]:
         """
-        `(string: )` - If set to true, the username will only match the 
+        `(string: )` - If set to true, the username will only match the
         primary email for the account.
         """
         return pulumi.get(self, "primary_email")
@@ -153,7 +153,7 @@ def primary_email(self, value: Optional[pulumi.Input[bool]]):
     @pulumi.getter(name="usernameFormat")
     def username_format(self) -> Optional[pulumi.Input[str]]:
         """
-        `(string)` - A format string for mapping Identity names to MFA method names. 
+        `(string)` - A format string for mapping Identity names to MFA method names.
         Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`.
         If blank, the Alias's Name field will be used as-is. Currently-supported mappings:
         - alias.name: The name returned by the mount configured via the `mount_accessor` parameter
@@ -182,9 +182,9 @@ def __init__(__self__, *,
         """
         Input properties used for looking up and filtering MfaOkta resources.
         :param pulumi.Input[str] api_token: `(string: )` - Okta API key.
-        :param pulumi.Input[str] base_url: `(string)` - If set, will be used as the base domain for API requests. Examples are `okta.com`, 
+        :param pulumi.Input[str] base_url: `(string)` - If set, will be used as the base domain for API requests. Examples are `okta.com`,
                `oktapreview.com`, and `okta-emea.com`.
-        :param pulumi.Input[str] mount_accessor: `(string: )` - The mount to tie this method to for use in automatic mappings. 
+        :param pulumi.Input[str] mount_accessor: `(string: )` - The mount to tie this method to for use in automatic mappings.
                The mapping will use the Name field of Aliases associated with this mount as the username in the mapping.
         :param pulumi.Input[str] name: `(string: )` – Name of the MFA method.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
@@ -192,9 +192,9 @@ def __init__(__self__, *,
                The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
         :param pulumi.Input[str] org_name: `(string: )` - Name of the organization to be used in the Okta API.
-        :param pulumi.Input[bool] primary_email: `(string: )` - If set to true, the username will only match the 
+        :param pulumi.Input[bool] primary_email: `(string: )` - If set to true, the username will only match the
                primary email for the account.
-        :param pulumi.Input[str] username_format: `(string)` - A format string for mapping Identity names to MFA method names. 
+        :param pulumi.Input[str] username_format: `(string)` - A format string for mapping Identity names to MFA method names.
                Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`.
                If blank, the Alias's Name field will be used as-is. Currently-supported mappings:
                - alias.name: The name returned by the mount configured via the `mount_accessor` parameter
@@ -235,7 +235,7 @@ def api_token(self, value: Optional[pulumi.Input[str]]):
     @pulumi.getter(name="baseUrl")
     def base_url(self) -> Optional[pulumi.Input[str]]:
         """
-        `(string)` - If set, will be used as the base domain for API requests. Examples are `okta.com`, 
+        `(string)` - If set, will be used as the base domain for API requests. Examples are `okta.com`,
         `oktapreview.com`, and `okta-emea.com`.
         """
         return pulumi.get(self, "base_url")
@@ -248,7 +248,7 @@ def base_url(self, value: Optional[pulumi.Input[str]]):
     @pulumi.getter(name="mountAccessor")
     def mount_accessor(self) -> Optional[pulumi.Input[str]]:
         """
-        `(string: )` - The mount to tie this method to for use in automatic mappings. 
+        `(string: )` - The mount to tie this method to for use in automatic mappings.
         The mapping will use the Name field of Aliases associated with this mount as the username in the mapping.
         """
         return pulumi.get(self, "mount_accessor")
@@ -300,7 +300,7 @@ def org_name(self, value: Optional[pulumi.Input[str]]):
     @pulumi.getter(name="primaryEmail")
     def primary_email(self) -> Optional[pulumi.Input[bool]]:
         """
-        `(string: )` - If set to true, the username will only match the 
+        `(string: )` - If set to true, the username will only match the
         primary email for the account.
         """
         return pulumi.get(self, "primary_email")
@@ -313,7 +313,7 @@ def primary_email(self, value: Optional[pulumi.Input[bool]]):
     @pulumi.getter(name="usernameFormat")
     def username_format(self) -> Optional[pulumi.Input[str]]:
         """
-        `(string)` - A format string for mapping Identity names to MFA method names. 
+        `(string)` - A format string for mapping Identity names to MFA method names.
         Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`.
         If blank, the Alias's Name field will be used as-is. Currently-supported mappings:
         - alias.name: The name returned by the mount configured via the `mount_accessor` parameter
@@ -375,9 +375,9 @@ def __init__(__self__,
         :param str resource_name: The name of the resource.
         :param pulumi.ResourceOptions opts: Options for the resource.
         :param pulumi.Input[str] api_token: `(string: )` - Okta API key.
-        :param pulumi.Input[str] base_url: `(string)` - If set, will be used as the base domain for API requests. Examples are `okta.com`, 
+        :param pulumi.Input[str] base_url: `(string)` - If set, will be used as the base domain for API requests. Examples are `okta.com`,
                `oktapreview.com`, and `okta-emea.com`.
-        :param pulumi.Input[str] mount_accessor: `(string: )` - The mount to tie this method to for use in automatic mappings. 
+        :param pulumi.Input[str] mount_accessor: `(string: )` - The mount to tie this method to for use in automatic mappings.
                The mapping will use the Name field of Aliases associated with this mount as the username in the mapping.
         :param pulumi.Input[str] name: `(string: )` – Name of the MFA method.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
@@ -385,9 +385,9 @@ def __init__(__self__,
                The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
         :param pulumi.Input[str] org_name: `(string: )` - Name of the organization to be used in the Okta API.
-        :param pulumi.Input[bool] primary_email: `(string: )` - If set to true, the username will only match the 
+        :param pulumi.Input[bool] primary_email: `(string: )` - If set to true, the username will only match the
                primary email for the account.
-        :param pulumi.Input[str] username_format: `(string)` - A format string for mapping Identity names to MFA method names. 
+        :param pulumi.Input[str] username_format: `(string)` - A format string for mapping Identity names to MFA method names.
                Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`.
                If blank, the Alias's Name field will be used as-is. Currently-supported mappings:
                - alias.name: The name returned by the mount configured via the `mount_accessor` parameter
@@ -505,9 +505,9 @@ def get(resource_name: str,
         :param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
         :param pulumi.ResourceOptions opts: Options for the resource.
         :param pulumi.Input[str] api_token: `(string: )` - Okta API key.
-        :param pulumi.Input[str] base_url: `(string)` - If set, will be used as the base domain for API requests. Examples are `okta.com`, 
+        :param pulumi.Input[str] base_url: `(string)` - If set, will be used as the base domain for API requests. Examples are `okta.com`,
                `oktapreview.com`, and `okta-emea.com`.
-        :param pulumi.Input[str] mount_accessor: `(string: )` - The mount to tie this method to for use in automatic mappings. 
+        :param pulumi.Input[str] mount_accessor: `(string: )` - The mount to tie this method to for use in automatic mappings.
                The mapping will use the Name field of Aliases associated with this mount as the username in the mapping.
         :param pulumi.Input[str] name: `(string: )` – Name of the MFA method.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
@@ -515,9 +515,9 @@ def get(resource_name: str,
                The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
         :param pulumi.Input[str] org_name: `(string: )` - Name of the organization to be used in the Okta API.
-        :param pulumi.Input[bool] primary_email: `(string: )` - If set to true, the username will only match the 
+        :param pulumi.Input[bool] primary_email: `(string: )` - If set to true, the username will only match the
                primary email for the account.
-        :param pulumi.Input[str] username_format: `(string)` - A format string for mapping Identity names to MFA method names. 
+        :param pulumi.Input[str] username_format: `(string)` - A format string for mapping Identity names to MFA method names.
                Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`.
                If blank, the Alias's Name field will be used as-is. Currently-supported mappings:
                - alias.name: The name returned by the mount configured via the `mount_accessor` parameter
@@ -551,7 +551,7 @@ def api_token(self) -> pulumi.Output[str]:
     @pulumi.getter(name="baseUrl")
     def base_url(self) -> pulumi.Output[Optional[str]]:
         """
-        `(string)` - If set, will be used as the base domain for API requests. Examples are `okta.com`, 
+        `(string)` - If set, will be used as the base domain for API requests. Examples are `okta.com`,
         `oktapreview.com`, and `okta-emea.com`.
         """
         return pulumi.get(self, "base_url")
@@ -560,7 +560,7 @@ def base_url(self) -> pulumi.Output[Optional[str]]:
     @pulumi.getter(name="mountAccessor")
     def mount_accessor(self) -> pulumi.Output[str]:
         """
-        `(string: )` - The mount to tie this method to for use in automatic mappings. 
+        `(string: )` - The mount to tie this method to for use in automatic mappings.
         The mapping will use the Name field of Aliases associated with this mount as the username in the mapping.
         """
         return pulumi.get(self, "mount_accessor")
@@ -596,7 +596,7 @@ def org_name(self) -> pulumi.Output[str]:
     @pulumi.getter(name="primaryEmail")
     def primary_email(self) -> pulumi.Output[Optional[bool]]:
         """
-        `(string: )` - If set to true, the username will only match the 
+        `(string: )` - If set to true, the username will only match the
         primary email for the account.
         """
         return pulumi.get(self, "primary_email")
@@ -605,7 +605,7 @@ def primary_email(self) -> pulumi.Output[Optional[bool]]:
     @pulumi.getter(name="usernameFormat")
     def username_format(self) -> pulumi.Output[Optional[str]]:
         """
-        `(string)` - A format string for mapping Identity names to MFA method names. 
+        `(string)` - A format string for mapping Identity names to MFA method names.
         Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`.
         If blank, the Alias's Name field will be used as-is. Currently-supported mappings:
         - alias.name: The name returned by the mount configured via the `mount_accessor` parameter
diff --git a/sdk/python/pulumi_vault/mfa_pingid.py b/sdk/python/pulumi_vault/mfa_pingid.py
index 14bf68a63..56972f256 100644
--- a/sdk/python/pulumi_vault/mfa_pingid.py
+++ b/sdk/python/pulumi_vault/mfa_pingid.py
@@ -21,7 +21,7 @@ def __init__(__self__, *,
                  username_format: Optional[pulumi.Input[str]] = None):
         """
         The set of arguments for constructing a MfaPingid resource.
-        :param pulumi.Input[str] mount_accessor: `(string: )` - The mount to tie this method to for use in automatic mappings. 
+        :param pulumi.Input[str] mount_accessor: `(string: )` - The mount to tie this method to for use in automatic mappings.
                The mapping will use the Name field of Aliases associated with this mount as the username in the mapping.
         :param pulumi.Input[str] settings_file_base64: `(string: )` - A base64-encoded third-party settings file retrieved
                from PingID's configuration page.
@@ -30,7 +30,7 @@ def __init__(__self__, *,
                The value should not contain leading or trailing forward slashes.
                The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
-        :param pulumi.Input[str] username_format: `(string)` - A format string for mapping Identity names to MFA method names. 
+        :param pulumi.Input[str] username_format: `(string)` - A format string for mapping Identity names to MFA method names.
                Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`.
                If blank, the Alias's Name field will be used as-is. Currently-supported mappings:
                - alias.name: The name returned by the mount configured via the `mount_accessor` parameter
@@ -51,7 +51,7 @@ def __init__(__self__, *,
     @pulumi.getter(name="mountAccessor")
     def mount_accessor(self) -> pulumi.Input[str]:
         """
-        `(string: )` - The mount to tie this method to for use in automatic mappings. 
+        `(string: )` - The mount to tie this method to for use in automatic mappings.
         The mapping will use the Name field of Aliases associated with this mount as the username in the mapping.
         """
         return pulumi.get(self, "mount_accessor")
@@ -104,7 +104,7 @@ def namespace(self, value: Optional[pulumi.Input[str]]):
     @pulumi.getter(name="usernameFormat")
     def username_format(self) -> Optional[pulumi.Input[str]]:
         """
-        `(string)` - A format string for mapping Identity names to MFA method names. 
+        `(string)` - A format string for mapping Identity names to MFA method names.
         Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`.
         If blank, the Alias's Name field will be used as-is. Currently-supported mappings:
         - alias.name: The name returned by the mount configured via the `mount_accessor` parameter
@@ -139,7 +139,7 @@ def __init__(__self__, *,
         :param pulumi.Input[str] admin_url: `(string)` – Admin URL computed by Vault
         :param pulumi.Input[str] authenticator_url: `(string)` – Authenticator URL computed by Vault
         :param pulumi.Input[str] idp_url: `(string)` – IDP URL computed by Vault
-        :param pulumi.Input[str] mount_accessor: `(string: )` - The mount to tie this method to for use in automatic mappings. 
+        :param pulumi.Input[str] mount_accessor: `(string: )` - The mount to tie this method to for use in automatic mappings.
                The mapping will use the Name field of Aliases associated with this mount as the username in the mapping.
         :param pulumi.Input[str] name: `(string: )` – Name of the MFA method.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
@@ -152,7 +152,7 @@ def __init__(__self__, *,
                from PingID's configuration page.
         :param pulumi.Input[str] type: `(string)` – Type of configuration computed by Vault
         :param pulumi.Input[bool] use_signature: `(string)` – If set to true, enables use of PingID signature. Computed by Vault
-        :param pulumi.Input[str] username_format: `(string)` - A format string for mapping Identity names to MFA method names. 
+        :param pulumi.Input[str] username_format: `(string)` - A format string for mapping Identity names to MFA method names.
                Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`.
                If blank, the Alias's Name field will be used as-is. Currently-supported mappings:
                - alias.name: The name returned by the mount configured via the `mount_accessor` parameter
@@ -225,7 +225,7 @@ def idp_url(self, value: Optional[pulumi.Input[str]]):
     @pulumi.getter(name="mountAccessor")
     def mount_accessor(self) -> Optional[pulumi.Input[str]]:
         """
-        `(string: )` - The mount to tie this method to for use in automatic mappings. 
+        `(string: )` - The mount to tie this method to for use in automatic mappings.
         The mapping will use the Name field of Aliases associated with this mount as the username in the mapping.
         """
         return pulumi.get(self, "mount_accessor")
@@ -326,7 +326,7 @@ def use_signature(self, value: Optional[pulumi.Input[bool]]):
     @pulumi.getter(name="usernameFormat")
     def username_format(self) -> Optional[pulumi.Input[str]]:
         """
-        `(string)` - A format string for mapping Identity names to MFA method names. 
+        `(string)` - A format string for mapping Identity names to MFA method names.
         Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`.
         If blank, the Alias's Name field will be used as-is. Currently-supported mappings:
         - alias.name: The name returned by the mount configured via the `mount_accessor` parameter
@@ -385,7 +385,7 @@ def __init__(__self__,
 
         :param str resource_name: The name of the resource.
         :param pulumi.ResourceOptions opts: Options for the resource.
-        :param pulumi.Input[str] mount_accessor: `(string: )` - The mount to tie this method to for use in automatic mappings. 
+        :param pulumi.Input[str] mount_accessor: `(string: )` - The mount to tie this method to for use in automatic mappings.
                The mapping will use the Name field of Aliases associated with this mount as the username in the mapping.
         :param pulumi.Input[str] name: `(string: )` – Name of the MFA method.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
@@ -394,7 +394,7 @@ def __init__(__self__,
                *Available only for Vault Enterprise*.
         :param pulumi.Input[str] settings_file_base64: `(string: )` - A base64-encoded third-party settings file retrieved
                from PingID's configuration page.
-        :param pulumi.Input[str] username_format: `(string)` - A format string for mapping Identity names to MFA method names. 
+        :param pulumi.Input[str] username_format: `(string)` - A format string for mapping Identity names to MFA method names.
                Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`.
                If blank, the Alias's Name field will be used as-is. Currently-supported mappings:
                - alias.name: The name returned by the mount configured via the `mount_accessor` parameter
@@ -516,7 +516,7 @@ def get(resource_name: str,
         :param pulumi.Input[str] admin_url: `(string)` – Admin URL computed by Vault
         :param pulumi.Input[str] authenticator_url: `(string)` – Authenticator URL computed by Vault
         :param pulumi.Input[str] idp_url: `(string)` – IDP URL computed by Vault
-        :param pulumi.Input[str] mount_accessor: `(string: )` - The mount to tie this method to for use in automatic mappings. 
+        :param pulumi.Input[str] mount_accessor: `(string: )` - The mount to tie this method to for use in automatic mappings.
                The mapping will use the Name field of Aliases associated with this mount as the username in the mapping.
         :param pulumi.Input[str] name: `(string: )` – Name of the MFA method.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
@@ -529,7 +529,7 @@ def get(resource_name: str,
                from PingID's configuration page.
         :param pulumi.Input[str] type: `(string)` – Type of configuration computed by Vault
         :param pulumi.Input[bool] use_signature: `(string)` – If set to true, enables use of PingID signature. Computed by Vault
-        :param pulumi.Input[str] username_format: `(string)` - A format string for mapping Identity names to MFA method names. 
+        :param pulumi.Input[str] username_format: `(string)` - A format string for mapping Identity names to MFA method names.
                Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`.
                If blank, the Alias's Name field will be used as-is. Currently-supported mappings:
                - alias.name: The name returned by the mount configured via the `mount_accessor` parameter
@@ -583,7 +583,7 @@ def idp_url(self) -> pulumi.Output[str]:
     @pulumi.getter(name="mountAccessor")
     def mount_accessor(self) -> pulumi.Output[str]:
         """
-        `(string: )` - The mount to tie this method to for use in automatic mappings. 
+        `(string: )` - The mount to tie this method to for use in automatic mappings.
         The mapping will use the Name field of Aliases associated with this mount as the username in the mapping.
         """
         return pulumi.get(self, "mount_accessor")
@@ -652,7 +652,7 @@ def use_signature(self) -> pulumi.Output[bool]:
     @pulumi.getter(name="usernameFormat")
     def username_format(self) -> pulumi.Output[Optional[str]]:
         """
-        `(string)` - A format string for mapping Identity names to MFA method names. 
+        `(string)` - A format string for mapping Identity names to MFA method names.
         Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`.
         If blank, the Alias's Name field will be used as-is. Currently-supported mappings:
         - alias.name: The name returned by the mount configured via the `mount_accessor` parameter
diff --git a/sdk/python/pulumi_vault/mongodbatlas/secret_role.py b/sdk/python/pulumi_vault/mongodbatlas/secret_role.py
index 9bc3c7381..690db7428 100644
--- a/sdk/python/pulumi_vault/mongodbatlas/secret_role.py
+++ b/sdk/python/pulumi_vault/mongodbatlas/secret_role.py
@@ -37,7 +37,7 @@ def __init__(__self__, *,
                The value should not contain leading or trailing forward slashes.
                The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
-        :param pulumi.Input[str] organization_id: Unique identifier for the organization to which the target API Key belongs. 
+        :param pulumi.Input[str] organization_id: Unique identifier for the organization to which the target API Key belongs.
                Required if `project_id` is not set.
         :param pulumi.Input[str] project_id: Unique identifier for the project to which the target API Key belongs.
                Required if `organization_id` is not set.
@@ -156,7 +156,7 @@ def namespace(self, value: Optional[pulumi.Input[str]]):
     @pulumi.getter(name="organizationId")
     def organization_id(self) -> Optional[pulumi.Input[str]]:
         """
-        Unique identifier for the organization to which the target API Key belongs. 
+        Unique identifier for the organization to which the target API Key belongs.
         Required if `project_id` is not set.
         """
         return pulumi.get(self, "organization_id")
@@ -228,7 +228,7 @@ def __init__(__self__, *,
                The value should not contain leading or trailing forward slashes.
                The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
-        :param pulumi.Input[str] organization_id: Unique identifier for the organization to which the target API Key belongs. 
+        :param pulumi.Input[str] organization_id: Unique identifier for the organization to which the target API Key belongs.
                Required if `project_id` is not set.
         :param pulumi.Input[str] project_id: Unique identifier for the project to which the target API Key belongs.
                Required if `organization_id` is not set.
@@ -338,7 +338,7 @@ def namespace(self, value: Optional[pulumi.Input[str]]):
     @pulumi.getter(name="organizationId")
     def organization_id(self) -> Optional[pulumi.Input[str]]:
         """
-        Unique identifier for the organization to which the target API Key belongs. 
+        Unique identifier for the organization to which the target API Key belongs.
         Required if `project_id` is not set.
         """
         return pulumi.get(self, "organization_id")
@@ -462,7 +462,7 @@ def __init__(__self__,
                The value should not contain leading or trailing forward slashes.
                The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
-        :param pulumi.Input[str] organization_id: Unique identifier for the organization to which the target API Key belongs. 
+        :param pulumi.Input[str] organization_id: Unique identifier for the organization to which the target API Key belongs.
                Required if `project_id` is not set.
         :param pulumi.Input[str] project_id: Unique identifier for the project to which the target API Key belongs.
                Required if `organization_id` is not set.
@@ -600,7 +600,7 @@ def get(resource_name: str,
                The value should not contain leading or trailing forward slashes.
                The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
-        :param pulumi.Input[str] organization_id: Unique identifier for the organization to which the target API Key belongs. 
+        :param pulumi.Input[str] organization_id: Unique identifier for the organization to which the target API Key belongs.
                Required if `project_id` is not set.
         :param pulumi.Input[str] project_id: Unique identifier for the project to which the target API Key belongs.
                Required if `organization_id` is not set.
@@ -680,7 +680,7 @@ def namespace(self) -> pulumi.Output[Optional[str]]:
     @pulumi.getter(name="organizationId")
     def organization_id(self) -> pulumi.Output[Optional[str]]:
         """
-        Unique identifier for the organization to which the target API Key belongs. 
+        Unique identifier for the organization to which the target API Key belongs.
         Required if `project_id` is not set.
         """
         return pulumi.get(self, "organization_id")
diff --git a/sdk/python/pulumi_vault/nomad_secret_role.py b/sdk/python/pulumi_vault/nomad_secret_role.py
index 1fc949def..6a0a6ace4 100644
--- a/sdk/python/pulumi_vault/nomad_secret_role.py
+++ b/sdk/python/pulumi_vault/nomad_secret_role.py
@@ -25,15 +25,15 @@ def __init__(__self__, *,
         :param pulumi.Input[str] backend: The unique path this backend should be mounted at.
         :param pulumi.Input[str] role: The name to identify this role within the backend.
                Must be unique within the backend.
-        :param pulumi.Input[bool] global_: Specifies if the generated token should be global. Defaults to 
+        :param pulumi.Input[bool] global_: Specifies if the generated token should be global. Defaults to
                false.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
                The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] policies: List of policies attached to the generated token. This setting is only used 
+        :param pulumi.Input[Sequence[pulumi.Input[str]]] policies: List of policies attached to the generated token. This setting is only used
                when `type` is 'client'.
-        :param pulumi.Input[str] type: Specifies the type of token to create when using this role. Valid 
+        :param pulumi.Input[str] type: Specifies the type of token to create when using this role. Valid
                settings are 'client' and 'management'. Defaults to 'client'.
         """
         pulumi.set(__self__, "backend", backend)
@@ -76,7 +76,7 @@ def role(self, value: pulumi.Input[str]):
     @pulumi.getter(name="global")
     def global_(self) -> Optional[pulumi.Input[bool]]:
         """
-        Specifies if the generated token should be global. Defaults to 
+        Specifies if the generated token should be global. Defaults to
         false.
         """
         return pulumi.get(self, "global_")
@@ -104,7 +104,7 @@ def namespace(self, value: Optional[pulumi.Input[str]]):
     @pulumi.getter
     def policies(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
         """
-        List of policies attached to the generated token. This setting is only used 
+        List of policies attached to the generated token. This setting is only used
         when `type` is 'client'.
         """
         return pulumi.get(self, "policies")
@@ -117,7 +117,7 @@ def policies(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
     @pulumi.getter
     def type(self) -> Optional[pulumi.Input[str]]:
         """
-        Specifies the type of token to create when using this role. Valid 
+        Specifies the type of token to create when using this role. Valid
         settings are 'client' and 'management'. Defaults to 'client'.
         """
         return pulumi.get(self, "type")
@@ -139,17 +139,17 @@ def __init__(__self__, *,
         """
         Input properties used for looking up and filtering NomadSecretRole resources.
         :param pulumi.Input[str] backend: The unique path this backend should be mounted at.
-        :param pulumi.Input[bool] global_: Specifies if the generated token should be global. Defaults to 
+        :param pulumi.Input[bool] global_: Specifies if the generated token should be global. Defaults to
                false.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
                The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] policies: List of policies attached to the generated token. This setting is only used 
+        :param pulumi.Input[Sequence[pulumi.Input[str]]] policies: List of policies attached to the generated token. This setting is only used
                when `type` is 'client'.
         :param pulumi.Input[str] role: The name to identify this role within the backend.
                Must be unique within the backend.
-        :param pulumi.Input[str] type: Specifies the type of token to create when using this role. Valid 
+        :param pulumi.Input[str] type: Specifies the type of token to create when using this role. Valid
                settings are 'client' and 'management'. Defaults to 'client'.
         """
         if backend is not None:
@@ -181,7 +181,7 @@ def backend(self, value: Optional[pulumi.Input[str]]):
     @pulumi.getter(name="global")
     def global_(self) -> Optional[pulumi.Input[bool]]:
         """
-        Specifies if the generated token should be global. Defaults to 
+        Specifies if the generated token should be global. Defaults to
         false.
         """
         return pulumi.get(self, "global_")
@@ -209,7 +209,7 @@ def namespace(self, value: Optional[pulumi.Input[str]]):
     @pulumi.getter
     def policies(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
         """
-        List of policies attached to the generated token. This setting is only used 
+        List of policies attached to the generated token. This setting is only used
         when `type` is 'client'.
         """
         return pulumi.get(self, "policies")
@@ -235,7 +235,7 @@ def role(self, value: Optional[pulumi.Input[str]]):
     @pulumi.getter
     def type(self) -> Optional[pulumi.Input[str]]:
         """
-        Specifies the type of token to create when using this role. Valid 
+        Specifies the type of token to create when using this role. Valid
         settings are 'client' and 'management'. Defaults to 'client'.
         """
         return pulumi.get(self, "type")
@@ -289,17 +289,17 @@ def __init__(__self__,
         :param str resource_name: The name of the resource.
         :param pulumi.ResourceOptions opts: Options for the resource.
         :param pulumi.Input[str] backend: The unique path this backend should be mounted at.
-        :param pulumi.Input[bool] global_: Specifies if the generated token should be global. Defaults to 
+        :param pulumi.Input[bool] global_: Specifies if the generated token should be global. Defaults to
                false.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
                The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] policies: List of policies attached to the generated token. This setting is only used 
+        :param pulumi.Input[Sequence[pulumi.Input[str]]] policies: List of policies attached to the generated token. This setting is only used
                when `type` is 'client'.
         :param pulumi.Input[str] role: The name to identify this role within the backend.
                Must be unique within the backend.
-        :param pulumi.Input[str] type: Specifies the type of token to create when using this role. Valid 
+        :param pulumi.Input[str] type: Specifies the type of token to create when using this role. Valid
                settings are 'client' and 'management'. Defaults to 'client'.
         """
         ...
@@ -401,17 +401,17 @@ def get(resource_name: str,
         :param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
         :param pulumi.ResourceOptions opts: Options for the resource.
         :param pulumi.Input[str] backend: The unique path this backend should be mounted at.
-        :param pulumi.Input[bool] global_: Specifies if the generated token should be global. Defaults to 
+        :param pulumi.Input[bool] global_: Specifies if the generated token should be global. Defaults to
                false.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
                The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] policies: List of policies attached to the generated token. This setting is only used 
+        :param pulumi.Input[Sequence[pulumi.Input[str]]] policies: List of policies attached to the generated token. This setting is only used
                when `type` is 'client'.
         :param pulumi.Input[str] role: The name to identify this role within the backend.
                Must be unique within the backend.
-        :param pulumi.Input[str] type: Specifies the type of token to create when using this role. Valid 
+        :param pulumi.Input[str] type: Specifies the type of token to create when using this role. Valid
                settings are 'client' and 'management'. Defaults to 'client'.
         """
         opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
@@ -438,7 +438,7 @@ def backend(self) -> pulumi.Output[str]:
     @pulumi.getter(name="global")
     def global_(self) -> pulumi.Output[bool]:
         """
-        Specifies if the generated token should be global. Defaults to 
+        Specifies if the generated token should be global. Defaults to
         false.
         """
         return pulumi.get(self, "global_")
@@ -458,7 +458,7 @@ def namespace(self) -> pulumi.Output[Optional[str]]:
     @pulumi.getter
     def policies(self) -> pulumi.Output[Sequence[str]]:
         """
-        List of policies attached to the generated token. This setting is only used 
+        List of policies attached to the generated token. This setting is only used
         when `type` is 'client'.
         """
         return pulumi.get(self, "policies")
@@ -476,7 +476,7 @@ def role(self) -> pulumi.Output[str]:
     @pulumi.getter
     def type(self) -> pulumi.Output[str]:
         """
-        Specifies the type of token to create when using this role. Valid 
+        Specifies the type of token to create when using this role. Valid
         settings are 'client' and 'management'. Defaults to 'client'.
         """
         return pulumi.get(self, "type")
diff --git a/sdk/python/pulumi_vault/pkisecret/get_backend_issuer.py b/sdk/python/pulumi_vault/pkisecret/get_backend_issuer.py
index 75e67ed48..c6a19e90b 100644
--- a/sdk/python/pulumi_vault/pkisecret/get_backend_issuer.py
+++ b/sdk/python/pulumi_vault/pkisecret/get_backend_issuer.py
@@ -129,7 +129,7 @@ def leaf_not_after_behavior(self) -> str:
     @pulumi.getter(name="manualChains")
     def manual_chains(self) -> Sequence[str]:
         """
-        Chain of issuer references to build this issuer's computed 
+        Chain of issuer references to build this issuer's computed
         CAChain field from, when non-empty.
         """
         return pulumi.get(self, "manual_chains")
diff --git a/sdk/python/pulumi_vault/pkisecret/secret_backend_crl_config.py b/sdk/python/pulumi_vault/pkisecret/secret_backend_crl_config.py
index 24f0f15a5..0e6eb9bf1 100644
--- a/sdk/python/pulumi_vault/pkisecret/secret_backend_crl_config.py
+++ b/sdk/python/pulumi_vault/pkisecret/secret_backend_crl_config.py
@@ -35,7 +35,7 @@ def __init__(__self__, *,
         :param pulumi.Input[bool] cross_cluster_revocation: Enable cross-cluster revocation request queues. **Vault 1.13+**
         :param pulumi.Input[str] delta_rebuild_interval: Interval to check for new revocations on, to regenerate the delta CRL.
         :param pulumi.Input[bool] disable: Disables or enables CRL building.
-        :param pulumi.Input[bool] enable_delta: Enables building of delta CRLs with up-to-date revocation information, 
+        :param pulumi.Input[bool] enable_delta: Enables building of delta CRLs with up-to-date revocation information,
                augmenting the last complete CRL.  **Vault 1.12+**
         :param pulumi.Input[str] expiry: Specifies the time until expiration.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
@@ -43,7 +43,7 @@ def __init__(__self__, *,
                The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
         :param pulumi.Input[bool] ocsp_disable: Disables the OCSP responder in Vault. **Vault 1.12+**
-        :param pulumi.Input[str] ocsp_expiry: The amount of time an OCSP response can be cached for, useful for OCSP stapling 
+        :param pulumi.Input[str] ocsp_expiry: The amount of time an OCSP response can be cached for, useful for OCSP stapling
                refresh durations. **Vault 1.12+**
         :param pulumi.Input[bool] unified_crl: Enables unified CRL and OCSP building. **Vault 1.13+**
         :param pulumi.Input[bool] unified_crl_on_existing_paths: Enables serving the unified CRL and OCSP on the existing, previously
@@ -151,7 +151,7 @@ def disable(self, value: Optional[pulumi.Input[bool]]):
     @pulumi.getter(name="enableDelta")
     def enable_delta(self) -> Optional[pulumi.Input[bool]]:
         """
-        Enables building of delta CRLs with up-to-date revocation information, 
+        Enables building of delta CRLs with up-to-date revocation information,
         augmenting the last complete CRL.  **Vault 1.12+**
         """
         return pulumi.get(self, "enable_delta")
@@ -203,7 +203,7 @@ def ocsp_disable(self, value: Optional[pulumi.Input[bool]]):
     @pulumi.getter(name="ocspExpiry")
     def ocsp_expiry(self) -> Optional[pulumi.Input[str]]:
         """
-        The amount of time an OCSP response can be cached for, useful for OCSP stapling 
+        The amount of time an OCSP response can be cached for, useful for OCSP stapling
         refresh durations. **Vault 1.12+**
         """
         return pulumi.get(self, "ocsp_expiry")
@@ -262,7 +262,7 @@ def __init__(__self__, *,
         :param pulumi.Input[bool] cross_cluster_revocation: Enable cross-cluster revocation request queues. **Vault 1.13+**
         :param pulumi.Input[str] delta_rebuild_interval: Interval to check for new revocations on, to regenerate the delta CRL.
         :param pulumi.Input[bool] disable: Disables or enables CRL building.
-        :param pulumi.Input[bool] enable_delta: Enables building of delta CRLs with up-to-date revocation information, 
+        :param pulumi.Input[bool] enable_delta: Enables building of delta CRLs with up-to-date revocation information,
                augmenting the last complete CRL.  **Vault 1.12+**
         :param pulumi.Input[str] expiry: Specifies the time until expiration.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
@@ -270,7 +270,7 @@ def __init__(__self__, *,
                The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
         :param pulumi.Input[bool] ocsp_disable: Disables the OCSP responder in Vault. **Vault 1.12+**
-        :param pulumi.Input[str] ocsp_expiry: The amount of time an OCSP response can be cached for, useful for OCSP stapling 
+        :param pulumi.Input[str] ocsp_expiry: The amount of time an OCSP response can be cached for, useful for OCSP stapling
                refresh durations. **Vault 1.12+**
         :param pulumi.Input[bool] unified_crl: Enables unified CRL and OCSP building. **Vault 1.13+**
         :param pulumi.Input[bool] unified_crl_on_existing_paths: Enables serving the unified CRL and OCSP on the existing, previously
@@ -379,7 +379,7 @@ def disable(self, value: Optional[pulumi.Input[bool]]):
     @pulumi.getter(name="enableDelta")
     def enable_delta(self) -> Optional[pulumi.Input[bool]]:
         """
-        Enables building of delta CRLs with up-to-date revocation information, 
+        Enables building of delta CRLs with up-to-date revocation information,
         augmenting the last complete CRL.  **Vault 1.12+**
         """
         return pulumi.get(self, "enable_delta")
@@ -431,7 +431,7 @@ def ocsp_disable(self, value: Optional[pulumi.Input[bool]]):
     @pulumi.getter(name="ocspExpiry")
     def ocsp_expiry(self) -> Optional[pulumi.Input[str]]:
         """
-        The amount of time an OCSP response can be cached for, useful for OCSP stapling 
+        The amount of time an OCSP response can be cached for, useful for OCSP stapling
         refresh durations. **Vault 1.12+**
         """
         return pulumi.get(self, "ocsp_expiry")
@@ -513,7 +513,7 @@ def __init__(__self__,
         :param pulumi.Input[bool] cross_cluster_revocation: Enable cross-cluster revocation request queues. **Vault 1.13+**
         :param pulumi.Input[str] delta_rebuild_interval: Interval to check for new revocations on, to regenerate the delta CRL.
         :param pulumi.Input[bool] disable: Disables or enables CRL building.
-        :param pulumi.Input[bool] enable_delta: Enables building of delta CRLs with up-to-date revocation information, 
+        :param pulumi.Input[bool] enable_delta: Enables building of delta CRLs with up-to-date revocation information,
                augmenting the last complete CRL.  **Vault 1.12+**
         :param pulumi.Input[str] expiry: Specifies the time until expiration.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
@@ -521,7 +521,7 @@ def __init__(__self__,
                The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
         :param pulumi.Input[bool] ocsp_disable: Disables the OCSP responder in Vault. **Vault 1.12+**
-        :param pulumi.Input[str] ocsp_expiry: The amount of time an OCSP response can be cached for, useful for OCSP stapling 
+        :param pulumi.Input[str] ocsp_expiry: The amount of time an OCSP response can be cached for, useful for OCSP stapling
                refresh durations. **Vault 1.12+**
         :param pulumi.Input[bool] unified_crl: Enables unified CRL and OCSP building. **Vault 1.13+**
         :param pulumi.Input[bool] unified_crl_on_existing_paths: Enables serving the unified CRL and OCSP on the existing, previously
@@ -641,7 +641,7 @@ def get(resource_name: str,
         :param pulumi.Input[bool] cross_cluster_revocation: Enable cross-cluster revocation request queues. **Vault 1.13+**
         :param pulumi.Input[str] delta_rebuild_interval: Interval to check for new revocations on, to regenerate the delta CRL.
         :param pulumi.Input[bool] disable: Disables or enables CRL building.
-        :param pulumi.Input[bool] enable_delta: Enables building of delta CRLs with up-to-date revocation information, 
+        :param pulumi.Input[bool] enable_delta: Enables building of delta CRLs with up-to-date revocation information,
                augmenting the last complete CRL.  **Vault 1.12+**
         :param pulumi.Input[str] expiry: Specifies the time until expiration.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
@@ -649,7 +649,7 @@ def get(resource_name: str,
                The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
         :param pulumi.Input[bool] ocsp_disable: Disables the OCSP responder in Vault. **Vault 1.12+**
-        :param pulumi.Input[str] ocsp_expiry: The amount of time an OCSP response can be cached for, useful for OCSP stapling 
+        :param pulumi.Input[str] ocsp_expiry: The amount of time an OCSP response can be cached for, useful for OCSP stapling
                refresh durations. **Vault 1.12+**
         :param pulumi.Input[bool] unified_crl: Enables unified CRL and OCSP building. **Vault 1.13+**
         :param pulumi.Input[bool] unified_crl_on_existing_paths: Enables serving the unified CRL and OCSP on the existing, previously
@@ -726,7 +726,7 @@ def disable(self) -> pulumi.Output[Optional[bool]]:
     @pulumi.getter(name="enableDelta")
     def enable_delta(self) -> pulumi.Output[Optional[bool]]:
         """
-        Enables building of delta CRLs with up-to-date revocation information, 
+        Enables building of delta CRLs with up-to-date revocation information,
         augmenting the last complete CRL.  **Vault 1.12+**
         """
         return pulumi.get(self, "enable_delta")
@@ -762,7 +762,7 @@ def ocsp_disable(self) -> pulumi.Output[Optional[bool]]:
     @pulumi.getter(name="ocspExpiry")
     def ocsp_expiry(self) -> pulumi.Output[str]:
         """
-        The amount of time an OCSP response can be cached for, useful for OCSP stapling 
+        The amount of time an OCSP response can be cached for, useful for OCSP stapling
         refresh durations. **Vault 1.12+**
         """
         return pulumi.get(self, "ocsp_expiry")
diff --git a/sdk/python/pulumi_vault/pkisecret/secret_backend_key.py b/sdk/python/pulumi_vault/pkisecret/secret_backend_key.py
index 1ef4a5f11..16c8db79c 100644
--- a/sdk/python/pulumi_vault/pkisecret/secret_backend_key.py
+++ b/sdk/python/pulumi_vault/pkisecret/secret_backend_key.py
@@ -26,11 +26,11 @@ def __init__(__self__, *,
         The set of arguments for constructing a SecretBackendKey resource.
         :param pulumi.Input[str] backend: The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
         :param pulumi.Input[str] type: Specifies the type of the key to create. Can be `exported`,`internal` or `kms`.
-        :param pulumi.Input[int] key_bits: Specifies the number of bits to use for the generated keys. 
+        :param pulumi.Input[int] key_bits: Specifies the number of bits to use for the generated keys.
                Allowed values are 0 (universal default); with `key_type=rsa`, allowed values are:
                2048 (default), 3072, or 4096; with `key_type=ec`, allowed values are: 224, 256 (default),
                384, or 521; ignored with `key_type=ed25519`.
-        :param pulumi.Input[str] key_name: When a new key is created with this request, optionally specifies the name for this. 
+        :param pulumi.Input[str] key_name: When a new key is created with this request, optionally specifies the name for this.
                The global ref `default` may not be used as a name.
         :param pulumi.Input[str] key_type: Specifies the desired key type; must be `rsa`, `ed25519` or `ec`.
         :param pulumi.Input[str] managed_key_id: The managed key's UUID.
@@ -83,7 +83,7 @@ def type(self, value: pulumi.Input[str]):
     @pulumi.getter(name="keyBits")
     def key_bits(self) -> Optional[pulumi.Input[int]]:
         """
-        Specifies the number of bits to use for the generated keys. 
+        Specifies the number of bits to use for the generated keys.
         Allowed values are 0 (universal default); with `key_type=rsa`, allowed values are:
         2048 (default), 3072, or 4096; with `key_type=ec`, allowed values are: 224, 256 (default),
         384, or 521; ignored with `key_type=ed25519`.
@@ -98,7 +98,7 @@ def key_bits(self, value: Optional[pulumi.Input[int]]):
     @pulumi.getter(name="keyName")
     def key_name(self) -> Optional[pulumi.Input[str]]:
         """
-        When a new key is created with this request, optionally specifies the name for this. 
+        When a new key is created with this request, optionally specifies the name for this.
         The global ref `default` may not be used as a name.
         """
         return pulumi.get(self, "key_name")
@@ -174,12 +174,12 @@ def __init__(__self__, *,
         """
         Input properties used for looking up and filtering SecretBackendKey resources.
         :param pulumi.Input[str] backend: The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
-        :param pulumi.Input[int] key_bits: Specifies the number of bits to use for the generated keys. 
+        :param pulumi.Input[int] key_bits: Specifies the number of bits to use for the generated keys.
                Allowed values are 0 (universal default); with `key_type=rsa`, allowed values are:
                2048 (default), 3072, or 4096; with `key_type=ec`, allowed values are: 224, 256 (default),
                384, or 521; ignored with `key_type=ed25519`.
         :param pulumi.Input[str] key_id: ID of the generated key.
-        :param pulumi.Input[str] key_name: When a new key is created with this request, optionally specifies the name for this. 
+        :param pulumi.Input[str] key_name: When a new key is created with this request, optionally specifies the name for this.
                The global ref `default` may not be used as a name.
         :param pulumi.Input[str] key_type: Specifies the desired key type; must be `rsa`, `ed25519` or `ec`.
         :param pulumi.Input[str] managed_key_id: The managed key's UUID.
@@ -225,7 +225,7 @@ def backend(self, value: Optional[pulumi.Input[str]]):
     @pulumi.getter(name="keyBits")
     def key_bits(self) -> Optional[pulumi.Input[int]]:
         """
-        Specifies the number of bits to use for the generated keys. 
+        Specifies the number of bits to use for the generated keys.
         Allowed values are 0 (universal default); with `key_type=rsa`, allowed values are:
         2048 (default), 3072, or 4096; with `key_type=ec`, allowed values are: 224, 256 (default),
         384, or 521; ignored with `key_type=ed25519`.
@@ -252,7 +252,7 @@ def key_id(self, value: Optional[pulumi.Input[str]]):
     @pulumi.getter(name="keyName")
     def key_name(self) -> Optional[pulumi.Input[str]]:
         """
-        When a new key is created with this request, optionally specifies the name for this. 
+        When a new key is created with this request, optionally specifies the name for this.
         The global ref `default` may not be used as a name.
         """
         return pulumi.get(self, "key_name")
@@ -353,11 +353,11 @@ def __init__(__self__,
         :param str resource_name: The name of the resource.
         :param pulumi.ResourceOptions opts: Options for the resource.
         :param pulumi.Input[str] backend: The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
-        :param pulumi.Input[int] key_bits: Specifies the number of bits to use for the generated keys. 
+        :param pulumi.Input[int] key_bits: Specifies the number of bits to use for the generated keys.
                Allowed values are 0 (universal default); with `key_type=rsa`, allowed values are:
                2048 (default), 3072, or 4096; with `key_type=ec`, allowed values are: 224, 256 (default),
                384, or 521; ignored with `key_type=ed25519`.
-        :param pulumi.Input[str] key_name: When a new key is created with this request, optionally specifies the name for this. 
+        :param pulumi.Input[str] key_name: When a new key is created with this request, optionally specifies the name for this.
                The global ref `default` may not be used as a name.
         :param pulumi.Input[str] key_type: Specifies the desired key type; must be `rsa`, `ed25519` or `ec`.
         :param pulumi.Input[str] managed_key_id: The managed key's UUID.
@@ -457,12 +457,12 @@ def get(resource_name: str,
         :param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
         :param pulumi.ResourceOptions opts: Options for the resource.
         :param pulumi.Input[str] backend: The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
-        :param pulumi.Input[int] key_bits: Specifies the number of bits to use for the generated keys. 
+        :param pulumi.Input[int] key_bits: Specifies the number of bits to use for the generated keys.
                Allowed values are 0 (universal default); with `key_type=rsa`, allowed values are:
                2048 (default), 3072, or 4096; with `key_type=ec`, allowed values are: 224, 256 (default),
                384, or 521; ignored with `key_type=ed25519`.
         :param pulumi.Input[str] key_id: ID of the generated key.
-        :param pulumi.Input[str] key_name: When a new key is created with this request, optionally specifies the name for this. 
+        :param pulumi.Input[str] key_name: When a new key is created with this request, optionally specifies the name for this.
                The global ref `default` may not be used as a name.
         :param pulumi.Input[str] key_type: Specifies the desired key type; must be `rsa`, `ed25519` or `ec`.
         :param pulumi.Input[str] managed_key_id: The managed key's UUID.
@@ -500,7 +500,7 @@ def backend(self) -> pulumi.Output[str]:
     @pulumi.getter(name="keyBits")
     def key_bits(self) -> pulumi.Output[int]:
         """
-        Specifies the number of bits to use for the generated keys. 
+        Specifies the number of bits to use for the generated keys.
         Allowed values are 0 (universal default); with `key_type=rsa`, allowed values are:
         2048 (default), 3072, or 4096; with `key_type=ec`, allowed values are: 224, 256 (default),
         384, or 521; ignored with `key_type=ed25519`.
@@ -519,7 +519,7 @@ def key_id(self) -> pulumi.Output[str]:
     @pulumi.getter(name="keyName")
     def key_name(self) -> pulumi.Output[Optional[str]]:
         """
-        When a new key is created with this request, optionally specifies the name for this. 
+        When a new key is created with this request, optionally specifies the name for this.
         The global ref `default` may not be used as a name.
         """
         return pulumi.get(self, "key_name")
diff --git a/sdk/python/pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py b/sdk/python/pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py
index 14012bb9d..231e0548f 100644
--- a/sdk/python/pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py
+++ b/sdk/python/pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py
@@ -433,7 +433,7 @@ def __init__(__self__, *,
         :param pulumi.Input[str] backend: The PKI secret backend the resource belongs to.
         :param pulumi.Input[Sequence[pulumi.Input[str]]] ca_chains: A list of the issuing and intermediate CA certificates in the `format` specified.
         :param pulumi.Input[str] certificate: The intermediate CA certificate in the `format` specified.
-        :param pulumi.Input[str] certificate_bundle: The concatenation of the intermediate CA and the issuing CA certificates (PEM encoded). 
+        :param pulumi.Input[str] certificate_bundle: The concatenation of the intermediate CA and the issuing CA certificates (PEM encoded).
                Requires the `format` to be set to any of: pem, pem_bundle. The value will be empty for all other formats.
         :param pulumi.Input[str] common_name: CN of intermediate to create
         :param pulumi.Input[str] country: The country
@@ -574,7 +574,7 @@ def certificate(self, value: Optional[pulumi.Input[str]]):
     @pulumi.getter(name="certificateBundle")
     def certificate_bundle(self) -> Optional[pulumi.Input[str]]:
         """
-        The concatenation of the intermediate CA and the issuing CA certificates (PEM encoded). 
+        The concatenation of the intermediate CA and the issuing CA certificates (PEM encoded).
         Requires the `format` to be set to any of: pem, pem_bundle. The value will be empty for all other formats.
         """
         return pulumi.get(self, "certificate_bundle")
@@ -1101,7 +1101,7 @@ def get(resource_name: str,
         :param pulumi.Input[str] backend: The PKI secret backend the resource belongs to.
         :param pulumi.Input[Sequence[pulumi.Input[str]]] ca_chains: A list of the issuing and intermediate CA certificates in the `format` specified.
         :param pulumi.Input[str] certificate: The intermediate CA certificate in the `format` specified.
-        :param pulumi.Input[str] certificate_bundle: The concatenation of the intermediate CA and the issuing CA certificates (PEM encoded). 
+        :param pulumi.Input[str] certificate_bundle: The concatenation of the intermediate CA and the issuing CA certificates (PEM encoded).
                Requires the `format` to be set to any of: pem, pem_bundle. The value will be empty for all other formats.
         :param pulumi.Input[str] common_name: CN of intermediate to create
         :param pulumi.Input[str] country: The country
@@ -1203,7 +1203,7 @@ def certificate(self) -> pulumi.Output[str]:
     @pulumi.getter(name="certificateBundle")
     def certificate_bundle(self) -> pulumi.Output[str]:
         """
-        The concatenation of the intermediate CA and the issuing CA certificates (PEM encoded). 
+        The concatenation of the intermediate CA and the issuing CA certificates (PEM encoded).
         Requires the `format` to be set to any of: pem, pem_bundle. The value will be empty for all other formats.
         """
         return pulumi.get(self, "certificate_bundle")
diff --git a/sdk/python/pulumi_vault/raft_autopilot.py b/sdk/python/pulumi_vault/raft_autopilot.py
index ff43a0a38..23bbde8ec 100644
--- a/sdk/python/pulumi_vault/raft_autopilot.py
+++ b/sdk/python/pulumi_vault/raft_autopilot.py
@@ -26,22 +26,22 @@ def __init__(__self__, *,
         The set of arguments for constructing a RaftAutopilot resource.
         :param pulumi.Input[bool] cleanup_dead_servers: Specifies whether to remove dead server nodes
                periodically or when a new server joins. This requires that `min-quorum` is also set.
-        :param pulumi.Input[str] dead_server_last_contact_threshold: Limit the amount of time a 
+        :param pulumi.Input[str] dead_server_last_contact_threshold: Limit the amount of time a
                server can go without leader contact before being considered failed. This only takes
                effect when `cleanup_dead_servers` is set.
         :param pulumi.Input[bool] disable_upgrade_migration: Disables automatically upgrading Vault using autopilot. (Enterprise-only)
-        :param pulumi.Input[str] last_contact_threshold: Limit the amount of time a server can go 
+        :param pulumi.Input[str] last_contact_threshold: Limit the amount of time a server can go
                without leader contact before being considered unhealthy.
-        :param pulumi.Input[int] max_trailing_logs: Maximum number of log entries in the Raft log 
+        :param pulumi.Input[int] max_trailing_logs: Maximum number of log entries in the Raft log
                that a server can be behind its leader before being considered unhealthy.
-        :param pulumi.Input[int] min_quorum: Minimum number of servers allowed in a cluster before 
+        :param pulumi.Input[int] min_quorum: Minimum number of servers allowed in a cluster before
                autopilot can prune dead servers. This should at least be 3. Applicable only for
                voting nodes.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
                The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
-        :param pulumi.Input[str] server_stabilization_time: Minimum amount of time a server must be 
+        :param pulumi.Input[str] server_stabilization_time: Minimum amount of time a server must be
                stable in the 'healthy' state before being added to the cluster.
         """
         if cleanup_dead_servers is not None:
@@ -78,7 +78,7 @@ def cleanup_dead_servers(self, value: Optional[pulumi.Input[bool]]):
     @pulumi.getter(name="deadServerLastContactThreshold")
     def dead_server_last_contact_threshold(self) -> Optional[pulumi.Input[str]]:
         """
-        Limit the amount of time a 
+        Limit the amount of time a
         server can go without leader contact before being considered failed. This only takes
         effect when `cleanup_dead_servers` is set.
         """
@@ -104,7 +104,7 @@ def disable_upgrade_migration(self, value: Optional[pulumi.Input[bool]]):
     @pulumi.getter(name="lastContactThreshold")
     def last_contact_threshold(self) -> Optional[pulumi.Input[str]]:
         """
-        Limit the amount of time a server can go 
+        Limit the amount of time a server can go
         without leader contact before being considered unhealthy.
         """
         return pulumi.get(self, "last_contact_threshold")
@@ -117,7 +117,7 @@ def last_contact_threshold(self, value: Optional[pulumi.Input[str]]):
     @pulumi.getter(name="maxTrailingLogs")
     def max_trailing_logs(self) -> Optional[pulumi.Input[int]]:
         """
-        Maximum number of log entries in the Raft log 
+        Maximum number of log entries in the Raft log
         that a server can be behind its leader before being considered unhealthy.
         """
         return pulumi.get(self, "max_trailing_logs")
@@ -130,7 +130,7 @@ def max_trailing_logs(self, value: Optional[pulumi.Input[int]]):
     @pulumi.getter(name="minQuorum")
     def min_quorum(self) -> Optional[pulumi.Input[int]]:
         """
-        Minimum number of servers allowed in a cluster before 
+        Minimum number of servers allowed in a cluster before
         autopilot can prune dead servers. This should at least be 3. Applicable only for
         voting nodes.
         """
@@ -159,7 +159,7 @@ def namespace(self, value: Optional[pulumi.Input[str]]):
     @pulumi.getter(name="serverStabilizationTime")
     def server_stabilization_time(self) -> Optional[pulumi.Input[str]]:
         """
-        Minimum amount of time a server must be 
+        Minimum amount of time a server must be
         stable in the 'healthy' state before being added to the cluster.
         """
         return pulumi.get(self, "server_stabilization_time")
@@ -184,22 +184,22 @@ def __init__(__self__, *,
         Input properties used for looking up and filtering RaftAutopilot resources.
         :param pulumi.Input[bool] cleanup_dead_servers: Specifies whether to remove dead server nodes
                periodically or when a new server joins. This requires that `min-quorum` is also set.
-        :param pulumi.Input[str] dead_server_last_contact_threshold: Limit the amount of time a 
+        :param pulumi.Input[str] dead_server_last_contact_threshold: Limit the amount of time a
                server can go without leader contact before being considered failed. This only takes
                effect when `cleanup_dead_servers` is set.
         :param pulumi.Input[bool] disable_upgrade_migration: Disables automatically upgrading Vault using autopilot. (Enterprise-only)
-        :param pulumi.Input[str] last_contact_threshold: Limit the amount of time a server can go 
+        :param pulumi.Input[str] last_contact_threshold: Limit the amount of time a server can go
                without leader contact before being considered unhealthy.
-        :param pulumi.Input[int] max_trailing_logs: Maximum number of log entries in the Raft log 
+        :param pulumi.Input[int] max_trailing_logs: Maximum number of log entries in the Raft log
                that a server can be behind its leader before being considered unhealthy.
-        :param pulumi.Input[int] min_quorum: Minimum number of servers allowed in a cluster before 
+        :param pulumi.Input[int] min_quorum: Minimum number of servers allowed in a cluster before
                autopilot can prune dead servers. This should at least be 3. Applicable only for
                voting nodes.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
                The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
-        :param pulumi.Input[str] server_stabilization_time: Minimum amount of time a server must be 
+        :param pulumi.Input[str] server_stabilization_time: Minimum amount of time a server must be
                stable in the 'healthy' state before being added to the cluster.
         """
         if cleanup_dead_servers is not None:
@@ -236,7 +236,7 @@ def cleanup_dead_servers(self, value: Optional[pulumi.Input[bool]]):
     @pulumi.getter(name="deadServerLastContactThreshold")
     def dead_server_last_contact_threshold(self) -> Optional[pulumi.Input[str]]:
         """
-        Limit the amount of time a 
+        Limit the amount of time a
         server can go without leader contact before being considered failed. This only takes
         effect when `cleanup_dead_servers` is set.
         """
@@ -262,7 +262,7 @@ def disable_upgrade_migration(self, value: Optional[pulumi.Input[bool]]):
     @pulumi.getter(name="lastContactThreshold")
     def last_contact_threshold(self) -> Optional[pulumi.Input[str]]:
         """
-        Limit the amount of time a server can go 
+        Limit the amount of time a server can go
         without leader contact before being considered unhealthy.
         """
         return pulumi.get(self, "last_contact_threshold")
@@ -275,7 +275,7 @@ def last_contact_threshold(self, value: Optional[pulumi.Input[str]]):
     @pulumi.getter(name="maxTrailingLogs")
     def max_trailing_logs(self) -> Optional[pulumi.Input[int]]:
         """
-        Maximum number of log entries in the Raft log 
+        Maximum number of log entries in the Raft log
         that a server can be behind its leader before being considered unhealthy.
         """
         return pulumi.get(self, "max_trailing_logs")
@@ -288,7 +288,7 @@ def max_trailing_logs(self, value: Optional[pulumi.Input[int]]):
     @pulumi.getter(name="minQuorum")
     def min_quorum(self) -> Optional[pulumi.Input[int]]:
         """
-        Minimum number of servers allowed in a cluster before 
+        Minimum number of servers allowed in a cluster before
         autopilot can prune dead servers. This should at least be 3. Applicable only for
         voting nodes.
         """
@@ -317,7 +317,7 @@ def namespace(self, value: Optional[pulumi.Input[str]]):
     @pulumi.getter(name="serverStabilizationTime")
     def server_stabilization_time(self) -> Optional[pulumi.Input[str]]:
         """
-        Minimum amount of time a server must be 
+        Minimum amount of time a server must be
         stable in the 'healthy' state before being added to the cluster.
         """
         return pulumi.get(self, "server_stabilization_time")
@@ -374,22 +374,22 @@ def __init__(__self__,
         :param pulumi.ResourceOptions opts: Options for the resource.
         :param pulumi.Input[bool] cleanup_dead_servers: Specifies whether to remove dead server nodes
                periodically or when a new server joins. This requires that `min-quorum` is also set.
-        :param pulumi.Input[str] dead_server_last_contact_threshold: Limit the amount of time a 
+        :param pulumi.Input[str] dead_server_last_contact_threshold: Limit the amount of time a
                server can go without leader contact before being considered failed. This only takes
                effect when `cleanup_dead_servers` is set.
         :param pulumi.Input[bool] disable_upgrade_migration: Disables automatically upgrading Vault using autopilot. (Enterprise-only)
-        :param pulumi.Input[str] last_contact_threshold: Limit the amount of time a server can go 
+        :param pulumi.Input[str] last_contact_threshold: Limit the amount of time a server can go
                without leader contact before being considered unhealthy.
-        :param pulumi.Input[int] max_trailing_logs: Maximum number of log entries in the Raft log 
+        :param pulumi.Input[int] max_trailing_logs: Maximum number of log entries in the Raft log
                that a server can be behind its leader before being considered unhealthy.
-        :param pulumi.Input[int] min_quorum: Minimum number of servers allowed in a cluster before 
+        :param pulumi.Input[int] min_quorum: Minimum number of servers allowed in a cluster before
                autopilot can prune dead servers. This should at least be 3. Applicable only for
                voting nodes.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
                The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
-        :param pulumi.Input[str] server_stabilization_time: Minimum amount of time a server must be 
+        :param pulumi.Input[str] server_stabilization_time: Minimum amount of time a server must be
                stable in the 'healthy' state before being added to the cluster.
         """
         ...
@@ -494,22 +494,22 @@ def get(resource_name: str,
         :param pulumi.ResourceOptions opts: Options for the resource.
         :param pulumi.Input[bool] cleanup_dead_servers: Specifies whether to remove dead server nodes
                periodically or when a new server joins. This requires that `min-quorum` is also set.
-        :param pulumi.Input[str] dead_server_last_contact_threshold: Limit the amount of time a 
+        :param pulumi.Input[str] dead_server_last_contact_threshold: Limit the amount of time a
                server can go without leader contact before being considered failed. This only takes
                effect when `cleanup_dead_servers` is set.
         :param pulumi.Input[bool] disable_upgrade_migration: Disables automatically upgrading Vault using autopilot. (Enterprise-only)
-        :param pulumi.Input[str] last_contact_threshold: Limit the amount of time a server can go 
+        :param pulumi.Input[str] last_contact_threshold: Limit the amount of time a server can go
                without leader contact before being considered unhealthy.
-        :param pulumi.Input[int] max_trailing_logs: Maximum number of log entries in the Raft log 
+        :param pulumi.Input[int] max_trailing_logs: Maximum number of log entries in the Raft log
                that a server can be behind its leader before being considered unhealthy.
-        :param pulumi.Input[int] min_quorum: Minimum number of servers allowed in a cluster before 
+        :param pulumi.Input[int] min_quorum: Minimum number of servers allowed in a cluster before
                autopilot can prune dead servers. This should at least be 3. Applicable only for
                voting nodes.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
                The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
-        :param pulumi.Input[str] server_stabilization_time: Minimum amount of time a server must be 
+        :param pulumi.Input[str] server_stabilization_time: Minimum amount of time a server must be
                stable in the 'healthy' state before being added to the cluster.
         """
         opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
@@ -539,7 +539,7 @@ def cleanup_dead_servers(self) -> pulumi.Output[Optional[bool]]:
     @pulumi.getter(name="deadServerLastContactThreshold")
     def dead_server_last_contact_threshold(self) -> pulumi.Output[Optional[str]]:
         """
-        Limit the amount of time a 
+        Limit the amount of time a
         server can go without leader contact before being considered failed. This only takes
         effect when `cleanup_dead_servers` is set.
         """
@@ -557,7 +557,7 @@ def disable_upgrade_migration(self) -> pulumi.Output[Optional[bool]]:
     @pulumi.getter(name="lastContactThreshold")
     def last_contact_threshold(self) -> pulumi.Output[Optional[str]]:
         """
-        Limit the amount of time a server can go 
+        Limit the amount of time a server can go
         without leader contact before being considered unhealthy.
         """
         return pulumi.get(self, "last_contact_threshold")
@@ -566,7 +566,7 @@ def last_contact_threshold(self) -> pulumi.Output[Optional[str]]:
     @pulumi.getter(name="maxTrailingLogs")
     def max_trailing_logs(self) -> pulumi.Output[Optional[int]]:
         """
-        Maximum number of log entries in the Raft log 
+        Maximum number of log entries in the Raft log
         that a server can be behind its leader before being considered unhealthy.
         """
         return pulumi.get(self, "max_trailing_logs")
@@ -575,7 +575,7 @@ def max_trailing_logs(self) -> pulumi.Output[Optional[int]]:
     @pulumi.getter(name="minQuorum")
     def min_quorum(self) -> pulumi.Output[Optional[int]]:
         """
-        Minimum number of servers allowed in a cluster before 
+        Minimum number of servers allowed in a cluster before
         autopilot can prune dead servers. This should at least be 3. Applicable only for
         voting nodes.
         """
@@ -596,7 +596,7 @@ def namespace(self) -> pulumi.Output[Optional[str]]:
     @pulumi.getter(name="serverStabilizationTime")
     def server_stabilization_time(self) -> pulumi.Output[Optional[str]]:
         """
-        Minimum amount of time a server must be 
+        Minimum amount of time a server must be
         stable in the 'healthy' state before being added to the cluster.
         """
         return pulumi.get(self, "server_stabilization_time")
diff --git a/sdk/python/pulumi_vault/raft_snapshot_agent_config.py b/sdk/python/pulumi_vault/raft_snapshot_agent_config.py
index 059496673..71eac7e48 100644
--- a/sdk/python/pulumi_vault/raft_snapshot_agent_config.py
+++ b/sdk/python/pulumi_vault/raft_snapshot_agent_config.py
@@ -1005,7 +1005,7 @@ def __init__(__self__,
         """
         ## Example Usage
 
-        ### Local Storage
+        #### Local Storage
         ```python
         import pulumi
         import pulumi_vault as vault
@@ -1019,7 +1019,7 @@ def __init__(__self__,
             local_max_space=10000000)
         ```
 
-        ### AWS S3
+        #### AWS S3
         ```python
         import pulumi
         import pulumi_aws as aws
@@ -1042,7 +1042,7 @@ def __init__(__self__,
             aws_s3_enable_kms=True)
         ```
 
-        ### Azure BLOB
+        #### Azure BLOB
 
         ```python
         import pulumi
@@ -1122,7 +1122,7 @@ def __init__(__self__,
         """
         ## Example Usage
 
-        ### Local Storage
+        #### Local Storage
         ```python
         import pulumi
         import pulumi_vault as vault
@@ -1136,7 +1136,7 @@ def __init__(__self__,
             local_max_space=10000000)
         ```
 
-        ### AWS S3
+        #### AWS S3
         ```python
         import pulumi
         import pulumi_aws as aws
@@ -1159,7 +1159,7 @@ def __init__(__self__,
             aws_s3_enable_kms=True)
         ```
 
-        ### Azure BLOB
+        #### Azure BLOB
 
         ```python
         import pulumi
diff --git a/sdk/python/pulumi_vault/saml/auth_backend.py b/sdk/python/pulumi_vault/saml/auth_backend.py
index 5cecb0e24..e35b35698 100644
--- a/sdk/python/pulumi_vault/saml/auth_backend.py
+++ b/sdk/python/pulumi_vault/saml/auth_backend.py
@@ -38,7 +38,7 @@ def __init__(__self__, *,
         :param pulumi.Input[str] idp_entity_id: The entity ID of the identity provider. Mutually exclusive with
                `idp_metadata_url`.
         :param pulumi.Input[str] idp_metadata_url: The metadata URL of the identity provider.
-        :param pulumi.Input[str] idp_sso_url: The SSO URL of the identity provider. Mutually exclusive with 
+        :param pulumi.Input[str] idp_sso_url: The SSO URL of the identity provider. Mutually exclusive with
                `idp_metadata_url`.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
@@ -163,7 +163,7 @@ def idp_metadata_url(self, value: Optional[pulumi.Input[str]]):
     @pulumi.getter(name="idpSsoUrl")
     def idp_sso_url(self) -> Optional[pulumi.Input[str]]:
         """
-        The SSO URL of the identity provider. Mutually exclusive with 
+        The SSO URL of the identity provider. Mutually exclusive with
         `idp_metadata_url`.
         """
         return pulumi.get(self, "idp_sso_url")
@@ -242,7 +242,7 @@ def __init__(__self__, *,
         :param pulumi.Input[str] idp_entity_id: The entity ID of the identity provider. Mutually exclusive with
                `idp_metadata_url`.
         :param pulumi.Input[str] idp_metadata_url: The metadata URL of the identity provider.
-        :param pulumi.Input[str] idp_sso_url: The SSO URL of the identity provider. Mutually exclusive with 
+        :param pulumi.Input[str] idp_sso_url: The SSO URL of the identity provider. Mutually exclusive with
                `idp_metadata_url`.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
@@ -369,7 +369,7 @@ def idp_metadata_url(self, value: Optional[pulumi.Input[str]]):
     @pulumi.getter(name="idpSsoUrl")
     def idp_sso_url(self) -> Optional[pulumi.Input[str]]:
         """
-        The SSO URL of the identity provider. Mutually exclusive with 
+        The SSO URL of the identity provider. Mutually exclusive with
         `idp_metadata_url`.
         """
         return pulumi.get(self, "idp_sso_url")
@@ -439,6 +439,15 @@ def __init__(__self__,
                  verbose_logging: Optional[pulumi.Input[bool]] = None,
                  __props__=None):
         """
+        layout: "vault"
+        page_title: "Vault: saml.AuthBackend resource"
+        sidebar_current: "docs-vault-saml-auth-backend"
+        description: |-
+        Manages SAML Auth mounts in Vault.
+        
+
+        # vault\\_saml\\_auth\\_backend
+
         Manages a SAML Auth mount in a Vault server. See the [Vault
         documentation](https://www.vaultproject.io/docs/auth/saml/) for more
         information.
@@ -478,7 +487,7 @@ def __init__(__self__,
         :param pulumi.Input[str] idp_entity_id: The entity ID of the identity provider. Mutually exclusive with
                `idp_metadata_url`.
         :param pulumi.Input[str] idp_metadata_url: The metadata URL of the identity provider.
-        :param pulumi.Input[str] idp_sso_url: The SSO URL of the identity provider. Mutually exclusive with 
+        :param pulumi.Input[str] idp_sso_url: The SSO URL of the identity provider. Mutually exclusive with
                `idp_metadata_url`.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
@@ -497,6 +506,15 @@ def __init__(__self__,
                  args: AuthBackendArgs,
                  opts: Optional[pulumi.ResourceOptions] = None):
         """
+        layout: "vault"
+        page_title: "Vault: saml.AuthBackend resource"
+        sidebar_current: "docs-vault-saml-auth-backend"
+        description: |-
+        Manages SAML Auth mounts in Vault.
+        
+
+        # vault\\_saml\\_auth\\_backend
+
         Manages a SAML Auth mount in a Vault server. See the [Vault
         documentation](https://www.vaultproject.io/docs/auth/saml/) for more
         information.
@@ -612,7 +630,7 @@ def get(resource_name: str,
         :param pulumi.Input[str] idp_entity_id: The entity ID of the identity provider. Mutually exclusive with
                `idp_metadata_url`.
         :param pulumi.Input[str] idp_metadata_url: The metadata URL of the identity provider.
-        :param pulumi.Input[str] idp_sso_url: The SSO URL of the identity provider. Mutually exclusive with 
+        :param pulumi.Input[str] idp_sso_url: The SSO URL of the identity provider. Mutually exclusive with
                `idp_metadata_url`.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
@@ -705,7 +723,7 @@ def idp_metadata_url(self) -> pulumi.Output[Optional[str]]:
     @pulumi.getter(name="idpSsoUrl")
     def idp_sso_url(self) -> pulumi.Output[Optional[str]]:
         """
-        The SSO URL of the identity provider. Mutually exclusive with 
+        The SSO URL of the identity provider. Mutually exclusive with
         `idp_metadata_url`.
         """
         return pulumi.get(self, "idp_sso_url")
diff --git a/sdk/python/pulumi_vault/saml/auth_backend_role.py b/sdk/python/pulumi_vault/saml/auth_backend_role.py
index 1c75bba51..3c8e6ab36 100644
--- a/sdk/python/pulumi_vault/saml/auth_backend_role.py
+++ b/sdk/python/pulumi_vault/saml/auth_backend_role.py
@@ -618,6 +618,15 @@ def __init__(__self__,
                  token_type: Optional[pulumi.Input[str]] = None,
                  __props__=None):
         """
+        layout: "vault"
+        page_title: "Vault: saml.AuthBackendRole resource"
+        sidebar_current: "docs-vault-resource-saml-auth-backend-role"
+        description: |-
+        Manages SAML auth backend roles in Vault.
+        
+
+        # vault\\_saml\\_auth\\_backend\\_role
+
         Manages an SAML auth backend role in a Vault server. See the [Vault
         documentation](https://www.vaultproject.io/docs/auth/saml.html) for more
         information.
@@ -687,6 +696,15 @@ def __init__(__self__,
                  args: AuthBackendRoleArgs,
                  opts: Optional[pulumi.ResourceOptions] = None):
         """
+        layout: "vault"
+        page_title: "Vault: saml.AuthBackendRole resource"
+        sidebar_current: "docs-vault-resource-saml-auth-backend-role"
+        description: |-
+        Manages SAML auth backend roles in Vault.
+        
+
+        # vault\\_saml\\_auth\\_backend\\_role
+
         Manages an SAML auth backend role in a Vault server. See the [Vault
         documentation](https://www.vaultproject.io/docs/auth/saml.html) for more
         information.
diff --git a/sdk/python/pulumi_vault/secrets/sync_aws_destination.py b/sdk/python/pulumi_vault/secrets/sync_aws_destination.py
index b3932cebb..dde97fbfb 100644
--- a/sdk/python/pulumi_vault/secrets/sync_aws_destination.py
+++ b/sdk/python/pulumi_vault/secrets/sync_aws_destination.py
@@ -35,7 +35,7 @@ def __init__(__self__, *,
                The field is mutable with no special condition, but users must be careful that the new value fits with the trust
                relationship condition they set on AWS otherwise sync operations will start to fail due to client-side access
                denied errors. Ignored if the `role_arn` field is empty.
-        :param pulumi.Input[str] granularity: Determines what level of information is synced as a distinct resource 
+        :param pulumi.Input[str] granularity: Determines what level of information is synced as a distinct resource
                at the destination. Supports `secret-path` and `secret-key`.
         :param pulumi.Input[str] name: Unique name of the AWS destination.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
@@ -44,7 +44,7 @@ def __init__(__self__, *,
         :param pulumi.Input[str] region: Region where to manage the secrets manager entries.
                Can be omitted and directly provided to Vault using the `AWS_REGION` environment
                variable.
-        :param pulumi.Input[str] role_arn: Specifies a role to assume when connecting to AWS. When assuming a role, 
+        :param pulumi.Input[str] role_arn: Specifies a role to assume when connecting to AWS. When assuming a role,
                Vault uses temporary STS credentials to authenticate. An initial session with the proper trust relationship must
                exist for Vault to be able to assume this role. The role can be in a different account.
                The value is mutable as long as the new role targets the same AWS account ID. If not, the BE will return an error.
@@ -122,7 +122,7 @@ def external_id(self, value: Optional[pulumi.Input[str]]):
     @pulumi.getter
     def granularity(self) -> Optional[pulumi.Input[str]]:
         """
-        Determines what level of information is synced as a distinct resource 
+        Determines what level of information is synced as a distinct resource
         at the destination. Supports `secret-path` and `secret-key`.
         """
         return pulumi.get(self, "granularity")
@@ -175,7 +175,7 @@ def region(self, value: Optional[pulumi.Input[str]]):
     @pulumi.getter(name="roleArn")
     def role_arn(self) -> Optional[pulumi.Input[str]]:
         """
-        Specifies a role to assume when connecting to AWS. When assuming a role, 
+        Specifies a role to assume when connecting to AWS. When assuming a role,
         Vault uses temporary STS credentials to authenticate. An initial session with the proper trust relationship must
         exist for Vault to be able to assume this role. The role can be in a different account.
         The value is mutable as long as the new role targets the same AWS account ID. If not, the BE will return an error.
@@ -240,7 +240,7 @@ def __init__(__self__, *,
                The field is mutable with no special condition, but users must be careful that the new value fits with the trust
                relationship condition they set on AWS otherwise sync operations will start to fail due to client-side access
                denied errors. Ignored if the `role_arn` field is empty.
-        :param pulumi.Input[str] granularity: Determines what level of information is synced as a distinct resource 
+        :param pulumi.Input[str] granularity: Determines what level of information is synced as a distinct resource
                at the destination. Supports `secret-path` and `secret-key`.
         :param pulumi.Input[str] name: Unique name of the AWS destination.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
@@ -249,7 +249,7 @@ def __init__(__self__, *,
         :param pulumi.Input[str] region: Region where to manage the secrets manager entries.
                Can be omitted and directly provided to Vault using the `AWS_REGION` environment
                variable.
-        :param pulumi.Input[str] role_arn: Specifies a role to assume when connecting to AWS. When assuming a role, 
+        :param pulumi.Input[str] role_arn: Specifies a role to assume when connecting to AWS. When assuming a role,
                Vault uses temporary STS credentials to authenticate. An initial session with the proper trust relationship must
                exist for Vault to be able to assume this role. The role can be in a different account.
                The value is mutable as long as the new role targets the same AWS account ID. If not, the BE will return an error.
@@ -330,7 +330,7 @@ def external_id(self, value: Optional[pulumi.Input[str]]):
     @pulumi.getter
     def granularity(self) -> Optional[pulumi.Input[str]]:
         """
-        Determines what level of information is synced as a distinct resource 
+        Determines what level of information is synced as a distinct resource
         at the destination. Supports `secret-path` and `secret-key`.
         """
         return pulumi.get(self, "granularity")
@@ -383,7 +383,7 @@ def region(self, value: Optional[pulumi.Input[str]]):
     @pulumi.getter(name="roleArn")
     def role_arn(self) -> Optional[pulumi.Input[str]]:
         """
-        Specifies a role to assume when connecting to AWS. When assuming a role, 
+        Specifies a role to assume when connecting to AWS. When assuming a role,
         Vault uses temporary STS credentials to authenticate. An initial session with the proper trust relationship must
         exist for Vault to be able to assume this role. The role can be in a different account.
         The value is mutable as long as the new role targets the same AWS account ID. If not, the BE will return an error.
@@ -490,7 +490,7 @@ def __init__(__self__,
                The field is mutable with no special condition, but users must be careful that the new value fits with the trust
                relationship condition they set on AWS otherwise sync operations will start to fail due to client-side access
                denied errors. Ignored if the `role_arn` field is empty.
-        :param pulumi.Input[str] granularity: Determines what level of information is synced as a distinct resource 
+        :param pulumi.Input[str] granularity: Determines what level of information is synced as a distinct resource
                at the destination. Supports `secret-path` and `secret-key`.
         :param pulumi.Input[str] name: Unique name of the AWS destination.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
@@ -499,7 +499,7 @@ def __init__(__self__,
         :param pulumi.Input[str] region: Region where to manage the secrets manager entries.
                Can be omitted and directly provided to Vault using the `AWS_REGION` environment
                variable.
-        :param pulumi.Input[str] role_arn: Specifies a role to assume when connecting to AWS. When assuming a role, 
+        :param pulumi.Input[str] role_arn: Specifies a role to assume when connecting to AWS. When assuming a role,
                Vault uses temporary STS credentials to authenticate. An initial session with the proper trust relationship must
                exist for Vault to be able to assume this role. The role can be in a different account.
                The value is mutable as long as the new role targets the same AWS account ID. If not, the BE will return an error.
@@ -628,7 +628,7 @@ def get(resource_name: str,
                The field is mutable with no special condition, but users must be careful that the new value fits with the trust
                relationship condition they set on AWS otherwise sync operations will start to fail due to client-side access
                denied errors. Ignored if the `role_arn` field is empty.
-        :param pulumi.Input[str] granularity: Determines what level of information is synced as a distinct resource 
+        :param pulumi.Input[str] granularity: Determines what level of information is synced as a distinct resource
                at the destination. Supports `secret-path` and `secret-key`.
         :param pulumi.Input[str] name: Unique name of the AWS destination.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
@@ -637,7 +637,7 @@ def get(resource_name: str,
         :param pulumi.Input[str] region: Region where to manage the secrets manager entries.
                Can be omitted and directly provided to Vault using the `AWS_REGION` environment
                variable.
-        :param pulumi.Input[str] role_arn: Specifies a role to assume when connecting to AWS. When assuming a role, 
+        :param pulumi.Input[str] role_arn: Specifies a role to assume when connecting to AWS. When assuming a role,
                Vault uses temporary STS credentials to authenticate. An initial session with the proper trust relationship must
                exist for Vault to be able to assume this role. The role can be in a different account.
                The value is mutable as long as the new role targets the same AWS account ID. If not, the BE will return an error.
@@ -700,7 +700,7 @@ def external_id(self) -> pulumi.Output[Optional[str]]:
     @pulumi.getter
     def granularity(self) -> pulumi.Output[Optional[str]]:
         """
-        Determines what level of information is synced as a distinct resource 
+        Determines what level of information is synced as a distinct resource
         at the destination. Supports `secret-path` and `secret-key`.
         """
         return pulumi.get(self, "granularity")
@@ -737,7 +737,7 @@ def region(self) -> pulumi.Output[Optional[str]]:
     @pulumi.getter(name="roleArn")
     def role_arn(self) -> pulumi.Output[Optional[str]]:
         """
-        Specifies a role to assume when connecting to AWS. When assuming a role, 
+        Specifies a role to assume when connecting to AWS. When assuming a role,
         Vault uses temporary STS credentials to authenticate. An initial session with the proper trust relationship must
         exist for Vault to be able to assume this role. The role can be in a different account.
         The value is mutable as long as the new role targets the same AWS account ID. If not, the BE will return an error.
diff --git a/sdk/python/pulumi_vault/secrets/sync_gh_destination.py b/sdk/python/pulumi_vault/secrets/sync_gh_destination.py
index 72d5005d7..46fcb8175 100644
--- a/sdk/python/pulumi_vault/secrets/sync_gh_destination.py
+++ b/sdk/python/pulumi_vault/secrets/sync_gh_destination.py
@@ -28,12 +28,11 @@ def __init__(__self__, *,
         :param pulumi.Input[str] access_token: Fine-grained or personal access token.
                Can be omitted and directly provided to Vault using the `GITHUB_ACCESS_TOKEN` environment
                variable.
-        :param pulumi.Input[str] app_name: The user-defined name of the GitHub App configuration. This is a reference to the name used   
-               on the new endpoint when configuring the GitHub app on the Vault Server. Can be modified.
+        :param pulumi.Input[str] app_name: The user-defined name of the GitHub App configuration. This is a reference to the name usedon the new endpoint when configuring the GitHub app on the Vault Server. Can be modified.
                Takes precedence over the `access_token` field.
         :param pulumi.Input[str] granularity: Determines what level of information is synced as a distinct resource
                at the destination. Supports `secret-path` and `secret-key`.
-        :param pulumi.Input[int] installation_id: The ID of the installation generated by GitHub when the app referenced by the `app_name` 
+        :param pulumi.Input[int] installation_id: The ID of the installation generated by GitHub when the app referenced by the `app_name`
                was installed in the user’s GitHub account. Can be modified. Necessary if the `app_name` field is also provided.
         :param pulumi.Input[str] name: Unique name of the GitHub destination.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
@@ -85,8 +84,7 @@ def access_token(self, value: Optional[pulumi.Input[str]]):
     @pulumi.getter(name="appName")
     def app_name(self) -> Optional[pulumi.Input[str]]:
         """
-        The user-defined name of the GitHub App configuration. This is a reference to the name used   
-        on the new endpoint when configuring the GitHub app on the Vault Server. Can be modified.
+        The user-defined name of the GitHub App configuration. This is a reference to the name usedon the new endpoint when configuring the GitHub app on the Vault Server. Can be modified.
         Takes precedence over the `access_token` field.
         """
         return pulumi.get(self, "app_name")
@@ -112,7 +110,7 @@ def granularity(self, value: Optional[pulumi.Input[str]]):
     @pulumi.getter(name="installationId")
     def installation_id(self) -> Optional[pulumi.Input[int]]:
         """
-        The ID of the installation generated by GitHub when the app referenced by the `app_name` 
+        The ID of the installation generated by GitHub when the app referenced by the `app_name`
         was installed in the user’s GitHub account. Can be modified. Necessary if the `app_name` field is also provided.
         """
         return pulumi.get(self, "installation_id")
@@ -207,12 +205,11 @@ def __init__(__self__, *,
         :param pulumi.Input[str] access_token: Fine-grained or personal access token.
                Can be omitted and directly provided to Vault using the `GITHUB_ACCESS_TOKEN` environment
                variable.
-        :param pulumi.Input[str] app_name: The user-defined name of the GitHub App configuration. This is a reference to the name used   
-               on the new endpoint when configuring the GitHub app on the Vault Server. Can be modified.
+        :param pulumi.Input[str] app_name: The user-defined name of the GitHub App configuration. This is a reference to the name usedon the new endpoint when configuring the GitHub app on the Vault Server. Can be modified.
                Takes precedence over the `access_token` field.
         :param pulumi.Input[str] granularity: Determines what level of information is synced as a distinct resource
                at the destination. Supports `secret-path` and `secret-key`.
-        :param pulumi.Input[int] installation_id: The ID of the installation generated by GitHub when the app referenced by the `app_name` 
+        :param pulumi.Input[int] installation_id: The ID of the installation generated by GitHub when the app referenced by the `app_name`
                was installed in the user’s GitHub account. Can be modified. Necessary if the `app_name` field is also provided.
         :param pulumi.Input[str] name: Unique name of the GitHub destination.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
@@ -267,8 +264,7 @@ def access_token(self, value: Optional[pulumi.Input[str]]):
     @pulumi.getter(name="appName")
     def app_name(self) -> Optional[pulumi.Input[str]]:
         """
-        The user-defined name of the GitHub App configuration. This is a reference to the name used   
-        on the new endpoint when configuring the GitHub app on the Vault Server. Can be modified.
+        The user-defined name of the GitHub App configuration. This is a reference to the name usedon the new endpoint when configuring the GitHub app on the Vault Server. Can be modified.
         Takes precedence over the `access_token` field.
         """
         return pulumi.get(self, "app_name")
@@ -294,7 +290,7 @@ def granularity(self, value: Optional[pulumi.Input[str]]):
     @pulumi.getter(name="installationId")
     def installation_id(self) -> Optional[pulumi.Input[int]]:
         """
-        The ID of the installation generated by GitHub when the app referenced by the `app_name` 
+        The ID of the installation generated by GitHub when the app referenced by the `app_name`
         was installed in the user’s GitHub account. Can be modified. Necessary if the `app_name` field is also provided.
         """
         return pulumi.get(self, "installation_id")
@@ -426,12 +422,11 @@ def __init__(__self__,
         :param pulumi.Input[str] access_token: Fine-grained or personal access token.
                Can be omitted and directly provided to Vault using the `GITHUB_ACCESS_TOKEN` environment
                variable.
-        :param pulumi.Input[str] app_name: The user-defined name of the GitHub App configuration. This is a reference to the name used   
-               on the new endpoint when configuring the GitHub app on the Vault Server. Can be modified.
+        :param pulumi.Input[str] app_name: The user-defined name of the GitHub App configuration. This is a reference to the name usedon the new endpoint when configuring the GitHub app on the Vault Server. Can be modified.
                Takes precedence over the `access_token` field.
         :param pulumi.Input[str] granularity: Determines what level of information is synced as a distinct resource
                at the destination. Supports `secret-path` and `secret-key`.
-        :param pulumi.Input[int] installation_id: The ID of the installation generated by GitHub when the app referenced by the `app_name` 
+        :param pulumi.Input[int] installation_id: The ID of the installation generated by GitHub when the app referenced by the `app_name`
                was installed in the user’s GitHub account. Can be modified. Necessary if the `app_name` field is also provided.
         :param pulumi.Input[str] name: Unique name of the GitHub destination.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
@@ -550,12 +545,11 @@ def get(resource_name: str,
         :param pulumi.Input[str] access_token: Fine-grained or personal access token.
                Can be omitted and directly provided to Vault using the `GITHUB_ACCESS_TOKEN` environment
                variable.
-        :param pulumi.Input[str] app_name: The user-defined name of the GitHub App configuration. This is a reference to the name used   
-               on the new endpoint when configuring the GitHub app on the Vault Server. Can be modified.
+        :param pulumi.Input[str] app_name: The user-defined name of the GitHub App configuration. This is a reference to the name usedon the new endpoint when configuring the GitHub app on the Vault Server. Can be modified.
                Takes precedence over the `access_token` field.
         :param pulumi.Input[str] granularity: Determines what level of information is synced as a distinct resource
                at the destination. Supports `secret-path` and `secret-key`.
-        :param pulumi.Input[int] installation_id: The ID of the installation generated by GitHub when the app referenced by the `app_name` 
+        :param pulumi.Input[int] installation_id: The ID of the installation generated by GitHub when the app referenced by the `app_name`
                was installed in the user’s GitHub account. Can be modified. Necessary if the `app_name` field is also provided.
         :param pulumi.Input[str] name: Unique name of the GitHub destination.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
@@ -601,8 +595,7 @@ def access_token(self) -> pulumi.Output[Optional[str]]:
     @pulumi.getter(name="appName")
     def app_name(self) -> pulumi.Output[Optional[str]]:
         """
-        The user-defined name of the GitHub App configuration. This is a reference to the name used   
-        on the new endpoint when configuring the GitHub app on the Vault Server. Can be modified.
+        The user-defined name of the GitHub App configuration. This is a reference to the name usedon the new endpoint when configuring the GitHub app on the Vault Server. Can be modified.
         Takes precedence over the `access_token` field.
         """
         return pulumi.get(self, "app_name")
@@ -620,7 +613,7 @@ def granularity(self) -> pulumi.Output[Optional[str]]:
     @pulumi.getter(name="installationId")
     def installation_id(self) -> pulumi.Output[Optional[int]]:
         """
-        The ID of the installation generated by GitHub when the app referenced by the `app_name` 
+        The ID of the installation generated by GitHub when the app referenced by the `app_name`
         was installed in the user’s GitHub account. Can be modified. Necessary if the `app_name` field is also provided.
         """
         return pulumi.get(self, "installation_id")
diff --git a/sdk/python/pulumi_vault/ssh/secret_backend_role.py b/sdk/python/pulumi_vault/ssh/secret_backend_role.py
index 73e14b723..80acfc1a1 100644
--- a/sdk/python/pulumi_vault/ssh/secret_backend_role.py
+++ b/sdk/python/pulumi_vault/ssh/secret_backend_role.py
@@ -57,9 +57,7 @@ def __init__(__self__, *,
         :param pulumi.Input[bool] allowed_domains_template: Specifies if `allowed_domains` can be declared using
                identity template policies. Non-templated domains are also permitted.
         :param pulumi.Input[str] allowed_extensions: Specifies a comma-separated list of extensions that certificates can have when signed.
-        :param pulumi.Input[Sequence[pulumi.Input['SecretBackendRoleAllowedUserKeyConfigArgs']]] allowed_user_key_configs: Set of configuration blocks to define allowed  
-               user key configuration, like key type and their lengths. Can be specified multiple times.
-               *See Configuration-Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input['SecretBackendRoleAllowedUserKeyConfigArgs']]] allowed_user_key_configs: Set of configuration blocks to define alloweduser key configuration, like key type and their lengths. Can be specified multiple times.*See Configuration-Options for more info*
         :param pulumi.Input[str] allowed_users: Specifies a comma-separated list of usernames that are to be allowed, only if certain usernames are to be allowed.
         :param pulumi.Input[bool] allowed_users_template: Specifies if `allowed_users` can be declared using identity template policies. Non-templated users are also permitted.
         :param pulumi.Input[str] cidr_list: The comma-separated string of CIDR blocks for which this role is applicable.
@@ -277,9 +275,7 @@ def allowed_extensions(self, value: Optional[pulumi.Input[str]]):
     @pulumi.getter(name="allowedUserKeyConfigs")
     def allowed_user_key_configs(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['SecretBackendRoleAllowedUserKeyConfigArgs']]]]:
         """
-        Set of configuration blocks to define allowed  
-        user key configuration, like key type and their lengths. Can be specified multiple times.
-        *See Configuration-Options for more info*
+        Set of configuration blocks to define alloweduser key configuration, like key type and their lengths. Can be specified multiple times.*See Configuration-Options for more info*
         """
         return pulumi.get(self, "allowed_user_key_configs")
 
@@ -489,9 +485,7 @@ def __init__(__self__, *,
         :param pulumi.Input[bool] allowed_domains_template: Specifies if `allowed_domains` can be declared using
                identity template policies. Non-templated domains are also permitted.
         :param pulumi.Input[str] allowed_extensions: Specifies a comma-separated list of extensions that certificates can have when signed.
-        :param pulumi.Input[Sequence[pulumi.Input['SecretBackendRoleAllowedUserKeyConfigArgs']]] allowed_user_key_configs: Set of configuration blocks to define allowed  
-               user key configuration, like key type and their lengths. Can be specified multiple times.
-               *See Configuration-Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input['SecretBackendRoleAllowedUserKeyConfigArgs']]] allowed_user_key_configs: Set of configuration blocks to define alloweduser key configuration, like key type and their lengths. Can be specified multiple times.*See Configuration-Options for more info*
         :param pulumi.Input[str] allowed_users: Specifies a comma-separated list of usernames that are to be allowed, only if certain usernames are to be allowed.
         :param pulumi.Input[bool] allowed_users_template: Specifies if `allowed_users` can be declared using identity template policies. Non-templated users are also permitted.
         :param pulumi.Input[str] backend: The path where the SSH secret backend is mounted.
@@ -689,9 +683,7 @@ def allowed_extensions(self, value: Optional[pulumi.Input[str]]):
     @pulumi.getter(name="allowedUserKeyConfigs")
     def allowed_user_key_configs(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['SecretBackendRoleAllowedUserKeyConfigArgs']]]]:
         """
-        Set of configuration blocks to define allowed  
-        user key configuration, like key type and their lengths. Can be specified multiple times.
-        *See Configuration-Options for more info*
+        Set of configuration blocks to define alloweduser key configuration, like key type and their lengths. Can be specified multiple times.*See Configuration-Options for more info*
         """
         return pulumi.get(self, "allowed_user_key_configs")
 
@@ -961,9 +953,7 @@ def __init__(__self__,
         :param pulumi.Input[bool] allowed_domains_template: Specifies if `allowed_domains` can be declared using
                identity template policies. Non-templated domains are also permitted.
         :param pulumi.Input[str] allowed_extensions: Specifies a comma-separated list of extensions that certificates can have when signed.
-        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretBackendRoleAllowedUserKeyConfigArgs', 'SecretBackendRoleAllowedUserKeyConfigArgsDict']]]] allowed_user_key_configs: Set of configuration blocks to define allowed  
-               user key configuration, like key type and their lengths. Can be specified multiple times.
-               *See Configuration-Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretBackendRoleAllowedUserKeyConfigArgs', 'SecretBackendRoleAllowedUserKeyConfigArgsDict']]]] allowed_user_key_configs: Set of configuration blocks to define alloweduser key configuration, like key type and their lengths. Can be specified multiple times.*See Configuration-Options for more info*
         :param pulumi.Input[str] allowed_users: Specifies a comma-separated list of usernames that are to be allowed, only if certain usernames are to be allowed.
         :param pulumi.Input[bool] allowed_users_template: Specifies if `allowed_users` can be declared using identity template policies. Non-templated users are also permitted.
         :param pulumi.Input[str] backend: The path where the SSH secret backend is mounted.
@@ -1156,9 +1146,7 @@ def get(resource_name: str,
         :param pulumi.Input[bool] allowed_domains_template: Specifies if `allowed_domains` can be declared using
                identity template policies. Non-templated domains are also permitted.
         :param pulumi.Input[str] allowed_extensions: Specifies a comma-separated list of extensions that certificates can have when signed.
-        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretBackendRoleAllowedUserKeyConfigArgs', 'SecretBackendRoleAllowedUserKeyConfigArgsDict']]]] allowed_user_key_configs: Set of configuration blocks to define allowed  
-               user key configuration, like key type and their lengths. Can be specified multiple times.
-               *See Configuration-Options for more info*
+        :param pulumi.Input[Sequence[pulumi.Input[Union['SecretBackendRoleAllowedUserKeyConfigArgs', 'SecretBackendRoleAllowedUserKeyConfigArgsDict']]]] allowed_user_key_configs: Set of configuration blocks to define alloweduser key configuration, like key type and their lengths. Can be specified multiple times.*See Configuration-Options for more info*
         :param pulumi.Input[str] allowed_users: Specifies a comma-separated list of usernames that are to be allowed, only if certain usernames are to be allowed.
         :param pulumi.Input[bool] allowed_users_template: Specifies if `allowed_users` can be declared using identity template policies. Non-templated users are also permitted.
         :param pulumi.Input[str] backend: The path where the SSH secret backend is mounted.
@@ -1295,9 +1283,7 @@ def allowed_extensions(self) -> pulumi.Output[Optional[str]]:
     @pulumi.getter(name="allowedUserKeyConfigs")
     def allowed_user_key_configs(self) -> pulumi.Output[Optional[Sequence['outputs.SecretBackendRoleAllowedUserKeyConfig']]]:
         """
-        Set of configuration blocks to define allowed  
-        user key configuration, like key type and their lengths. Can be specified multiple times.
-        *See Configuration-Options for more info*
+        Set of configuration blocks to define alloweduser key configuration, like key type and their lengths. Can be specified multiple times.*See Configuration-Options for more info*
         """
         return pulumi.get(self, "allowed_user_key_configs")
 
diff --git a/sdk/python/pulumi_vault/terraformcloud/secret_creds.py b/sdk/python/pulumi_vault/terraformcloud/secret_creds.py
index 90b493323..1ff06f379 100644
--- a/sdk/python/pulumi_vault/terraformcloud/secret_creds.py
+++ b/sdk/python/pulumi_vault/terraformcloud/secret_creds.py
@@ -80,7 +80,7 @@ def __init__(__self__, *,
                  token_id: Optional[pulumi.Input[str]] = None):
         """
         Input properties used for looking up and filtering SecretCreds resources.
-        :param pulumi.Input[str] lease_id: The lease associated with the token. Only user tokens will have a 
+        :param pulumi.Input[str] lease_id: The lease associated with the token. Only user tokens will have a
                Vault lease associated with them.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
@@ -91,7 +91,7 @@ def __init__(__self__, *,
         :param pulumi.Input[str] team_id: The team id associated with the token provided.
         :param pulumi.Input[str] token: The actual token that was generated and can be used with API calls
                to identify the user of the call.
-        :param pulumi.Input[str] token_id: The public identifier for a specific token. It can be used 
+        :param pulumi.Input[str] token_id: The public identifier for a specific token. It can be used
                to look up information about a token or to revoke a token.
         """
         if backend is not None:
@@ -124,7 +124,7 @@ def backend(self, value: Optional[pulumi.Input[str]]):
     @pulumi.getter(name="leaseId")
     def lease_id(self) -> Optional[pulumi.Input[str]]:
         """
-        The lease associated with the token. Only user tokens will have a 
+        The lease associated with the token. Only user tokens will have a
         Vault lease associated with them.
         """
         return pulumi.get(self, "lease_id")
@@ -201,7 +201,7 @@ def token(self, value: Optional[pulumi.Input[str]]):
     @pulumi.getter(name="tokenId")
     def token_id(self) -> Optional[pulumi.Input[str]]:
         """
-        The public identifier for a specific token. It can be used 
+        The public identifier for a specific token. It can be used
         to look up information about a token or to revoke a token.
         """
         return pulumi.get(self, "token_id")
@@ -342,7 +342,7 @@ def get(resource_name: str,
         :param str resource_name: The unique name of the resulting resource.
         :param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
         :param pulumi.ResourceOptions opts: Options for the resource.
-        :param pulumi.Input[str] lease_id: The lease associated with the token. Only user tokens will have a 
+        :param pulumi.Input[str] lease_id: The lease associated with the token. Only user tokens will have a
                Vault lease associated with them.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
@@ -353,7 +353,7 @@ def get(resource_name: str,
         :param pulumi.Input[str] team_id: The team id associated with the token provided.
         :param pulumi.Input[str] token: The actual token that was generated and can be used with API calls
                to identify the user of the call.
-        :param pulumi.Input[str] token_id: The public identifier for a specific token. It can be used 
+        :param pulumi.Input[str] token_id: The public identifier for a specific token. It can be used
                to look up information about a token or to revoke a token.
         """
         opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
@@ -379,7 +379,7 @@ def backend(self) -> pulumi.Output[str]:
     @pulumi.getter(name="leaseId")
     def lease_id(self) -> pulumi.Output[str]:
         """
-        The lease associated with the token. Only user tokens will have a 
+        The lease associated with the token. Only user tokens will have a
         Vault lease associated with them.
         """
         return pulumi.get(self, "lease_id")
@@ -432,7 +432,7 @@ def token(self) -> pulumi.Output[str]:
     @pulumi.getter(name="tokenId")
     def token_id(self) -> pulumi.Output[str]:
         """
-        The public identifier for a specific token. It can be used 
+        The public identifier for a specific token. It can be used
         to look up information about a token or to revoke a token.
         """
         return pulumi.get(self, "token_id")
diff --git a/sdk/python/pulumi_vault/tokenauth/auth_backend_role.py b/sdk/python/pulumi_vault/tokenauth/auth_backend_role.py
index c4795f156..f16288492 100644
--- a/sdk/python/pulumi_vault/tokenauth/auth_backend_role.py
+++ b/sdk/python/pulumi_vault/tokenauth/auth_backend_role.py
@@ -47,8 +47,6 @@ def __init__(__self__, *,
                *Available only for Vault Enterprise*.
         :param pulumi.Input[bool] orphan: If true, tokens created against this policy will be orphan tokens.
         :param pulumi.Input[str] path_suffix: Tokens created against this role will have the given suffix as part of their path in addition to the role name.
-               
-               > Due to a bug the resource. This *will* cause all existing tokens issued by this role to be revoked.
         :param pulumi.Input[bool] renewable: Whether to disable the ability of the token to be renewed past its initial TTL.
         :param pulumi.Input[Sequence[pulumi.Input[str]]] token_bound_cidrs: Specifies the blocks of IP addresses which are allowed to use the generated token
         :param pulumi.Input[int] token_explicit_max_ttl: Generated Token's Explicit Maximum TTL in seconds
@@ -202,8 +200,6 @@ def orphan(self, value: Optional[pulumi.Input[bool]]):
     def path_suffix(self) -> Optional[pulumi.Input[str]]:
         """
         Tokens created against this role will have the given suffix as part of their path in addition to the role name.
-
-        > Due to a bug the resource. This *will* cause all existing tokens issued by this role to be revoked.
         """
         return pulumi.get(self, "path_suffix")
 
@@ -367,8 +363,6 @@ def __init__(__self__, *,
                *Available only for Vault Enterprise*.
         :param pulumi.Input[bool] orphan: If true, tokens created against this policy will be orphan tokens.
         :param pulumi.Input[str] path_suffix: Tokens created against this role will have the given suffix as part of their path in addition to the role name.
-               
-               > Due to a bug the resource. This *will* cause all existing tokens issued by this role to be revoked.
         :param pulumi.Input[bool] renewable: Whether to disable the ability of the token to be renewed past its initial TTL.
         :param pulumi.Input[str] role_name: The name of the role.
         :param pulumi.Input[Sequence[pulumi.Input[str]]] token_bound_cidrs: Specifies the blocks of IP addresses which are allowed to use the generated token
@@ -512,8 +506,6 @@ def orphan(self, value: Optional[pulumi.Input[bool]]):
     def path_suffix(self) -> Optional[pulumi.Input[str]]:
         """
         Tokens created against this role will have the given suffix as part of their path in addition to the role name.
-
-        > Due to a bug the resource. This *will* cause all existing tokens issued by this role to be revoked.
         """
         return pulumi.get(self, "path_suffix")
 
@@ -726,8 +718,6 @@ def __init__(__self__,
                *Available only for Vault Enterprise*.
         :param pulumi.Input[bool] orphan: If true, tokens created against this policy will be orphan tokens.
         :param pulumi.Input[str] path_suffix: Tokens created against this role will have the given suffix as part of their path in addition to the role name.
-               
-               > Due to a bug the resource. This *will* cause all existing tokens issued by this role to be revoked.
         :param pulumi.Input[bool] renewable: Whether to disable the ability of the token to be renewed past its initial TTL.
         :param pulumi.Input[str] role_name: The name of the role.
         :param pulumi.Input[Sequence[pulumi.Input[str]]] token_bound_cidrs: Specifies the blocks of IP addresses which are allowed to use the generated token
@@ -891,8 +881,6 @@ def get(resource_name: str,
                *Available only for Vault Enterprise*.
         :param pulumi.Input[bool] orphan: If true, tokens created against this policy will be orphan tokens.
         :param pulumi.Input[str] path_suffix: Tokens created against this role will have the given suffix as part of their path in addition to the role name.
-               
-               > Due to a bug the resource. This *will* cause all existing tokens issued by this role to be revoked.
         :param pulumi.Input[bool] renewable: Whether to disable the ability of the token to be renewed past its initial TTL.
         :param pulumi.Input[str] role_name: The name of the role.
         :param pulumi.Input[Sequence[pulumi.Input[str]]] token_bound_cidrs: Specifies the blocks of IP addresses which are allowed to use the generated token
@@ -994,8 +982,6 @@ def orphan(self) -> pulumi.Output[Optional[bool]]:
     def path_suffix(self) -> pulumi.Output[Optional[str]]:
         """
         Tokens created against this role will have the given suffix as part of their path in addition to the role name.
-
-        > Due to a bug the resource. This *will* cause all existing tokens issued by this role to be revoked.
         """
         return pulumi.get(self, "path_suffix")
 
diff --git a/sdk/python/pulumi_vault/transform/template.py b/sdk/python/pulumi_vault/transform/template.py
index f7160d90a..51478cb60 100644
--- a/sdk/python/pulumi_vault/transform/template.py
+++ b/sdk/python/pulumi_vault/transform/template.py
@@ -322,7 +322,7 @@ def __init__(__self__,
         It creates or updates a template with the given name. If a template with the name does not exist,
         it will be created. If the template exists, it will be updated with the new attributes.
 
-        > Requires _Vault Enterprise with the Advanced Data Protection Transform Module_.
+        > Requires *Vault Enterprise with the Advanced Data Protection Transform Module*.
         See [Transform Secrets Engine](https://www.vaultproject.io/docs/secrets/transform)
         for more information.
 
@@ -385,7 +385,7 @@ def __init__(__self__,
         It creates or updates a template with the given name. If a template with the name does not exist,
         it will be created. If the template exists, it will be updated with the new attributes.
 
-        > Requires _Vault Enterprise with the Advanced Data Protection Transform Module_.
+        > Requires *Vault Enterprise with the Advanced Data Protection Transform Module*.
         See [Transform Secrets Engine](https://www.vaultproject.io/docs/secrets/transform)
         for more information.