1. Packages
  2. Pulumi Vault Provider
  3. API Docs
  4. database
  5. SecretsMount
HashiCorp Vault v6.4.0 published on Wednesday, Nov 20, 2024 by Pulumi

vault.database.SecretsMount

Explore with Pulumi AI

vault logo
HashiCorp Vault v6.4.0 published on Wednesday, Nov 20, 2024 by Pulumi

    Example Usage

    import * as pulumi from "@pulumi/pulumi";
    import * as vault from "@pulumi/vault";
    
    const db = new vault.database.SecretsMount("db", {
        path: "db",
        mssqls: [{
            name: "db1",
            username: "sa",
            password: "super_secret_1",
            connectionUrl: "sqlserver://{{username}}:{{password}}@127.0.0.1:1433",
            allowedRoles: ["dev1"],
        }],
        postgresqls: [{
            name: "db2",
            username: "postgres",
            password: "super_secret_2",
            connectionUrl: "postgresql://{{username}}:{{password}}@127.0.0.1:5432/postgres",
            verifyConnection: true,
            allowedRoles: ["dev2"],
        }],
    });
    const dev1 = new vault.database.SecretBackendRole("dev1", {
        name: "dev1",
        backend: db.path,
        dbName: db.mssqls.apply(mssqls => mssqls?.[0]?.name),
        creationStatements: [
            "CREATE LOGIN [{{name}}] WITH PASSWORD = '{{password}}';",
            "CREATE USER [{{name}}] FOR LOGIN [{{name}}];",
            "GRANT SELECT ON SCHEMA::dbo TO [{{name}}];",
        ],
    });
    const dev2 = new vault.database.SecretBackendRole("dev2", {
        name: "dev2",
        backend: db.path,
        dbName: db.postgresqls.apply(postgresqls => postgresqls?.[0]?.name),
        creationStatements: [
            "CREATE ROLE \"{{name}}\" WITH LOGIN PASSWORD '{{password}}' VALID UNTIL '{{expiration}}';",
            "GRANT SELECT ON ALL TABLES IN SCHEMA public TO \"{{name}}\";",
        ],
    });
    
    import pulumi
    import pulumi_vault as vault
    
    db = vault.database.SecretsMount("db",
        path="db",
        mssqls=[{
            "name": "db1",
            "username": "sa",
            "password": "super_secret_1",
            "connection_url": "sqlserver://{{username}}:{{password}}@127.0.0.1:1433",
            "allowed_roles": ["dev1"],
        }],
        postgresqls=[{
            "name": "db2",
            "username": "postgres",
            "password": "super_secret_2",
            "connection_url": "postgresql://{{username}}:{{password}}@127.0.0.1:5432/postgres",
            "verify_connection": True,
            "allowed_roles": ["dev2"],
        }])
    dev1 = vault.database.SecretBackendRole("dev1",
        name="dev1",
        backend=db.path,
        db_name=db.mssqls[0].name,
        creation_statements=[
            "CREATE LOGIN [{{name}}] WITH PASSWORD = '{{password}}';",
            "CREATE USER [{{name}}] FOR LOGIN [{{name}}];",
            "GRANT SELECT ON SCHEMA::dbo TO [{{name}}];",
        ])
    dev2 = vault.database.SecretBackendRole("dev2",
        name="dev2",
        backend=db.path,
        db_name=db.postgresqls[0].name,
        creation_statements=[
            "CREATE ROLE \"{{name}}\" WITH LOGIN PASSWORD '{{password}}' VALID UNTIL '{{expiration}}';",
            "GRANT SELECT ON ALL TABLES IN SCHEMA public TO \"{{name}}\";",
        ])
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/database"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		db, err := database.NewSecretsMount(ctx, "db", &database.SecretsMountArgs{
    			Path: pulumi.String("db"),
    			Mssqls: database.SecretsMountMssqlArray{
    				&database.SecretsMountMssqlArgs{
    					Name:          pulumi.String("db1"),
    					Username:      pulumi.String("sa"),
    					Password:      pulumi.String("super_secret_1"),
    					ConnectionUrl: pulumi.String("sqlserver://{{username}}:{{password}}@127.0.0.1:1433"),
    					AllowedRoles: pulumi.StringArray{
    						pulumi.String("dev1"),
    					},
    				},
    			},
    			Postgresqls: database.SecretsMountPostgresqlArray{
    				&database.SecretsMountPostgresqlArgs{
    					Name:             pulumi.String("db2"),
    					Username:         pulumi.String("postgres"),
    					Password:         pulumi.String("super_secret_2"),
    					ConnectionUrl:    pulumi.String("postgresql://{{username}}:{{password}}@127.0.0.1:5432/postgres"),
    					VerifyConnection: pulumi.Bool(true),
    					AllowedRoles: pulumi.StringArray{
    						pulumi.String("dev2"),
    					},
    				},
    			},
    		})
    		if err != nil {
    			return err
    		}
    		_, err = database.NewSecretBackendRole(ctx, "dev1", &database.SecretBackendRoleArgs{
    			Name:    pulumi.String("dev1"),
    			Backend: db.Path,
    			DbName: pulumi.String(db.Mssqls.ApplyT(func(mssqls []database.SecretsMountMssql) (*string, error) {
    				return &mssqls[0].Name, nil
    			}).(pulumi.StringPtrOutput)),
    			CreationStatements: pulumi.StringArray{
    				pulumi.String("CREATE LOGIN [{{name}}] WITH PASSWORD = '{{password}}';"),
    				pulumi.String("CREATE USER [{{name}}] FOR LOGIN [{{name}}];"),
    				pulumi.String("GRANT SELECT ON SCHEMA::dbo TO [{{name}}];"),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		_, err = database.NewSecretBackendRole(ctx, "dev2", &database.SecretBackendRoleArgs{
    			Name:    pulumi.String("dev2"),
    			Backend: db.Path,
    			DbName: pulumi.String(db.Postgresqls.ApplyT(func(postgresqls []database.SecretsMountPostgresql) (*string, error) {
    				return &postgresqls[0].Name, nil
    			}).(pulumi.StringPtrOutput)),
    			CreationStatements: pulumi.StringArray{
    				pulumi.String("CREATE ROLE \"{{name}}\" WITH LOGIN PASSWORD '{{password}}' VALID UNTIL '{{expiration}}';"),
    				pulumi.String("GRANT SELECT ON ALL TABLES IN SCHEMA public TO \"{{name}}\";"),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Vault = Pulumi.Vault;
    
    return await Deployment.RunAsync(() => 
    {
        var db = new Vault.Database.SecretsMount("db", new()
        {
            Path = "db",
            Mssqls = new[]
            {
                new Vault.Database.Inputs.SecretsMountMssqlArgs
                {
                    Name = "db1",
                    Username = "sa",
                    Password = "super_secret_1",
                    ConnectionUrl = "sqlserver://{{username}}:{{password}}@127.0.0.1:1433",
                    AllowedRoles = new[]
                    {
                        "dev1",
                    },
                },
            },
            Postgresqls = new[]
            {
                new Vault.Database.Inputs.SecretsMountPostgresqlArgs
                {
                    Name = "db2",
                    Username = "postgres",
                    Password = "super_secret_2",
                    ConnectionUrl = "postgresql://{{username}}:{{password}}@127.0.0.1:5432/postgres",
                    VerifyConnection = true,
                    AllowedRoles = new[]
                    {
                        "dev2",
                    },
                },
            },
        });
    
        var dev1 = new Vault.Database.SecretBackendRole("dev1", new()
        {
            Name = "dev1",
            Backend = db.Path,
            DbName = db.Mssqls.Apply(mssqls => mssqls[0]?.Name),
            CreationStatements = new[]
            {
                "CREATE LOGIN [{{name}}] WITH PASSWORD = '{{password}}';",
                "CREATE USER [{{name}}] FOR LOGIN [{{name}}];",
                "GRANT SELECT ON SCHEMA::dbo TO [{{name}}];",
            },
        });
    
        var dev2 = new Vault.Database.SecretBackendRole("dev2", new()
        {
            Name = "dev2",
            Backend = db.Path,
            DbName = db.Postgresqls.Apply(postgresqls => postgresqls[0]?.Name),
            CreationStatements = new[]
            {
                "CREATE ROLE \"{{name}}\" WITH LOGIN PASSWORD '{{password}}' VALID UNTIL '{{expiration}}';",
                "GRANT SELECT ON ALL TABLES IN SCHEMA public TO \"{{name}}\";",
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.vault.database.SecretsMount;
    import com.pulumi.vault.database.SecretsMountArgs;
    import com.pulumi.vault.database.inputs.SecretsMountMssqlArgs;
    import com.pulumi.vault.database.inputs.SecretsMountPostgresqlArgs;
    import com.pulumi.vault.database.SecretBackendRole;
    import com.pulumi.vault.database.SecretBackendRoleArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var db = new SecretsMount("db", SecretsMountArgs.builder()
                .path("db")
                .mssqls(SecretsMountMssqlArgs.builder()
                    .name("db1")
                    .username("sa")
                    .password("super_secret_1")
                    .connectionUrl("sqlserver://{{username}}:{{password}}@127.0.0.1:1433")
                    .allowedRoles("dev1")
                    .build())
                .postgresqls(SecretsMountPostgresqlArgs.builder()
                    .name("db2")
                    .username("postgres")
                    .password("super_secret_2")
                    .connectionUrl("postgresql://{{username}}:{{password}}@127.0.0.1:5432/postgres")
                    .verifyConnection(true)
                    .allowedRoles("dev2")
                    .build())
                .build());
    
            var dev1 = new SecretBackendRole("dev1", SecretBackendRoleArgs.builder()
                .name("dev1")
                .backend(db.path())
                .dbName(db.mssqls().applyValue(mssqls -> mssqls[0].name()))
                .creationStatements(            
                    "CREATE LOGIN [{{name}}] WITH PASSWORD = '{{password}}';",
                    "CREATE USER [{{name}}] FOR LOGIN [{{name}}];",
                    "GRANT SELECT ON SCHEMA::dbo TO [{{name}}];")
                .build());
    
            var dev2 = new SecretBackendRole("dev2", SecretBackendRoleArgs.builder()
                .name("dev2")
                .backend(db.path())
                .dbName(db.postgresqls().applyValue(postgresqls -> postgresqls[0].name()))
                .creationStatements(            
                    "CREATE ROLE \"{{name}}\" WITH LOGIN PASSWORD '{{password}}' VALID UNTIL '{{expiration}}';",
                    "GRANT SELECT ON ALL TABLES IN SCHEMA public TO \"{{name}}\";")
                .build());
    
        }
    }
    
    resources:
      db:
        type: vault:database:SecretsMount
        properties:
          path: db
          mssqls:
            - name: db1
              username: sa
              password: super_secret_1
              connectionUrl: sqlserver://{{username}}:{{password}}@127.0.0.1:1433
              allowedRoles:
                - dev1
          postgresqls:
            - name: db2
              username: postgres
              password: super_secret_2
              connectionUrl: postgresql://{{username}}:{{password}}@127.0.0.1:5432/postgres
              verifyConnection: true
              allowedRoles:
                - dev2
      dev1:
        type: vault:database:SecretBackendRole
        properties:
          name: dev1
          backend: ${db.path}
          dbName: ${db.mssqls[0].name}
          creationStatements:
            - CREATE LOGIN [{{name}}] WITH PASSWORD = '{{password}}';
            - CREATE USER [{{name}}] FOR LOGIN [{{name}}];
            - GRANT SELECT ON SCHEMA::dbo TO [{{name}}];
      dev2:
        type: vault:database:SecretBackendRole
        properties:
          name: dev2
          backend: ${db.path}
          dbName: ${db.postgresqls[0].name}
          creationStatements:
            - CREATE ROLE "{{name}}" WITH LOGIN PASSWORD '{{password}}' VALID UNTIL '{{expiration}}';
            - GRANT SELECT ON ALL TABLES IN SCHEMA public TO "{{name}}";
    

    Create SecretsMount Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new SecretsMount(name: string, args: SecretsMountArgs, opts?: CustomResourceOptions);
    @overload
    def SecretsMount(resource_name: str,
                     args: SecretsMountArgs,
                     opts: Optional[ResourceOptions] = None)
    
    @overload
    def SecretsMount(resource_name: str,
                     opts: Optional[ResourceOptions] = None,
                     path: Optional[str] = None,
                     mongodbs: Optional[Sequence[SecretsMountMongodbArgs]] = None,
                     cassandras: Optional[Sequence[SecretsMountCassandraArgs]] = None,
                     audit_non_hmac_response_keys: Optional[Sequence[str]] = None,
                     allowed_managed_keys: Optional[Sequence[str]] = None,
                     couchbases: Optional[Sequence[SecretsMountCouchbaseArgs]] = None,
                     mssqls: Optional[Sequence[SecretsMountMssqlArgs]] = None,
                     delegated_auth_accessors: Optional[Sequence[str]] = None,
                     description: Optional[str] = None,
                     elasticsearches: Optional[Sequence[SecretsMountElasticsearchArgs]] = None,
                     external_entropy_access: Optional[bool] = None,
                     hanas: Optional[Sequence[SecretsMountHanaArgs]] = None,
                     identity_token_key: Optional[str] = None,
                     influxdbs: Optional[Sequence[SecretsMountInfluxdbArgs]] = None,
                     listing_visibility: Optional[str] = None,
                     local: Optional[bool] = None,
                     max_lease_ttl_seconds: Optional[int] = None,
                     seal_wrap: Optional[bool] = None,
                     audit_non_hmac_request_keys: Optional[Sequence[str]] = None,
                     default_lease_ttl_seconds: Optional[int] = None,
                     mysql_auroras: Optional[Sequence[SecretsMountMysqlAuroraArgs]] = None,
                     mysql_legacies: Optional[Sequence[SecretsMountMysqlLegacyArgs]] = None,
                     mysql_rds: Optional[Sequence[SecretsMountMysqlRdArgs]] = None,
                     mysqls: Optional[Sequence[SecretsMountMysqlArgs]] = None,
                     namespace: Optional[str] = None,
                     options: Optional[Mapping[str, str]] = None,
                     oracles: Optional[Sequence[SecretsMountOracleArgs]] = None,
                     passthrough_request_headers: Optional[Sequence[str]] = None,
                     allowed_response_headers: Optional[Sequence[str]] = None,
                     plugin_version: Optional[str] = None,
                     postgresqls: Optional[Sequence[SecretsMountPostgresqlArgs]] = None,
                     redis: Optional[Sequence[SecretsMountRediArgs]] = None,
                     redis_elasticaches: Optional[Sequence[SecretsMountRedisElasticachArgs]] = None,
                     redshifts: Optional[Sequence[SecretsMountRedshiftArgs]] = None,
                     mongodbatlas: Optional[Sequence[SecretsMountMongodbatlaArgs]] = None,
                     snowflakes: Optional[Sequence[SecretsMountSnowflakeArgs]] = None)
    func NewSecretsMount(ctx *Context, name string, args SecretsMountArgs, opts ...ResourceOption) (*SecretsMount, error)
    public SecretsMount(string name, SecretsMountArgs args, CustomResourceOptions? opts = null)
    public SecretsMount(String name, SecretsMountArgs args)
    public SecretsMount(String name, SecretsMountArgs args, CustomResourceOptions options)
    
    type: vault:database:SecretsMount
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args SecretsMountArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args SecretsMountArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args SecretsMountArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args SecretsMountArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args SecretsMountArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var secretsMountResource = new Vault.Database.SecretsMount("secretsMountResource", new()
    {
        Path = "string",
        Mongodbs = new[]
        {
            new Vault.Database.Inputs.SecretsMountMongodbArgs
            {
                Name = "string",
                MaxConnectionLifetime = 0,
                Data = 
                {
                    { "string", "string" },
                },
                AllowedRoles = new[]
                {
                    "string",
                },
                MaxIdleConnections = 0,
                MaxOpenConnections = 0,
                ConnectionUrl = "string",
                Password = "string",
                PluginName = "string",
                RootRotationStatements = new[]
                {
                    "string",
                },
                Username = "string",
                UsernameTemplate = "string",
                VerifyConnection = false,
            },
        },
        Cassandras = new[]
        {
            new Vault.Database.Inputs.SecretsMountCassandraArgs
            {
                Name = "string",
                PemJson = "string",
                PemBundle = "string",
                Hosts = new[]
                {
                    "string",
                },
                InsecureTls = false,
                PluginName = "string",
                Password = "string",
                Data = 
                {
                    { "string", "string" },
                },
                AllowedRoles = new[]
                {
                    "string",
                },
                ConnectTimeout = 0,
                Port = 0,
                ProtocolVersion = 0,
                RootRotationStatements = new[]
                {
                    "string",
                },
                SkipVerification = false,
                Tls = false,
                Username = "string",
                VerifyConnection = false,
            },
        },
        AuditNonHmacResponseKeys = new[]
        {
            "string",
        },
        AllowedManagedKeys = new[]
        {
            "string",
        },
        Couchbases = new[]
        {
            new Vault.Database.Inputs.SecretsMountCouchbaseArgs
            {
                Hosts = new[]
                {
                    "string",
                },
                Username = "string",
                Password = "string",
                Name = "string",
                Data = 
                {
                    { "string", "string" },
                },
                InsecureTls = false,
                AllowedRoles = new[]
                {
                    "string",
                },
                BucketName = "string",
                PluginName = "string",
                RootRotationStatements = new[]
                {
                    "string",
                },
                Tls = false,
                Base64Pem = "string",
                UsernameTemplate = "string",
                VerifyConnection = false,
            },
        },
        Mssqls = new[]
        {
            new Vault.Database.Inputs.SecretsMountMssqlArgs
            {
                Name = "string",
                MaxIdleConnections = 0,
                ConnectionUrl = "string",
                Data = 
                {
                    { "string", "string" },
                },
                DisableEscaping = false,
                MaxConnectionLifetime = 0,
                AllowedRoles = new[]
                {
                    "string",
                },
                MaxOpenConnections = 0,
                ContainedDb = false,
                Password = "string",
                PluginName = "string",
                RootRotationStatements = new[]
                {
                    "string",
                },
                Username = "string",
                UsernameTemplate = "string",
                VerifyConnection = false,
            },
        },
        DelegatedAuthAccessors = new[]
        {
            "string",
        },
        Description = "string",
        Elasticsearches = new[]
        {
            new Vault.Database.Inputs.SecretsMountElasticsearchArgs
            {
                Url = "string",
                Password = "string",
                Username = "string",
                Name = "string",
                Insecure = false,
                Data = 
                {
                    { "string", "string" },
                },
                CaCert = "string",
                ClientCert = "string",
                ClientKey = "string",
                PluginName = "string",
                RootRotationStatements = new[]
                {
                    "string",
                },
                TlsServerName = "string",
                AllowedRoles = new[]
                {
                    "string",
                },
                CaPath = "string",
                UsernameTemplate = "string",
                VerifyConnection = false,
            },
        },
        ExternalEntropyAccess = false,
        Hanas = new[]
        {
            new Vault.Database.Inputs.SecretsMountHanaArgs
            {
                Name = "string",
                MaxOpenConnections = 0,
                Data = 
                {
                    { "string", "string" },
                },
                DisableEscaping = false,
                MaxConnectionLifetime = 0,
                MaxIdleConnections = 0,
                AllowedRoles = new[]
                {
                    "string",
                },
                ConnectionUrl = "string",
                Password = "string",
                PluginName = "string",
                RootRotationStatements = new[]
                {
                    "string",
                },
                Username = "string",
                VerifyConnection = false,
            },
        },
        IdentityTokenKey = "string",
        Influxdbs = new[]
        {
            new Vault.Database.Inputs.SecretsMountInfluxdbArgs
            {
                Name = "string",
                Username = "string",
                Password = "string",
                Host = "string",
                PemJson = "string",
                InsecureTls = false,
                Data = 
                {
                    { "string", "string" },
                },
                PemBundle = "string",
                AllowedRoles = new[]
                {
                    "string",
                },
                PluginName = "string",
                Port = 0,
                RootRotationStatements = new[]
                {
                    "string",
                },
                Tls = false,
                ConnectTimeout = 0,
                UsernameTemplate = "string",
                VerifyConnection = false,
            },
        },
        ListingVisibility = "string",
        Local = false,
        MaxLeaseTtlSeconds = 0,
        SealWrap = false,
        AuditNonHmacRequestKeys = new[]
        {
            "string",
        },
        DefaultLeaseTtlSeconds = 0,
        MysqlAuroras = new[]
        {
            new Vault.Database.Inputs.SecretsMountMysqlAuroraArgs
            {
                Name = "string",
                Password = "string",
                AuthType = "string",
                Data = 
                {
                    { "string", "string" },
                },
                MaxConnectionLifetime = 0,
                PluginName = "string",
                MaxOpenConnections = 0,
                ConnectionUrl = "string",
                AllowedRoles = new[]
                {
                    "string",
                },
                MaxIdleConnections = 0,
                RootRotationStatements = new[]
                {
                    "string",
                },
                ServiceAccountJson = "string",
                TlsCa = "string",
                TlsCertificateKey = "string",
                Username = "string",
                UsernameTemplate = "string",
                VerifyConnection = false,
            },
        },
        MysqlLegacies = new[]
        {
            new Vault.Database.Inputs.SecretsMountMysqlLegacyArgs
            {
                Name = "string",
                Password = "string",
                AuthType = "string",
                Data = 
                {
                    { "string", "string" },
                },
                MaxConnectionLifetime = 0,
                PluginName = "string",
                MaxOpenConnections = 0,
                ConnectionUrl = "string",
                AllowedRoles = new[]
                {
                    "string",
                },
                MaxIdleConnections = 0,
                RootRotationStatements = new[]
                {
                    "string",
                },
                ServiceAccountJson = "string",
                TlsCa = "string",
                TlsCertificateKey = "string",
                Username = "string",
                UsernameTemplate = "string",
                VerifyConnection = false,
            },
        },
        MysqlRds = new[]
        {
            new Vault.Database.Inputs.SecretsMountMysqlRdArgs
            {
                Name = "string",
                Password = "string",
                AuthType = "string",
                Data = 
                {
                    { "string", "string" },
                },
                MaxConnectionLifetime = 0,
                PluginName = "string",
                MaxOpenConnections = 0,
                ConnectionUrl = "string",
                AllowedRoles = new[]
                {
                    "string",
                },
                MaxIdleConnections = 0,
                RootRotationStatements = new[]
                {
                    "string",
                },
                ServiceAccountJson = "string",
                TlsCa = "string",
                TlsCertificateKey = "string",
                Username = "string",
                UsernameTemplate = "string",
                VerifyConnection = false,
            },
        },
        Mysqls = new[]
        {
            new Vault.Database.Inputs.SecretsMountMysqlArgs
            {
                Name = "string",
                Password = "string",
                AuthType = "string",
                Data = 
                {
                    { "string", "string" },
                },
                MaxConnectionLifetime = 0,
                PluginName = "string",
                MaxOpenConnections = 0,
                ConnectionUrl = "string",
                AllowedRoles = new[]
                {
                    "string",
                },
                MaxIdleConnections = 0,
                RootRotationStatements = new[]
                {
                    "string",
                },
                ServiceAccountJson = "string",
                TlsCa = "string",
                TlsCertificateKey = "string",
                Username = "string",
                UsernameTemplate = "string",
                VerifyConnection = false,
            },
        },
        Namespace = "string",
        Options = 
        {
            { "string", "string" },
        },
        Oracles = new[]
        {
            new Vault.Database.Inputs.SecretsMountOracleArgs
            {
                Name = "string",
                MaxOpenConnections = 0,
                Password = "string",
                DisconnectSessions = false,
                MaxConnectionLifetime = 0,
                MaxIdleConnections = 0,
                AllowedRoles = new[]
                {
                    "string",
                },
                ConnectionUrl = "string",
                Data = 
                {
                    { "string", "string" },
                },
                PluginName = "string",
                RootRotationStatements = new[]
                {
                    "string",
                },
                SplitStatements = false,
                Username = "string",
                UsernameTemplate = "string",
                VerifyConnection = false,
            },
        },
        PassthroughRequestHeaders = new[]
        {
            "string",
        },
        AllowedResponseHeaders = new[]
        {
            "string",
        },
        PluginVersion = "string",
        Postgresqls = new[]
        {
            new Vault.Database.Inputs.SecretsMountPostgresqlArgs
            {
                Name = "string",
                PluginName = "string",
                VerifyConnection = false,
                Password = "string",
                DisableEscaping = false,
                MaxConnectionLifetime = 0,
                MaxIdleConnections = 0,
                MaxOpenConnections = 0,
                AuthType = "string",
                Data = 
                {
                    { "string", "string" },
                },
                ConnectionUrl = "string",
                RootRotationStatements = new[]
                {
                    "string",
                },
                PrivateKey = "string",
                SelfManaged = false,
                ServiceAccountJson = "string",
                TlsCa = "string",
                TlsCertificate = "string",
                Username = "string",
                UsernameTemplate = "string",
                AllowedRoles = new[]
                {
                    "string",
                },
            },
        },
        Redis = new[]
        {
            new Vault.Database.Inputs.SecretsMountRediArgs
            {
                Password = "string",
                Host = "string",
                Name = "string",
                Username = "string",
                CaCert = "string",
                Data = 
                {
                    { "string", "string" },
                },
                InsecureTls = false,
                AllowedRoles = new[]
                {
                    "string",
                },
                PluginName = "string",
                Port = 0,
                RootRotationStatements = new[]
                {
                    "string",
                },
                Tls = false,
                VerifyConnection = false,
            },
        },
        RedisElasticaches = new[]
        {
            new Vault.Database.Inputs.SecretsMountRedisElasticachArgs
            {
                Name = "string",
                Url = "string",
                AllowedRoles = new[]
                {
                    "string",
                },
                Data = 
                {
                    { "string", "string" },
                },
                Password = "string",
                PluginName = "string",
                Region = "string",
                RootRotationStatements = new[]
                {
                    "string",
                },
                Username = "string",
                VerifyConnection = false,
            },
        },
        Redshifts = new[]
        {
            new Vault.Database.Inputs.SecretsMountRedshiftArgs
            {
                Name = "string",
                MaxOpenConnections = 0,
                Data = 
                {
                    { "string", "string" },
                },
                DisableEscaping = false,
                MaxConnectionLifetime = 0,
                MaxIdleConnections = 0,
                AllowedRoles = new[]
                {
                    "string",
                },
                ConnectionUrl = "string",
                Password = "string",
                PluginName = "string",
                RootRotationStatements = new[]
                {
                    "string",
                },
                Username = "string",
                UsernameTemplate = "string",
                VerifyConnection = false,
            },
        },
        Mongodbatlas = new[]
        {
            new Vault.Database.Inputs.SecretsMountMongodbatlaArgs
            {
                Name = "string",
                PrivateKey = "string",
                ProjectId = "string",
                PublicKey = "string",
                AllowedRoles = new[]
                {
                    "string",
                },
                Data = 
                {
                    { "string", "string" },
                },
                PluginName = "string",
                RootRotationStatements = new[]
                {
                    "string",
                },
                VerifyConnection = false,
            },
        },
        Snowflakes = new[]
        {
            new Vault.Database.Inputs.SecretsMountSnowflakeArgs
            {
                Name = "string",
                MaxConnectionLifetime = 0,
                Data = 
                {
                    { "string", "string" },
                },
                AllowedRoles = new[]
                {
                    "string",
                },
                MaxIdleConnections = 0,
                MaxOpenConnections = 0,
                ConnectionUrl = "string",
                Password = "string",
                PluginName = "string",
                RootRotationStatements = new[]
                {
                    "string",
                },
                Username = "string",
                UsernameTemplate = "string",
                VerifyConnection = false,
            },
        },
    });
    
    example, err := database.NewSecretsMount(ctx, "secretsMountResource", &database.SecretsMountArgs{
    	Path: pulumi.String("string"),
    	Mongodbs: database.SecretsMountMongodbArray{
    		&database.SecretsMountMongodbArgs{
    			Name:                  pulumi.String("string"),
    			MaxConnectionLifetime: pulumi.Int(0),
    			Data: pulumi.StringMap{
    				"string": pulumi.String("string"),
    			},
    			AllowedRoles: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    			MaxIdleConnections: pulumi.Int(0),
    			MaxOpenConnections: pulumi.Int(0),
    			ConnectionUrl:      pulumi.String("string"),
    			Password:           pulumi.String("string"),
    			PluginName:         pulumi.String("string"),
    			RootRotationStatements: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    			Username:         pulumi.String("string"),
    			UsernameTemplate: pulumi.String("string"),
    			VerifyConnection: pulumi.Bool(false),
    		},
    	},
    	Cassandras: database.SecretsMountCassandraArray{
    		&database.SecretsMountCassandraArgs{
    			Name:      pulumi.String("string"),
    			PemJson:   pulumi.String("string"),
    			PemBundle: pulumi.String("string"),
    			Hosts: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    			InsecureTls: pulumi.Bool(false),
    			PluginName:  pulumi.String("string"),
    			Password:    pulumi.String("string"),
    			Data: pulumi.StringMap{
    				"string": pulumi.String("string"),
    			},
    			AllowedRoles: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    			ConnectTimeout:  pulumi.Int(0),
    			Port:            pulumi.Int(0),
    			ProtocolVersion: pulumi.Int(0),
    			RootRotationStatements: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    			SkipVerification: pulumi.Bool(false),
    			Tls:              pulumi.Bool(false),
    			Username:         pulumi.String("string"),
    			VerifyConnection: pulumi.Bool(false),
    		},
    	},
    	AuditNonHmacResponseKeys: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	AllowedManagedKeys: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	Couchbases: database.SecretsMountCouchbaseArray{
    		&database.SecretsMountCouchbaseArgs{
    			Hosts: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    			Username: pulumi.String("string"),
    			Password: pulumi.String("string"),
    			Name:     pulumi.String("string"),
    			Data: pulumi.StringMap{
    				"string": pulumi.String("string"),
    			},
    			InsecureTls: pulumi.Bool(false),
    			AllowedRoles: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    			BucketName: pulumi.String("string"),
    			PluginName: pulumi.String("string"),
    			RootRotationStatements: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    			Tls:              pulumi.Bool(false),
    			Base64Pem:        pulumi.String("string"),
    			UsernameTemplate: pulumi.String("string"),
    			VerifyConnection: pulumi.Bool(false),
    		},
    	},
    	Mssqls: database.SecretsMountMssqlArray{
    		&database.SecretsMountMssqlArgs{
    			Name:               pulumi.String("string"),
    			MaxIdleConnections: pulumi.Int(0),
    			ConnectionUrl:      pulumi.String("string"),
    			Data: pulumi.StringMap{
    				"string": pulumi.String("string"),
    			},
    			DisableEscaping:       pulumi.Bool(false),
    			MaxConnectionLifetime: pulumi.Int(0),
    			AllowedRoles: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    			MaxOpenConnections: pulumi.Int(0),
    			ContainedDb:        pulumi.Bool(false),
    			Password:           pulumi.String("string"),
    			PluginName:         pulumi.String("string"),
    			RootRotationStatements: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    			Username:         pulumi.String("string"),
    			UsernameTemplate: pulumi.String("string"),
    			VerifyConnection: pulumi.Bool(false),
    		},
    	},
    	DelegatedAuthAccessors: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	Description: pulumi.String("string"),
    	Elasticsearches: database.SecretsMountElasticsearchArray{
    		&database.SecretsMountElasticsearchArgs{
    			Url:      pulumi.String("string"),
    			Password: pulumi.String("string"),
    			Username: pulumi.String("string"),
    			Name:     pulumi.String("string"),
    			Insecure: pulumi.Bool(false),
    			Data: pulumi.StringMap{
    				"string": pulumi.String("string"),
    			},
    			CaCert:     pulumi.String("string"),
    			ClientCert: pulumi.String("string"),
    			ClientKey:  pulumi.String("string"),
    			PluginName: pulumi.String("string"),
    			RootRotationStatements: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    			TlsServerName: pulumi.String("string"),
    			AllowedRoles: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    			CaPath:           pulumi.String("string"),
    			UsernameTemplate: pulumi.String("string"),
    			VerifyConnection: pulumi.Bool(false),
    		},
    	},
    	ExternalEntropyAccess: pulumi.Bool(false),
    	Hanas: database.SecretsMountHanaArray{
    		&database.SecretsMountHanaArgs{
    			Name:               pulumi.String("string"),
    			MaxOpenConnections: pulumi.Int(0),
    			Data: pulumi.StringMap{
    				"string": pulumi.String("string"),
    			},
    			DisableEscaping:       pulumi.Bool(false),
    			MaxConnectionLifetime: pulumi.Int(0),
    			MaxIdleConnections:    pulumi.Int(0),
    			AllowedRoles: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    			ConnectionUrl: pulumi.String("string"),
    			Password:      pulumi.String("string"),
    			PluginName:    pulumi.String("string"),
    			RootRotationStatements: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    			Username:         pulumi.String("string"),
    			VerifyConnection: pulumi.Bool(false),
    		},
    	},
    	IdentityTokenKey: pulumi.String("string"),
    	Influxdbs: database.SecretsMountInfluxdbArray{
    		&database.SecretsMountInfluxdbArgs{
    			Name:        pulumi.String("string"),
    			Username:    pulumi.String("string"),
    			Password:    pulumi.String("string"),
    			Host:        pulumi.String("string"),
    			PemJson:     pulumi.String("string"),
    			InsecureTls: pulumi.Bool(false),
    			Data: pulumi.StringMap{
    				"string": pulumi.String("string"),
    			},
    			PemBundle: pulumi.String("string"),
    			AllowedRoles: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    			PluginName: pulumi.String("string"),
    			Port:       pulumi.Int(0),
    			RootRotationStatements: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    			Tls:              pulumi.Bool(false),
    			ConnectTimeout:   pulumi.Int(0),
    			UsernameTemplate: pulumi.String("string"),
    			VerifyConnection: pulumi.Bool(false),
    		},
    	},
    	ListingVisibility:  pulumi.String("string"),
    	Local:              pulumi.Bool(false),
    	MaxLeaseTtlSeconds: pulumi.Int(0),
    	SealWrap:           pulumi.Bool(false),
    	AuditNonHmacRequestKeys: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	DefaultLeaseTtlSeconds: pulumi.Int(0),
    	MysqlAuroras: database.SecretsMountMysqlAuroraArray{
    		&database.SecretsMountMysqlAuroraArgs{
    			Name:     pulumi.String("string"),
    			Password: pulumi.String("string"),
    			AuthType: pulumi.String("string"),
    			Data: pulumi.StringMap{
    				"string": pulumi.String("string"),
    			},
    			MaxConnectionLifetime: pulumi.Int(0),
    			PluginName:            pulumi.String("string"),
    			MaxOpenConnections:    pulumi.Int(0),
    			ConnectionUrl:         pulumi.String("string"),
    			AllowedRoles: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    			MaxIdleConnections: pulumi.Int(0),
    			RootRotationStatements: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    			ServiceAccountJson: pulumi.String("string"),
    			TlsCa:              pulumi.String("string"),
    			TlsCertificateKey:  pulumi.String("string"),
    			Username:           pulumi.String("string"),
    			UsernameTemplate:   pulumi.String("string"),
    			VerifyConnection:   pulumi.Bool(false),
    		},
    	},
    	MysqlLegacies: database.SecretsMountMysqlLegacyArray{
    		&database.SecretsMountMysqlLegacyArgs{
    			Name:     pulumi.String("string"),
    			Password: pulumi.String("string"),
    			AuthType: pulumi.String("string"),
    			Data: pulumi.StringMap{
    				"string": pulumi.String("string"),
    			},
    			MaxConnectionLifetime: pulumi.Int(0),
    			PluginName:            pulumi.String("string"),
    			MaxOpenConnections:    pulumi.Int(0),
    			ConnectionUrl:         pulumi.String("string"),
    			AllowedRoles: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    			MaxIdleConnections: pulumi.Int(0),
    			RootRotationStatements: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    			ServiceAccountJson: pulumi.String("string"),
    			TlsCa:              pulumi.String("string"),
    			TlsCertificateKey:  pulumi.String("string"),
    			Username:           pulumi.String("string"),
    			UsernameTemplate:   pulumi.String("string"),
    			VerifyConnection:   pulumi.Bool(false),
    		},
    	},
    	MysqlRds: database.SecretsMountMysqlRdArray{
    		&database.SecretsMountMysqlRdArgs{
    			Name:     pulumi.String("string"),
    			Password: pulumi.String("string"),
    			AuthType: pulumi.String("string"),
    			Data: pulumi.StringMap{
    				"string": pulumi.String("string"),
    			},
    			MaxConnectionLifetime: pulumi.Int(0),
    			PluginName:            pulumi.String("string"),
    			MaxOpenConnections:    pulumi.Int(0),
    			ConnectionUrl:         pulumi.String("string"),
    			AllowedRoles: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    			MaxIdleConnections: pulumi.Int(0),
    			RootRotationStatements: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    			ServiceAccountJson: pulumi.String("string"),
    			TlsCa:              pulumi.String("string"),
    			TlsCertificateKey:  pulumi.String("string"),
    			Username:           pulumi.String("string"),
    			UsernameTemplate:   pulumi.String("string"),
    			VerifyConnection:   pulumi.Bool(false),
    		},
    	},
    	Mysqls: database.SecretsMountMysqlArray{
    		&database.SecretsMountMysqlArgs{
    			Name:     pulumi.String("string"),
    			Password: pulumi.String("string"),
    			AuthType: pulumi.String("string"),
    			Data: pulumi.StringMap{
    				"string": pulumi.String("string"),
    			},
    			MaxConnectionLifetime: pulumi.Int(0),
    			PluginName:            pulumi.String("string"),
    			MaxOpenConnections:    pulumi.Int(0),
    			ConnectionUrl:         pulumi.String("string"),
    			AllowedRoles: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    			MaxIdleConnections: pulumi.Int(0),
    			RootRotationStatements: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    			ServiceAccountJson: pulumi.String("string"),
    			TlsCa:              pulumi.String("string"),
    			TlsCertificateKey:  pulumi.String("string"),
    			Username:           pulumi.String("string"),
    			UsernameTemplate:   pulumi.String("string"),
    			VerifyConnection:   pulumi.Bool(false),
    		},
    	},
    	Namespace: pulumi.String("string"),
    	Options: pulumi.StringMap{
    		"string": pulumi.String("string"),
    	},
    	Oracles: database.SecretsMountOracleArray{
    		&database.SecretsMountOracleArgs{
    			Name:                  pulumi.String("string"),
    			MaxOpenConnections:    pulumi.Int(0),
    			Password:              pulumi.String("string"),
    			DisconnectSessions:    pulumi.Bool(false),
    			MaxConnectionLifetime: pulumi.Int(0),
    			MaxIdleConnections:    pulumi.Int(0),
    			AllowedRoles: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    			ConnectionUrl: pulumi.String("string"),
    			Data: pulumi.StringMap{
    				"string": pulumi.String("string"),
    			},
    			PluginName: pulumi.String("string"),
    			RootRotationStatements: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    			SplitStatements:  pulumi.Bool(false),
    			Username:         pulumi.String("string"),
    			UsernameTemplate: pulumi.String("string"),
    			VerifyConnection: pulumi.Bool(false),
    		},
    	},
    	PassthroughRequestHeaders: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	AllowedResponseHeaders: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	PluginVersion: pulumi.String("string"),
    	Postgresqls: database.SecretsMountPostgresqlArray{
    		&database.SecretsMountPostgresqlArgs{
    			Name:                  pulumi.String("string"),
    			PluginName:            pulumi.String("string"),
    			VerifyConnection:      pulumi.Bool(false),
    			Password:              pulumi.String("string"),
    			DisableEscaping:       pulumi.Bool(false),
    			MaxConnectionLifetime: pulumi.Int(0),
    			MaxIdleConnections:    pulumi.Int(0),
    			MaxOpenConnections:    pulumi.Int(0),
    			AuthType:              pulumi.String("string"),
    			Data: pulumi.StringMap{
    				"string": pulumi.String("string"),
    			},
    			ConnectionUrl: pulumi.String("string"),
    			RootRotationStatements: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    			PrivateKey:         pulumi.String("string"),
    			SelfManaged:        pulumi.Bool(false),
    			ServiceAccountJson: pulumi.String("string"),
    			TlsCa:              pulumi.String("string"),
    			TlsCertificate:     pulumi.String("string"),
    			Username:           pulumi.String("string"),
    			UsernameTemplate:   pulumi.String("string"),
    			AllowedRoles: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    		},
    	},
    	Redis: database.SecretsMountRediArray{
    		&database.SecretsMountRediArgs{
    			Password: pulumi.String("string"),
    			Host:     pulumi.String("string"),
    			Name:     pulumi.String("string"),
    			Username: pulumi.String("string"),
    			CaCert:   pulumi.String("string"),
    			Data: pulumi.StringMap{
    				"string": pulumi.String("string"),
    			},
    			InsecureTls: pulumi.Bool(false),
    			AllowedRoles: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    			PluginName: pulumi.String("string"),
    			Port:       pulumi.Int(0),
    			RootRotationStatements: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    			Tls:              pulumi.Bool(false),
    			VerifyConnection: pulumi.Bool(false),
    		},
    	},
    	RedisElasticaches: database.SecretsMountRedisElasticachArray{
    		&database.SecretsMountRedisElasticachArgs{
    			Name: pulumi.String("string"),
    			Url:  pulumi.String("string"),
    			AllowedRoles: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    			Data: pulumi.StringMap{
    				"string": pulumi.String("string"),
    			},
    			Password:   pulumi.String("string"),
    			PluginName: pulumi.String("string"),
    			Region:     pulumi.String("string"),
    			RootRotationStatements: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    			Username:         pulumi.String("string"),
    			VerifyConnection: pulumi.Bool(false),
    		},
    	},
    	Redshifts: database.SecretsMountRedshiftArray{
    		&database.SecretsMountRedshiftArgs{
    			Name:               pulumi.String("string"),
    			MaxOpenConnections: pulumi.Int(0),
    			Data: pulumi.StringMap{
    				"string": pulumi.String("string"),
    			},
    			DisableEscaping:       pulumi.Bool(false),
    			MaxConnectionLifetime: pulumi.Int(0),
    			MaxIdleConnections:    pulumi.Int(0),
    			AllowedRoles: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    			ConnectionUrl: pulumi.String("string"),
    			Password:      pulumi.String("string"),
    			PluginName:    pulumi.String("string"),
    			RootRotationStatements: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    			Username:         pulumi.String("string"),
    			UsernameTemplate: pulumi.String("string"),
    			VerifyConnection: pulumi.Bool(false),
    		},
    	},
    	Mongodbatlas: database.SecretsMountMongodbatlaArray{
    		&database.SecretsMountMongodbatlaArgs{
    			Name:       pulumi.String("string"),
    			PrivateKey: pulumi.String("string"),
    			ProjectId:  pulumi.String("string"),
    			PublicKey:  pulumi.String("string"),
    			AllowedRoles: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    			Data: pulumi.StringMap{
    				"string": pulumi.String("string"),
    			},
    			PluginName: pulumi.String("string"),
    			RootRotationStatements: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    			VerifyConnection: pulumi.Bool(false),
    		},
    	},
    	Snowflakes: database.SecretsMountSnowflakeArray{
    		&database.SecretsMountSnowflakeArgs{
    			Name:                  pulumi.String("string"),
    			MaxConnectionLifetime: pulumi.Int(0),
    			Data: pulumi.StringMap{
    				"string": pulumi.String("string"),
    			},
    			AllowedRoles: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    			MaxIdleConnections: pulumi.Int(0),
    			MaxOpenConnections: pulumi.Int(0),
    			ConnectionUrl:      pulumi.String("string"),
    			Password:           pulumi.String("string"),
    			PluginName:         pulumi.String("string"),
    			RootRotationStatements: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    			Username:         pulumi.String("string"),
    			UsernameTemplate: pulumi.String("string"),
    			VerifyConnection: pulumi.Bool(false),
    		},
    	},
    })
    
    var secretsMountResource = new SecretsMount("secretsMountResource", SecretsMountArgs.builder()
        .path("string")
        .mongodbs(SecretsMountMongodbArgs.builder()
            .name("string")
            .maxConnectionLifetime(0)
            .data(Map.of("string", "string"))
            .allowedRoles("string")
            .maxIdleConnections(0)
            .maxOpenConnections(0)
            .connectionUrl("string")
            .password("string")
            .pluginName("string")
            .rootRotationStatements("string")
            .username("string")
            .usernameTemplate("string")
            .verifyConnection(false)
            .build())
        .cassandras(SecretsMountCassandraArgs.builder()
            .name("string")
            .pemJson("string")
            .pemBundle("string")
            .hosts("string")
            .insecureTls(false)
            .pluginName("string")
            .password("string")
            .data(Map.of("string", "string"))
            .allowedRoles("string")
            .connectTimeout(0)
            .port(0)
            .protocolVersion(0)
            .rootRotationStatements("string")
            .skipVerification(false)
            .tls(false)
            .username("string")
            .verifyConnection(false)
            .build())
        .auditNonHmacResponseKeys("string")
        .allowedManagedKeys("string")
        .couchbases(SecretsMountCouchbaseArgs.builder()
            .hosts("string")
            .username("string")
            .password("string")
            .name("string")
            .data(Map.of("string", "string"))
            .insecureTls(false)
            .allowedRoles("string")
            .bucketName("string")
            .pluginName("string")
            .rootRotationStatements("string")
            .tls(false)
            .base64Pem("string")
            .usernameTemplate("string")
            .verifyConnection(false)
            .build())
        .mssqls(SecretsMountMssqlArgs.builder()
            .name("string")
            .maxIdleConnections(0)
            .connectionUrl("string")
            .data(Map.of("string", "string"))
            .disableEscaping(false)
            .maxConnectionLifetime(0)
            .allowedRoles("string")
            .maxOpenConnections(0)
            .containedDb(false)
            .password("string")
            .pluginName("string")
            .rootRotationStatements("string")
            .username("string")
            .usernameTemplate("string")
            .verifyConnection(false)
            .build())
        .delegatedAuthAccessors("string")
        .description("string")
        .elasticsearches(SecretsMountElasticsearchArgs.builder()
            .url("string")
            .password("string")
            .username("string")
            .name("string")
            .insecure(false)
            .data(Map.of("string", "string"))
            .caCert("string")
            .clientCert("string")
            .clientKey("string")
            .pluginName("string")
            .rootRotationStatements("string")
            .tlsServerName("string")
            .allowedRoles("string")
            .caPath("string")
            .usernameTemplate("string")
            .verifyConnection(false)
            .build())
        .externalEntropyAccess(false)
        .hanas(SecretsMountHanaArgs.builder()
            .name("string")
            .maxOpenConnections(0)
            .data(Map.of("string", "string"))
            .disableEscaping(false)
            .maxConnectionLifetime(0)
            .maxIdleConnections(0)
            .allowedRoles("string")
            .connectionUrl("string")
            .password("string")
            .pluginName("string")
            .rootRotationStatements("string")
            .username("string")
            .verifyConnection(false)
            .build())
        .identityTokenKey("string")
        .influxdbs(SecretsMountInfluxdbArgs.builder()
            .name("string")
            .username("string")
            .password("string")
            .host("string")
            .pemJson("string")
            .insecureTls(false)
            .data(Map.of("string", "string"))
            .pemBundle("string")
            .allowedRoles("string")
            .pluginName("string")
            .port(0)
            .rootRotationStatements("string")
            .tls(false)
            .connectTimeout(0)
            .usernameTemplate("string")
            .verifyConnection(false)
            .build())
        .listingVisibility("string")
        .local(false)
        .maxLeaseTtlSeconds(0)
        .sealWrap(false)
        .auditNonHmacRequestKeys("string")
        .defaultLeaseTtlSeconds(0)
        .mysqlAuroras(SecretsMountMysqlAuroraArgs.builder()
            .name("string")
            .password("string")
            .authType("string")
            .data(Map.of("string", "string"))
            .maxConnectionLifetime(0)
            .pluginName("string")
            .maxOpenConnections(0)
            .connectionUrl("string")
            .allowedRoles("string")
            .maxIdleConnections(0)
            .rootRotationStatements("string")
            .serviceAccountJson("string")
            .tlsCa("string")
            .tlsCertificateKey("string")
            .username("string")
            .usernameTemplate("string")
            .verifyConnection(false)
            .build())
        .mysqlLegacies(SecretsMountMysqlLegacyArgs.builder()
            .name("string")
            .password("string")
            .authType("string")
            .data(Map.of("string", "string"))
            .maxConnectionLifetime(0)
            .pluginName("string")
            .maxOpenConnections(0)
            .connectionUrl("string")
            .allowedRoles("string")
            .maxIdleConnections(0)
            .rootRotationStatements("string")
            .serviceAccountJson("string")
            .tlsCa("string")
            .tlsCertificateKey("string")
            .username("string")
            .usernameTemplate("string")
            .verifyConnection(false)
            .build())
        .mysqlRds(SecretsMountMysqlRdArgs.builder()
            .name("string")
            .password("string")
            .authType("string")
            .data(Map.of("string", "string"))
            .maxConnectionLifetime(0)
            .pluginName("string")
            .maxOpenConnections(0)
            .connectionUrl("string")
            .allowedRoles("string")
            .maxIdleConnections(0)
            .rootRotationStatements("string")
            .serviceAccountJson("string")
            .tlsCa("string")
            .tlsCertificateKey("string")
            .username("string")
            .usernameTemplate("string")
            .verifyConnection(false)
            .build())
        .mysqls(SecretsMountMysqlArgs.builder()
            .name("string")
            .password("string")
            .authType("string")
            .data(Map.of("string", "string"))
            .maxConnectionLifetime(0)
            .pluginName("string")
            .maxOpenConnections(0)
            .connectionUrl("string")
            .allowedRoles("string")
            .maxIdleConnections(0)
            .rootRotationStatements("string")
            .serviceAccountJson("string")
            .tlsCa("string")
            .tlsCertificateKey("string")
            .username("string")
            .usernameTemplate("string")
            .verifyConnection(false)
            .build())
        .namespace("string")
        .options(Map.of("string", "string"))
        .oracles(SecretsMountOracleArgs.builder()
            .name("string")
            .maxOpenConnections(0)
            .password("string")
            .disconnectSessions(false)
            .maxConnectionLifetime(0)
            .maxIdleConnections(0)
            .allowedRoles("string")
            .connectionUrl("string")
            .data(Map.of("string", "string"))
            .pluginName("string")
            .rootRotationStatements("string")
            .splitStatements(false)
            .username("string")
            .usernameTemplate("string")
            .verifyConnection(false)
            .build())
        .passthroughRequestHeaders("string")
        .allowedResponseHeaders("string")
        .pluginVersion("string")
        .postgresqls(SecretsMountPostgresqlArgs.builder()
            .name("string")
            .pluginName("string")
            .verifyConnection(false)
            .password("string")
            .disableEscaping(false)
            .maxConnectionLifetime(0)
            .maxIdleConnections(0)
            .maxOpenConnections(0)
            .authType("string")
            .data(Map.of("string", "string"))
            .connectionUrl("string")
            .rootRotationStatements("string")
            .privateKey("string")
            .selfManaged(false)
            .serviceAccountJson("string")
            .tlsCa("string")
            .tlsCertificate("string")
            .username("string")
            .usernameTemplate("string")
            .allowedRoles("string")
            .build())
        .redis(SecretsMountRediArgs.builder()
            .password("string")
            .host("string")
            .name("string")
            .username("string")
            .caCert("string")
            .data(Map.of("string", "string"))
            .insecureTls(false)
            .allowedRoles("string")
            .pluginName("string")
            .port(0)
            .rootRotationStatements("string")
            .tls(false)
            .verifyConnection(false)
            .build())
        .redisElasticaches(SecretsMountRedisElasticachArgs.builder()
            .name("string")
            .url("string")
            .allowedRoles("string")
            .data(Map.of("string", "string"))
            .password("string")
            .pluginName("string")
            .region("string")
            .rootRotationStatements("string")
            .username("string")
            .verifyConnection(false)
            .build())
        .redshifts(SecretsMountRedshiftArgs.builder()
            .name("string")
            .maxOpenConnections(0)
            .data(Map.of("string", "string"))
            .disableEscaping(false)
            .maxConnectionLifetime(0)
            .maxIdleConnections(0)
            .allowedRoles("string")
            .connectionUrl("string")
            .password("string")
            .pluginName("string")
            .rootRotationStatements("string")
            .username("string")
            .usernameTemplate("string")
            .verifyConnection(false)
            .build())
        .mongodbatlas(SecretsMountMongodbatlaArgs.builder()
            .name("string")
            .privateKey("string")
            .projectId("string")
            .publicKey("string")
            .allowedRoles("string")
            .data(Map.of("string", "string"))
            .pluginName("string")
            .rootRotationStatements("string")
            .verifyConnection(false)
            .build())
        .snowflakes(SecretsMountSnowflakeArgs.builder()
            .name("string")
            .maxConnectionLifetime(0)
            .data(Map.of("string", "string"))
            .allowedRoles("string")
            .maxIdleConnections(0)
            .maxOpenConnections(0)
            .connectionUrl("string")
            .password("string")
            .pluginName("string")
            .rootRotationStatements("string")
            .username("string")
            .usernameTemplate("string")
            .verifyConnection(false)
            .build())
        .build());
    
    secrets_mount_resource = vault.database.SecretsMount("secretsMountResource",
        path="string",
        mongodbs=[{
            "name": "string",
            "max_connection_lifetime": 0,
            "data": {
                "string": "string",
            },
            "allowed_roles": ["string"],
            "max_idle_connections": 0,
            "max_open_connections": 0,
            "connection_url": "string",
            "password": "string",
            "plugin_name": "string",
            "root_rotation_statements": ["string"],
            "username": "string",
            "username_template": "string",
            "verify_connection": False,
        }],
        cassandras=[{
            "name": "string",
            "pem_json": "string",
            "pem_bundle": "string",
            "hosts": ["string"],
            "insecure_tls": False,
            "plugin_name": "string",
            "password": "string",
            "data": {
                "string": "string",
            },
            "allowed_roles": ["string"],
            "connect_timeout": 0,
            "port": 0,
            "protocol_version": 0,
            "root_rotation_statements": ["string"],
            "skip_verification": False,
            "tls": False,
            "username": "string",
            "verify_connection": False,
        }],
        audit_non_hmac_response_keys=["string"],
        allowed_managed_keys=["string"],
        couchbases=[{
            "hosts": ["string"],
            "username": "string",
            "password": "string",
            "name": "string",
            "data": {
                "string": "string",
            },
            "insecure_tls": False,
            "allowed_roles": ["string"],
            "bucket_name": "string",
            "plugin_name": "string",
            "root_rotation_statements": ["string"],
            "tls": False,
            "base64_pem": "string",
            "username_template": "string",
            "verify_connection": False,
        }],
        mssqls=[{
            "name": "string",
            "max_idle_connections": 0,
            "connection_url": "string",
            "data": {
                "string": "string",
            },
            "disable_escaping": False,
            "max_connection_lifetime": 0,
            "allowed_roles": ["string"],
            "max_open_connections": 0,
            "contained_db": False,
            "password": "string",
            "plugin_name": "string",
            "root_rotation_statements": ["string"],
            "username": "string",
            "username_template": "string",
            "verify_connection": False,
        }],
        delegated_auth_accessors=["string"],
        description="string",
        elasticsearches=[{
            "url": "string",
            "password": "string",
            "username": "string",
            "name": "string",
            "insecure": False,
            "data": {
                "string": "string",
            },
            "ca_cert": "string",
            "client_cert": "string",
            "client_key": "string",
            "plugin_name": "string",
            "root_rotation_statements": ["string"],
            "tls_server_name": "string",
            "allowed_roles": ["string"],
            "ca_path": "string",
            "username_template": "string",
            "verify_connection": False,
        }],
        external_entropy_access=False,
        hanas=[{
            "name": "string",
            "max_open_connections": 0,
            "data": {
                "string": "string",
            },
            "disable_escaping": False,
            "max_connection_lifetime": 0,
            "max_idle_connections": 0,
            "allowed_roles": ["string"],
            "connection_url": "string",
            "password": "string",
            "plugin_name": "string",
            "root_rotation_statements": ["string"],
            "username": "string",
            "verify_connection": False,
        }],
        identity_token_key="string",
        influxdbs=[{
            "name": "string",
            "username": "string",
            "password": "string",
            "host": "string",
            "pem_json": "string",
            "insecure_tls": False,
            "data": {
                "string": "string",
            },
            "pem_bundle": "string",
            "allowed_roles": ["string"],
            "plugin_name": "string",
            "port": 0,
            "root_rotation_statements": ["string"],
            "tls": False,
            "connect_timeout": 0,
            "username_template": "string",
            "verify_connection": False,
        }],
        listing_visibility="string",
        local=False,
        max_lease_ttl_seconds=0,
        seal_wrap=False,
        audit_non_hmac_request_keys=["string"],
        default_lease_ttl_seconds=0,
        mysql_auroras=[{
            "name": "string",
            "password": "string",
            "auth_type": "string",
            "data": {
                "string": "string",
            },
            "max_connection_lifetime": 0,
            "plugin_name": "string",
            "max_open_connections": 0,
            "connection_url": "string",
            "allowed_roles": ["string"],
            "max_idle_connections": 0,
            "root_rotation_statements": ["string"],
            "service_account_json": "string",
            "tls_ca": "string",
            "tls_certificate_key": "string",
            "username": "string",
            "username_template": "string",
            "verify_connection": False,
        }],
        mysql_legacies=[{
            "name": "string",
            "password": "string",
            "auth_type": "string",
            "data": {
                "string": "string",
            },
            "max_connection_lifetime": 0,
            "plugin_name": "string",
            "max_open_connections": 0,
            "connection_url": "string",
            "allowed_roles": ["string"],
            "max_idle_connections": 0,
            "root_rotation_statements": ["string"],
            "service_account_json": "string",
            "tls_ca": "string",
            "tls_certificate_key": "string",
            "username": "string",
            "username_template": "string",
            "verify_connection": False,
        }],
        mysql_rds=[{
            "name": "string",
            "password": "string",
            "auth_type": "string",
            "data": {
                "string": "string",
            },
            "max_connection_lifetime": 0,
            "plugin_name": "string",
            "max_open_connections": 0,
            "connection_url": "string",
            "allowed_roles": ["string"],
            "max_idle_connections": 0,
            "root_rotation_statements": ["string"],
            "service_account_json": "string",
            "tls_ca": "string",
            "tls_certificate_key": "string",
            "username": "string",
            "username_template": "string",
            "verify_connection": False,
        }],
        mysqls=[{
            "name": "string",
            "password": "string",
            "auth_type": "string",
            "data": {
                "string": "string",
            },
            "max_connection_lifetime": 0,
            "plugin_name": "string",
            "max_open_connections": 0,
            "connection_url": "string",
            "allowed_roles": ["string"],
            "max_idle_connections": 0,
            "root_rotation_statements": ["string"],
            "service_account_json": "string",
            "tls_ca": "string",
            "tls_certificate_key": "string",
            "username": "string",
            "username_template": "string",
            "verify_connection": False,
        }],
        namespace="string",
        options={
            "string": "string",
        },
        oracles=[{
            "name": "string",
            "max_open_connections": 0,
            "password": "string",
            "disconnect_sessions": False,
            "max_connection_lifetime": 0,
            "max_idle_connections": 0,
            "allowed_roles": ["string"],
            "connection_url": "string",
            "data": {
                "string": "string",
            },
            "plugin_name": "string",
            "root_rotation_statements": ["string"],
            "split_statements": False,
            "username": "string",
            "username_template": "string",
            "verify_connection": False,
        }],
        passthrough_request_headers=["string"],
        allowed_response_headers=["string"],
        plugin_version="string",
        postgresqls=[{
            "name": "string",
            "plugin_name": "string",
            "verify_connection": False,
            "password": "string",
            "disable_escaping": False,
            "max_connection_lifetime": 0,
            "max_idle_connections": 0,
            "max_open_connections": 0,
            "auth_type": "string",
            "data": {
                "string": "string",
            },
            "connection_url": "string",
            "root_rotation_statements": ["string"],
            "private_key": "string",
            "self_managed": False,
            "service_account_json": "string",
            "tls_ca": "string",
            "tls_certificate": "string",
            "username": "string",
            "username_template": "string",
            "allowed_roles": ["string"],
        }],
        redis=[{
            "password": "string",
            "host": "string",
            "name": "string",
            "username": "string",
            "ca_cert": "string",
            "data": {
                "string": "string",
            },
            "insecure_tls": False,
            "allowed_roles": ["string"],
            "plugin_name": "string",
            "port": 0,
            "root_rotation_statements": ["string"],
            "tls": False,
            "verify_connection": False,
        }],
        redis_elasticaches=[{
            "name": "string",
            "url": "string",
            "allowed_roles": ["string"],
            "data": {
                "string": "string",
            },
            "password": "string",
            "plugin_name": "string",
            "region": "string",
            "root_rotation_statements": ["string"],
            "username": "string",
            "verify_connection": False,
        }],
        redshifts=[{
            "name": "string",
            "max_open_connections": 0,
            "data": {
                "string": "string",
            },
            "disable_escaping": False,
            "max_connection_lifetime": 0,
            "max_idle_connections": 0,
            "allowed_roles": ["string"],
            "connection_url": "string",
            "password": "string",
            "plugin_name": "string",
            "root_rotation_statements": ["string"],
            "username": "string",
            "username_template": "string",
            "verify_connection": False,
        }],
        mongodbatlas=[{
            "name": "string",
            "private_key": "string",
            "project_id": "string",
            "public_key": "string",
            "allowed_roles": ["string"],
            "data": {
                "string": "string",
            },
            "plugin_name": "string",
            "root_rotation_statements": ["string"],
            "verify_connection": False,
        }],
        snowflakes=[{
            "name": "string",
            "max_connection_lifetime": 0,
            "data": {
                "string": "string",
            },
            "allowed_roles": ["string"],
            "max_idle_connections": 0,
            "max_open_connections": 0,
            "connection_url": "string",
            "password": "string",
            "plugin_name": "string",
            "root_rotation_statements": ["string"],
            "username": "string",
            "username_template": "string",
            "verify_connection": False,
        }])
    
    const secretsMountResource = new vault.database.SecretsMount("secretsMountResource", {
        path: "string",
        mongodbs: [{
            name: "string",
            maxConnectionLifetime: 0,
            data: {
                string: "string",
            },
            allowedRoles: ["string"],
            maxIdleConnections: 0,
            maxOpenConnections: 0,
            connectionUrl: "string",
            password: "string",
            pluginName: "string",
            rootRotationStatements: ["string"],
            username: "string",
            usernameTemplate: "string",
            verifyConnection: false,
        }],
        cassandras: [{
            name: "string",
            pemJson: "string",
            pemBundle: "string",
            hosts: ["string"],
            insecureTls: false,
            pluginName: "string",
            password: "string",
            data: {
                string: "string",
            },
            allowedRoles: ["string"],
            connectTimeout: 0,
            port: 0,
            protocolVersion: 0,
            rootRotationStatements: ["string"],
            skipVerification: false,
            tls: false,
            username: "string",
            verifyConnection: false,
        }],
        auditNonHmacResponseKeys: ["string"],
        allowedManagedKeys: ["string"],
        couchbases: [{
            hosts: ["string"],
            username: "string",
            password: "string",
            name: "string",
            data: {
                string: "string",
            },
            insecureTls: false,
            allowedRoles: ["string"],
            bucketName: "string",
            pluginName: "string",
            rootRotationStatements: ["string"],
            tls: false,
            base64Pem: "string",
            usernameTemplate: "string",
            verifyConnection: false,
        }],
        mssqls: [{
            name: "string",
            maxIdleConnections: 0,
            connectionUrl: "string",
            data: {
                string: "string",
            },
            disableEscaping: false,
            maxConnectionLifetime: 0,
            allowedRoles: ["string"],
            maxOpenConnections: 0,
            containedDb: false,
            password: "string",
            pluginName: "string",
            rootRotationStatements: ["string"],
            username: "string",
            usernameTemplate: "string",
            verifyConnection: false,
        }],
        delegatedAuthAccessors: ["string"],
        description: "string",
        elasticsearches: [{
            url: "string",
            password: "string",
            username: "string",
            name: "string",
            insecure: false,
            data: {
                string: "string",
            },
            caCert: "string",
            clientCert: "string",
            clientKey: "string",
            pluginName: "string",
            rootRotationStatements: ["string"],
            tlsServerName: "string",
            allowedRoles: ["string"],
            caPath: "string",
            usernameTemplate: "string",
            verifyConnection: false,
        }],
        externalEntropyAccess: false,
        hanas: [{
            name: "string",
            maxOpenConnections: 0,
            data: {
                string: "string",
            },
            disableEscaping: false,
            maxConnectionLifetime: 0,
            maxIdleConnections: 0,
            allowedRoles: ["string"],
            connectionUrl: "string",
            password: "string",
            pluginName: "string",
            rootRotationStatements: ["string"],
            username: "string",
            verifyConnection: false,
        }],
        identityTokenKey: "string",
        influxdbs: [{
            name: "string",
            username: "string",
            password: "string",
            host: "string",
            pemJson: "string",
            insecureTls: false,
            data: {
                string: "string",
            },
            pemBundle: "string",
            allowedRoles: ["string"],
            pluginName: "string",
            port: 0,
            rootRotationStatements: ["string"],
            tls: false,
            connectTimeout: 0,
            usernameTemplate: "string",
            verifyConnection: false,
        }],
        listingVisibility: "string",
        local: false,
        maxLeaseTtlSeconds: 0,
        sealWrap: false,
        auditNonHmacRequestKeys: ["string"],
        defaultLeaseTtlSeconds: 0,
        mysqlAuroras: [{
            name: "string",
            password: "string",
            authType: "string",
            data: {
                string: "string",
            },
            maxConnectionLifetime: 0,
            pluginName: "string",
            maxOpenConnections: 0,
            connectionUrl: "string",
            allowedRoles: ["string"],
            maxIdleConnections: 0,
            rootRotationStatements: ["string"],
            serviceAccountJson: "string",
            tlsCa: "string",
            tlsCertificateKey: "string",
            username: "string",
            usernameTemplate: "string",
            verifyConnection: false,
        }],
        mysqlLegacies: [{
            name: "string",
            password: "string",
            authType: "string",
            data: {
                string: "string",
            },
            maxConnectionLifetime: 0,
            pluginName: "string",
            maxOpenConnections: 0,
            connectionUrl: "string",
            allowedRoles: ["string"],
            maxIdleConnections: 0,
            rootRotationStatements: ["string"],
            serviceAccountJson: "string",
            tlsCa: "string",
            tlsCertificateKey: "string",
            username: "string",
            usernameTemplate: "string",
            verifyConnection: false,
        }],
        mysqlRds: [{
            name: "string",
            password: "string",
            authType: "string",
            data: {
                string: "string",
            },
            maxConnectionLifetime: 0,
            pluginName: "string",
            maxOpenConnections: 0,
            connectionUrl: "string",
            allowedRoles: ["string"],
            maxIdleConnections: 0,
            rootRotationStatements: ["string"],
            serviceAccountJson: "string",
            tlsCa: "string",
            tlsCertificateKey: "string",
            username: "string",
            usernameTemplate: "string",
            verifyConnection: false,
        }],
        mysqls: [{
            name: "string",
            password: "string",
            authType: "string",
            data: {
                string: "string",
            },
            maxConnectionLifetime: 0,
            pluginName: "string",
            maxOpenConnections: 0,
            connectionUrl: "string",
            allowedRoles: ["string"],
            maxIdleConnections: 0,
            rootRotationStatements: ["string"],
            serviceAccountJson: "string",
            tlsCa: "string",
            tlsCertificateKey: "string",
            username: "string",
            usernameTemplate: "string",
            verifyConnection: false,
        }],
        namespace: "string",
        options: {
            string: "string",
        },
        oracles: [{
            name: "string",
            maxOpenConnections: 0,
            password: "string",
            disconnectSessions: false,
            maxConnectionLifetime: 0,
            maxIdleConnections: 0,
            allowedRoles: ["string"],
            connectionUrl: "string",
            data: {
                string: "string",
            },
            pluginName: "string",
            rootRotationStatements: ["string"],
            splitStatements: false,
            username: "string",
            usernameTemplate: "string",
            verifyConnection: false,
        }],
        passthroughRequestHeaders: ["string"],
        allowedResponseHeaders: ["string"],
        pluginVersion: "string",
        postgresqls: [{
            name: "string",
            pluginName: "string",
            verifyConnection: false,
            password: "string",
            disableEscaping: false,
            maxConnectionLifetime: 0,
            maxIdleConnections: 0,
            maxOpenConnections: 0,
            authType: "string",
            data: {
                string: "string",
            },
            connectionUrl: "string",
            rootRotationStatements: ["string"],
            privateKey: "string",
            selfManaged: false,
            serviceAccountJson: "string",
            tlsCa: "string",
            tlsCertificate: "string",
            username: "string",
            usernameTemplate: "string",
            allowedRoles: ["string"],
        }],
        redis: [{
            password: "string",
            host: "string",
            name: "string",
            username: "string",
            caCert: "string",
            data: {
                string: "string",
            },
            insecureTls: false,
            allowedRoles: ["string"],
            pluginName: "string",
            port: 0,
            rootRotationStatements: ["string"],
            tls: false,
            verifyConnection: false,
        }],
        redisElasticaches: [{
            name: "string",
            url: "string",
            allowedRoles: ["string"],
            data: {
                string: "string",
            },
            password: "string",
            pluginName: "string",
            region: "string",
            rootRotationStatements: ["string"],
            username: "string",
            verifyConnection: false,
        }],
        redshifts: [{
            name: "string",
            maxOpenConnections: 0,
            data: {
                string: "string",
            },
            disableEscaping: false,
            maxConnectionLifetime: 0,
            maxIdleConnections: 0,
            allowedRoles: ["string"],
            connectionUrl: "string",
            password: "string",
            pluginName: "string",
            rootRotationStatements: ["string"],
            username: "string",
            usernameTemplate: "string",
            verifyConnection: false,
        }],
        mongodbatlas: [{
            name: "string",
            privateKey: "string",
            projectId: "string",
            publicKey: "string",
            allowedRoles: ["string"],
            data: {
                string: "string",
            },
            pluginName: "string",
            rootRotationStatements: ["string"],
            verifyConnection: false,
        }],
        snowflakes: [{
            name: "string",
            maxConnectionLifetime: 0,
            data: {
                string: "string",
            },
            allowedRoles: ["string"],
            maxIdleConnections: 0,
            maxOpenConnections: 0,
            connectionUrl: "string",
            password: "string",
            pluginName: "string",
            rootRotationStatements: ["string"],
            username: "string",
            usernameTemplate: "string",
            verifyConnection: false,
        }],
    });
    
    type: vault:database:SecretsMount
    properties:
        allowedManagedKeys:
            - string
        allowedResponseHeaders:
            - string
        auditNonHmacRequestKeys:
            - string
        auditNonHmacResponseKeys:
            - string
        cassandras:
            - allowedRoles:
                - string
              connectTimeout: 0
              data:
                string: string
              hosts:
                - string
              insecureTls: false
              name: string
              password: string
              pemBundle: string
              pemJson: string
              pluginName: string
              port: 0
              protocolVersion: 0
              rootRotationStatements:
                - string
              skipVerification: false
              tls: false
              username: string
              verifyConnection: false
        couchbases:
            - allowedRoles:
                - string
              base64Pem: string
              bucketName: string
              data:
                string: string
              hosts:
                - string
              insecureTls: false
              name: string
              password: string
              pluginName: string
              rootRotationStatements:
                - string
              tls: false
              username: string
              usernameTemplate: string
              verifyConnection: false
        defaultLeaseTtlSeconds: 0
        delegatedAuthAccessors:
            - string
        description: string
        elasticsearches:
            - allowedRoles:
                - string
              caCert: string
              caPath: string
              clientCert: string
              clientKey: string
              data:
                string: string
              insecure: false
              name: string
              password: string
              pluginName: string
              rootRotationStatements:
                - string
              tlsServerName: string
              url: string
              username: string
              usernameTemplate: string
              verifyConnection: false
        externalEntropyAccess: false
        hanas:
            - allowedRoles:
                - string
              connectionUrl: string
              data:
                string: string
              disableEscaping: false
              maxConnectionLifetime: 0
              maxIdleConnections: 0
              maxOpenConnections: 0
              name: string
              password: string
              pluginName: string
              rootRotationStatements:
                - string
              username: string
              verifyConnection: false
        identityTokenKey: string
        influxdbs:
            - allowedRoles:
                - string
              connectTimeout: 0
              data:
                string: string
              host: string
              insecureTls: false
              name: string
              password: string
              pemBundle: string
              pemJson: string
              pluginName: string
              port: 0
              rootRotationStatements:
                - string
              tls: false
              username: string
              usernameTemplate: string
              verifyConnection: false
        listingVisibility: string
        local: false
        maxLeaseTtlSeconds: 0
        mongodbatlas:
            - allowedRoles:
                - string
              data:
                string: string
              name: string
              pluginName: string
              privateKey: string
              projectId: string
              publicKey: string
              rootRotationStatements:
                - string
              verifyConnection: false
        mongodbs:
            - allowedRoles:
                - string
              connectionUrl: string
              data:
                string: string
              maxConnectionLifetime: 0
              maxIdleConnections: 0
              maxOpenConnections: 0
              name: string
              password: string
              pluginName: string
              rootRotationStatements:
                - string
              username: string
              usernameTemplate: string
              verifyConnection: false
        mssqls:
            - allowedRoles:
                - string
              connectionUrl: string
              containedDb: false
              data:
                string: string
              disableEscaping: false
              maxConnectionLifetime: 0
              maxIdleConnections: 0
              maxOpenConnections: 0
              name: string
              password: string
              pluginName: string
              rootRotationStatements:
                - string
              username: string
              usernameTemplate: string
              verifyConnection: false
        mysqlAuroras:
            - allowedRoles:
                - string
              authType: string
              connectionUrl: string
              data:
                string: string
              maxConnectionLifetime: 0
              maxIdleConnections: 0
              maxOpenConnections: 0
              name: string
              password: string
              pluginName: string
              rootRotationStatements:
                - string
              serviceAccountJson: string
              tlsCa: string
              tlsCertificateKey: string
              username: string
              usernameTemplate: string
              verifyConnection: false
        mysqlLegacies:
            - allowedRoles:
                - string
              authType: string
              connectionUrl: string
              data:
                string: string
              maxConnectionLifetime: 0
              maxIdleConnections: 0
              maxOpenConnections: 0
              name: string
              password: string
              pluginName: string
              rootRotationStatements:
                - string
              serviceAccountJson: string
              tlsCa: string
              tlsCertificateKey: string
              username: string
              usernameTemplate: string
              verifyConnection: false
        mysqlRds:
            - allowedRoles:
                - string
              authType: string
              connectionUrl: string
              data:
                string: string
              maxConnectionLifetime: 0
              maxIdleConnections: 0
              maxOpenConnections: 0
              name: string
              password: string
              pluginName: string
              rootRotationStatements:
                - string
              serviceAccountJson: string
              tlsCa: string
              tlsCertificateKey: string
              username: string
              usernameTemplate: string
              verifyConnection: false
        mysqls:
            - allowedRoles:
                - string
              authType: string
              connectionUrl: string
              data:
                string: string
              maxConnectionLifetime: 0
              maxIdleConnections: 0
              maxOpenConnections: 0
              name: string
              password: string
              pluginName: string
              rootRotationStatements:
                - string
              serviceAccountJson: string
              tlsCa: string
              tlsCertificateKey: string
              username: string
              usernameTemplate: string
              verifyConnection: false
        namespace: string
        options:
            string: string
        oracles:
            - allowedRoles:
                - string
              connectionUrl: string
              data:
                string: string
              disconnectSessions: false
              maxConnectionLifetime: 0
              maxIdleConnections: 0
              maxOpenConnections: 0
              name: string
              password: string
              pluginName: string
              rootRotationStatements:
                - string
              splitStatements: false
              username: string
              usernameTemplate: string
              verifyConnection: false
        passthroughRequestHeaders:
            - string
        path: string
        pluginVersion: string
        postgresqls:
            - allowedRoles:
                - string
              authType: string
              connectionUrl: string
              data:
                string: string
              disableEscaping: false
              maxConnectionLifetime: 0
              maxIdleConnections: 0
              maxOpenConnections: 0
              name: string
              password: string
              pluginName: string
              privateKey: string
              rootRotationStatements:
                - string
              selfManaged: false
              serviceAccountJson: string
              tlsCa: string
              tlsCertificate: string
              username: string
              usernameTemplate: string
              verifyConnection: false
        redis:
            - allowedRoles:
                - string
              caCert: string
              data:
                string: string
              host: string
              insecureTls: false
              name: string
              password: string
              pluginName: string
              port: 0
              rootRotationStatements:
                - string
              tls: false
              username: string
              verifyConnection: false
        redisElasticaches:
            - allowedRoles:
                - string
              data:
                string: string
              name: string
              password: string
              pluginName: string
              region: string
              rootRotationStatements:
                - string
              url: string
              username: string
              verifyConnection: false
        redshifts:
            - allowedRoles:
                - string
              connectionUrl: string
              data:
                string: string
              disableEscaping: false
              maxConnectionLifetime: 0
              maxIdleConnections: 0
              maxOpenConnections: 0
              name: string
              password: string
              pluginName: string
              rootRotationStatements:
                - string
              username: string
              usernameTemplate: string
              verifyConnection: false
        sealWrap: false
        snowflakes:
            - allowedRoles:
                - string
              connectionUrl: string
              data:
                string: string
              maxConnectionLifetime: 0
              maxIdleConnections: 0
              maxOpenConnections: 0
              name: string
              password: string
              pluginName: string
              rootRotationStatements:
                - string
              username: string
              usernameTemplate: string
              verifyConnection: false
    

    SecretsMount Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

    The SecretsMount resource accepts the following input properties:

    Path string
    Where the secret backend will be mounted
    AllowedManagedKeys List<string>

    Set of managed key registry entry names that the mount in question is allowed to access

    The following arguments are common to all database engines:

    AllowedResponseHeaders List<string>
    List of headers to allow and pass from the request to the plugin
    AuditNonHmacRequestKeys List<string>
    Specifies the list of keys that will not be HMAC'd by audit devices in the request data object.
    AuditNonHmacResponseKeys List<string>
    Specifies the list of keys that will not be HMAC'd by audit devices in the response data object.
    Cassandras List<SecretsMountCassandra>
    A nested block containing configuration options for Cassandra connections.
    See Configuration Options for more info
    Couchbases List<SecretsMountCouchbase>
    A nested block containing configuration options for Couchbase connections.
    See Configuration Options for more info
    DefaultLeaseTtlSeconds int
    Default lease duration for tokens and secrets in seconds
    DelegatedAuthAccessors List<string>
    List of headers to allow and pass from the request to the plugin
    Description string
    Human-friendly description of the mount
    Elasticsearches List<SecretsMountElasticsearch>
    A nested block containing configuration options for Elasticsearch connections.
    See Configuration Options for more info
    ExternalEntropyAccess bool
    Boolean flag that can be explicitly set to true to enable the secrets engine to access Vault's external entropy source
    Hanas List<SecretsMountHana>
    A nested block containing configuration options for SAP HanaDB connections.
    See Configuration Options for more info
    IdentityTokenKey string
    The key to use for signing plugin workload identity tokens
    Influxdbs List<SecretsMountInfluxdb>
    A nested block containing configuration options for InfluxDB connections.
    See Configuration Options for more info
    ListingVisibility string
    Specifies whether to show this mount in the UI-specific listing endpoint
    Local bool
    Boolean flag that can be explicitly set to true to enforce local mount in HA environment
    MaxLeaseTtlSeconds int
    Maximum possible lease duration for tokens and secrets in seconds
    Mongodbatlas List<SecretsMountMongodbatla>
    A nested block containing configuration options for MongoDB Atlas connections.
    See Configuration Options for more info
    Mongodbs List<SecretsMountMongodb>
    A nested block containing configuration options for MongoDB connections.
    See Configuration Options for more info
    Mssqls List<SecretsMountMssql>
    A nested block containing configuration options for MSSQL connections.
    See Configuration Options for more info
    MysqlAuroras List<SecretsMountMysqlAurora>
    A nested block containing configuration options for Aurora MySQL connections.
    See Configuration Options for more info
    MysqlLegacies List<SecretsMountMysqlLegacy>
    A nested block containing configuration options for legacy MySQL connections.
    See Configuration Options for more info
    MysqlRds List<SecretsMountMysqlRd>
    A nested block containing configuration options for RDS MySQL connections.
    See Configuration Options for more info
    Mysqls List<SecretsMountMysql>
    A nested block containing configuration options for MySQL connections.
    See Configuration Options for more info
    Namespace string
    Target namespace. (requires Enterprise)
    Options Dictionary<string, string>
    Specifies mount type specific options that are passed to the backend
    Oracles List<SecretsMountOracle>
    A nested block containing configuration options for Oracle connections.
    See Configuration Options for more info
    PassthroughRequestHeaders List<string>
    List of headers to allow and pass from the request to the plugin
    PluginVersion string
    Specifies the semantic version of the plugin to use, e.g. 'v1.0.0'
    Postgresqls List<SecretsMountPostgresql>
    A nested block containing configuration options for PostgreSQL connections.
    See Configuration Options for more info
    Redis List<SecretsMountRedi>
    A nested block containing configuration options for Redis connections.
    See Configuration Options for more info
    RedisElasticaches List<SecretsMountRedisElasticach>
    A nested block containing configuration options for Redis ElastiCache connections.
    See Configuration Options for more info
    Redshifts List<SecretsMountRedshift>
    A nested block containing configuration options for AWS Redshift connections.
    See Configuration Options for more info
    SealWrap bool
    Boolean flag that can be explicitly set to true to enable seal wrapping for the mount, causing values stored by the mount to be wrapped by the seal's encryption capability
    Snowflakes List<SecretsMountSnowflake>
    A nested block containing configuration options for Snowflake connections.
    See Configuration Options for more info
    Path string
    Where the secret backend will be mounted
    AllowedManagedKeys []string

    Set of managed key registry entry names that the mount in question is allowed to access

    The following arguments are common to all database engines:

    AllowedResponseHeaders []string
    List of headers to allow and pass from the request to the plugin
    AuditNonHmacRequestKeys []string
    Specifies the list of keys that will not be HMAC'd by audit devices in the request data object.
    AuditNonHmacResponseKeys []string
    Specifies the list of keys that will not be HMAC'd by audit devices in the response data object.
    Cassandras []SecretsMountCassandraArgs
    A nested block containing configuration options for Cassandra connections.
    See Configuration Options for more info
    Couchbases []SecretsMountCouchbaseArgs
    A nested block containing configuration options for Couchbase connections.
    See Configuration Options for more info
    DefaultLeaseTtlSeconds int
    Default lease duration for tokens and secrets in seconds
    DelegatedAuthAccessors []string
    List of headers to allow and pass from the request to the plugin
    Description string
    Human-friendly description of the mount
    Elasticsearches []SecretsMountElasticsearchArgs
    A nested block containing configuration options for Elasticsearch connections.
    See Configuration Options for more info
    ExternalEntropyAccess bool
    Boolean flag that can be explicitly set to true to enable the secrets engine to access Vault's external entropy source
    Hanas []SecretsMountHanaArgs
    A nested block containing configuration options for SAP HanaDB connections.
    See Configuration Options for more info
    IdentityTokenKey string
    The key to use for signing plugin workload identity tokens
    Influxdbs []SecretsMountInfluxdbArgs
    A nested block containing configuration options for InfluxDB connections.
    See Configuration Options for more info
    ListingVisibility string
    Specifies whether to show this mount in the UI-specific listing endpoint
    Local bool
    Boolean flag that can be explicitly set to true to enforce local mount in HA environment
    MaxLeaseTtlSeconds int
    Maximum possible lease duration for tokens and secrets in seconds
    Mongodbatlas []SecretsMountMongodbatlaArgs
    A nested block containing configuration options for MongoDB Atlas connections.
    See Configuration Options for more info
    Mongodbs []SecretsMountMongodbArgs
    A nested block containing configuration options for MongoDB connections.
    See Configuration Options for more info
    Mssqls []SecretsMountMssqlArgs
    A nested block containing configuration options for MSSQL connections.
    See Configuration Options for more info
    MysqlAuroras []SecretsMountMysqlAuroraArgs
    A nested block containing configuration options for Aurora MySQL connections.
    See Configuration Options for more info
    MysqlLegacies []SecretsMountMysqlLegacyArgs
    A nested block containing configuration options for legacy MySQL connections.
    See Configuration Options for more info
    MysqlRds []SecretsMountMysqlRdArgs
    A nested block containing configuration options for RDS MySQL connections.
    See Configuration Options for more info
    Mysqls []SecretsMountMysqlArgs
    A nested block containing configuration options for MySQL connections.
    See Configuration Options for more info
    Namespace string
    Target namespace. (requires Enterprise)
    Options map[string]string
    Specifies mount type specific options that are passed to the backend
    Oracles []SecretsMountOracleArgs
    A nested block containing configuration options for Oracle connections.
    See Configuration Options for more info
    PassthroughRequestHeaders []string
    List of headers to allow and pass from the request to the plugin
    PluginVersion string
    Specifies the semantic version of the plugin to use, e.g. 'v1.0.0'
    Postgresqls []SecretsMountPostgresqlArgs
    A nested block containing configuration options for PostgreSQL connections.
    See Configuration Options for more info
    Redis []SecretsMountRediArgs
    A nested block containing configuration options for Redis connections.
    See Configuration Options for more info
    RedisElasticaches []SecretsMountRedisElasticachArgs
    A nested block containing configuration options for Redis ElastiCache connections.
    See Configuration Options for more info
    Redshifts []SecretsMountRedshiftArgs
    A nested block containing configuration options for AWS Redshift connections.
    See Configuration Options for more info
    SealWrap bool
    Boolean flag that can be explicitly set to true to enable seal wrapping for the mount, causing values stored by the mount to be wrapped by the seal's encryption capability
    Snowflakes []SecretsMountSnowflakeArgs
    A nested block containing configuration options for Snowflake connections.
    See Configuration Options for more info
    path String
    Where the secret backend will be mounted
    allowedManagedKeys List<String>

    Set of managed key registry entry names that the mount in question is allowed to access

    The following arguments are common to all database engines:

    allowedResponseHeaders List<String>
    List of headers to allow and pass from the request to the plugin
    auditNonHmacRequestKeys List<String>
    Specifies the list of keys that will not be HMAC'd by audit devices in the request data object.
    auditNonHmacResponseKeys List<String>
    Specifies the list of keys that will not be HMAC'd by audit devices in the response data object.
    cassandras List<SecretsMountCassandra>
    A nested block containing configuration options for Cassandra connections.
    See Configuration Options for more info
    couchbases List<SecretsMountCouchbase>
    A nested block containing configuration options for Couchbase connections.
    See Configuration Options for more info
    defaultLeaseTtlSeconds Integer
    Default lease duration for tokens and secrets in seconds
    delegatedAuthAccessors List<String>
    List of headers to allow and pass from the request to the plugin
    description String
    Human-friendly description of the mount
    elasticsearches List<SecretsMountElasticsearch>
    A nested block containing configuration options for Elasticsearch connections.
    See Configuration Options for more info
    externalEntropyAccess Boolean
    Boolean flag that can be explicitly set to true to enable the secrets engine to access Vault's external entropy source
    hanas List<SecretsMountHana>
    A nested block containing configuration options for SAP HanaDB connections.
    See Configuration Options for more info
    identityTokenKey String
    The key to use for signing plugin workload identity tokens
    influxdbs List<SecretsMountInfluxdb>
    A nested block containing configuration options for InfluxDB connections.
    See Configuration Options for more info
    listingVisibility String
    Specifies whether to show this mount in the UI-specific listing endpoint
    local Boolean
    Boolean flag that can be explicitly set to true to enforce local mount in HA environment
    maxLeaseTtlSeconds Integer
    Maximum possible lease duration for tokens and secrets in seconds
    mongodbatlas List<SecretsMountMongodbatla>
    A nested block containing configuration options for MongoDB Atlas connections.
    See Configuration Options for more info
    mongodbs List<SecretsMountMongodb>
    A nested block containing configuration options for MongoDB connections.
    See Configuration Options for more info
    mssqls List<SecretsMountMssql>
    A nested block containing configuration options for MSSQL connections.
    See Configuration Options for more info
    mysqlAuroras List<SecretsMountMysqlAurora>
    A nested block containing configuration options for Aurora MySQL connections.
    See Configuration Options for more info
    mysqlLegacies List<SecretsMountMysqlLegacy>
    A nested block containing configuration options for legacy MySQL connections.
    See Configuration Options for more info
    mysqlRds List<SecretsMountMysqlRd>
    A nested block containing configuration options for RDS MySQL connections.
    See Configuration Options for more info
    mysqls List<SecretsMountMysql>
    A nested block containing configuration options for MySQL connections.
    See Configuration Options for more info
    namespace String
    Target namespace. (requires Enterprise)
    options Map<String,String>
    Specifies mount type specific options that are passed to the backend
    oracles List<SecretsMountOracle>
    A nested block containing configuration options for Oracle connections.
    See Configuration Options for more info
    passthroughRequestHeaders List<String>
    List of headers to allow and pass from the request to the plugin
    pluginVersion String
    Specifies the semantic version of the plugin to use, e.g. 'v1.0.0'
    postgresqls List<SecretsMountPostgresql>
    A nested block containing configuration options for PostgreSQL connections.
    See Configuration Options for more info
    redis List<SecretsMountRedi>
    A nested block containing configuration options for Redis connections.
    See Configuration Options for more info
    redisElasticaches List<SecretsMountRedisElasticach>
    A nested block containing configuration options for Redis ElastiCache connections.
    See Configuration Options for more info
    redshifts List<SecretsMountRedshift>
    A nested block containing configuration options for AWS Redshift connections.
    See Configuration Options for more info
    sealWrap Boolean
    Boolean flag that can be explicitly set to true to enable seal wrapping for the mount, causing values stored by the mount to be wrapped by the seal's encryption capability
    snowflakes List<SecretsMountSnowflake>
    A nested block containing configuration options for Snowflake connections.
    See Configuration Options for more info
    path string
    Where the secret backend will be mounted
    allowedManagedKeys string[]

    Set of managed key registry entry names that the mount in question is allowed to access

    The following arguments are common to all database engines:

    allowedResponseHeaders string[]
    List of headers to allow and pass from the request to the plugin
    auditNonHmacRequestKeys string[]
    Specifies the list of keys that will not be HMAC'd by audit devices in the request data object.
    auditNonHmacResponseKeys string[]
    Specifies the list of keys that will not be HMAC'd by audit devices in the response data object.
    cassandras SecretsMountCassandra[]
    A nested block containing configuration options for Cassandra connections.
    See Configuration Options for more info
    couchbases SecretsMountCouchbase[]
    A nested block containing configuration options for Couchbase connections.
    See Configuration Options for more info
    defaultLeaseTtlSeconds number
    Default lease duration for tokens and secrets in seconds
    delegatedAuthAccessors string[]
    List of headers to allow and pass from the request to the plugin
    description string
    Human-friendly description of the mount
    elasticsearches SecretsMountElasticsearch[]
    A nested block containing configuration options for Elasticsearch connections.
    See Configuration Options for more info
    externalEntropyAccess boolean
    Boolean flag that can be explicitly set to true to enable the secrets engine to access Vault's external entropy source
    hanas SecretsMountHana[]
    A nested block containing configuration options for SAP HanaDB connections.
    See Configuration Options for more info
    identityTokenKey string
    The key to use for signing plugin workload identity tokens
    influxdbs SecretsMountInfluxdb[]
    A nested block containing configuration options for InfluxDB connections.
    See Configuration Options for more info
    listingVisibility string
    Specifies whether to show this mount in the UI-specific listing endpoint
    local boolean
    Boolean flag that can be explicitly set to true to enforce local mount in HA environment
    maxLeaseTtlSeconds number
    Maximum possible lease duration for tokens and secrets in seconds
    mongodbatlas SecretsMountMongodbatla[]
    A nested block containing configuration options for MongoDB Atlas connections.
    See Configuration Options for more info
    mongodbs SecretsMountMongodb[]
    A nested block containing configuration options for MongoDB connections.
    See Configuration Options for more info
    mssqls SecretsMountMssql[]
    A nested block containing configuration options for MSSQL connections.
    See Configuration Options for more info
    mysqlAuroras SecretsMountMysqlAurora[]
    A nested block containing configuration options for Aurora MySQL connections.
    See Configuration Options for more info
    mysqlLegacies SecretsMountMysqlLegacy[]
    A nested block containing configuration options for legacy MySQL connections.
    See Configuration Options for more info
    mysqlRds SecretsMountMysqlRd[]
    A nested block containing configuration options for RDS MySQL connections.
    See Configuration Options for more info
    mysqls SecretsMountMysql[]
    A nested block containing configuration options for MySQL connections.
    See Configuration Options for more info
    namespace string
    Target namespace. (requires Enterprise)
    options {[key: string]: string}
    Specifies mount type specific options that are passed to the backend
    oracles SecretsMountOracle[]
    A nested block containing configuration options for Oracle connections.
    See Configuration Options for more info
    passthroughRequestHeaders string[]
    List of headers to allow and pass from the request to the plugin
    pluginVersion string
    Specifies the semantic version of the plugin to use, e.g. 'v1.0.0'
    postgresqls SecretsMountPostgresql[]
    A nested block containing configuration options for PostgreSQL connections.
    See Configuration Options for more info
    redis SecretsMountRedi[]
    A nested block containing configuration options for Redis connections.
    See Configuration Options for more info
    redisElasticaches SecretsMountRedisElasticach[]
    A nested block containing configuration options for Redis ElastiCache connections.
    See Configuration Options for more info
    redshifts SecretsMountRedshift[]
    A nested block containing configuration options for AWS Redshift connections.
    See Configuration Options for more info
    sealWrap boolean
    Boolean flag that can be explicitly set to true to enable seal wrapping for the mount, causing values stored by the mount to be wrapped by the seal's encryption capability
    snowflakes SecretsMountSnowflake[]
    A nested block containing configuration options for Snowflake connections.
    See Configuration Options for more info
    path str
    Where the secret backend will be mounted
    allowed_managed_keys Sequence[str]

    Set of managed key registry entry names that the mount in question is allowed to access

    The following arguments are common to all database engines:

    allowed_response_headers Sequence[str]
    List of headers to allow and pass from the request to the plugin
    audit_non_hmac_request_keys Sequence[str]
    Specifies the list of keys that will not be HMAC'd by audit devices in the request data object.
    audit_non_hmac_response_keys Sequence[str]
    Specifies the list of keys that will not be HMAC'd by audit devices in the response data object.
    cassandras Sequence[SecretsMountCassandraArgs]
    A nested block containing configuration options for Cassandra connections.
    See Configuration Options for more info
    couchbases Sequence[SecretsMountCouchbaseArgs]
    A nested block containing configuration options for Couchbase connections.
    See Configuration Options for more info
    default_lease_ttl_seconds int
    Default lease duration for tokens and secrets in seconds
    delegated_auth_accessors Sequence[str]
    List of headers to allow and pass from the request to the plugin
    description str
    Human-friendly description of the mount
    elasticsearches Sequence[SecretsMountElasticsearchArgs]
    A nested block containing configuration options for Elasticsearch connections.
    See Configuration Options for more info
    external_entropy_access bool
    Boolean flag that can be explicitly set to true to enable the secrets engine to access Vault's external entropy source
    hanas Sequence[SecretsMountHanaArgs]
    A nested block containing configuration options for SAP HanaDB connections.
    See Configuration Options for more info
    identity_token_key str
    The key to use for signing plugin workload identity tokens
    influxdbs Sequence[SecretsMountInfluxdbArgs]
    A nested block containing configuration options for InfluxDB connections.
    See Configuration Options for more info
    listing_visibility str
    Specifies whether to show this mount in the UI-specific listing endpoint
    local bool
    Boolean flag that can be explicitly set to true to enforce local mount in HA environment
    max_lease_ttl_seconds int
    Maximum possible lease duration for tokens and secrets in seconds
    mongodbatlas Sequence[SecretsMountMongodbatlaArgs]
    A nested block containing configuration options for MongoDB Atlas connections.
    See Configuration Options for more info
    mongodbs Sequence[SecretsMountMongodbArgs]
    A nested block containing configuration options for MongoDB connections.
    See Configuration Options for more info
    mssqls Sequence[SecretsMountMssqlArgs]
    A nested block containing configuration options for MSSQL connections.
    See Configuration Options for more info
    mysql_auroras Sequence[SecretsMountMysqlAuroraArgs]
    A nested block containing configuration options for Aurora MySQL connections.
    See Configuration Options for more info
    mysql_legacies Sequence[SecretsMountMysqlLegacyArgs]
    A nested block containing configuration options for legacy MySQL connections.
    See Configuration Options for more info
    mysql_rds Sequence[SecretsMountMysqlRdArgs]
    A nested block containing configuration options for RDS MySQL connections.
    See Configuration Options for more info
    mysqls Sequence[SecretsMountMysqlArgs]
    A nested block containing configuration options for MySQL connections.
    See Configuration Options for more info
    namespace str
    Target namespace. (requires Enterprise)
    options Mapping[str, str]
    Specifies mount type specific options that are passed to the backend
    oracles Sequence[SecretsMountOracleArgs]
    A nested block containing configuration options for Oracle connections.
    See Configuration Options for more info
    passthrough_request_headers Sequence[str]
    List of headers to allow and pass from the request to the plugin
    plugin_version str
    Specifies the semantic version of the plugin to use, e.g. 'v1.0.0'
    postgresqls Sequence[SecretsMountPostgresqlArgs]
    A nested block containing configuration options for PostgreSQL connections.
    See Configuration Options for more info
    redis Sequence[SecretsMountRediArgs]
    A nested block containing configuration options for Redis connections.
    See Configuration Options for more info
    redis_elasticaches Sequence[SecretsMountRedisElasticachArgs]
    A nested block containing configuration options for Redis ElastiCache connections.
    See Configuration Options for more info
    redshifts Sequence[SecretsMountRedshiftArgs]
    A nested block containing configuration options for AWS Redshift connections.
    See Configuration Options for more info
    seal_wrap bool
    Boolean flag that can be explicitly set to true to enable seal wrapping for the mount, causing values stored by the mount to be wrapped by the seal's encryption capability
    snowflakes Sequence[SecretsMountSnowflakeArgs]
    A nested block containing configuration options for Snowflake connections.
    See Configuration Options for more info
    path String
    Where the secret backend will be mounted
    allowedManagedKeys List<String>

    Set of managed key registry entry names that the mount in question is allowed to access

    The following arguments are common to all database engines:

    allowedResponseHeaders List<String>
    List of headers to allow and pass from the request to the plugin
    auditNonHmacRequestKeys List<String>
    Specifies the list of keys that will not be HMAC'd by audit devices in the request data object.
    auditNonHmacResponseKeys List<String>
    Specifies the list of keys that will not be HMAC'd by audit devices in the response data object.
    cassandras List<Property Map>
    A nested block containing configuration options for Cassandra connections.
    See Configuration Options for more info
    couchbases List<Property Map>
    A nested block containing configuration options for Couchbase connections.
    See Configuration Options for more info
    defaultLeaseTtlSeconds Number
    Default lease duration for tokens and secrets in seconds
    delegatedAuthAccessors List<String>
    List of headers to allow and pass from the request to the plugin
    description String
    Human-friendly description of the mount
    elasticsearches List<Property Map>
    A nested block containing configuration options for Elasticsearch connections.
    See Configuration Options for more info
    externalEntropyAccess Boolean
    Boolean flag that can be explicitly set to true to enable the secrets engine to access Vault's external entropy source
    hanas List<Property Map>
    A nested block containing configuration options for SAP HanaDB connections.
    See Configuration Options for more info
    identityTokenKey String
    The key to use for signing plugin workload identity tokens
    influxdbs List<Property Map>
    A nested block containing configuration options for InfluxDB connections.
    See Configuration Options for more info
    listingVisibility String
    Specifies whether to show this mount in the UI-specific listing endpoint
    local Boolean
    Boolean flag that can be explicitly set to true to enforce local mount in HA environment
    maxLeaseTtlSeconds Number
    Maximum possible lease duration for tokens and secrets in seconds
    mongodbatlas List<Property Map>
    A nested block containing configuration options for MongoDB Atlas connections.
    See Configuration Options for more info
    mongodbs List<Property Map>
    A nested block containing configuration options for MongoDB connections.
    See Configuration Options for more info
    mssqls List<Property Map>
    A nested block containing configuration options for MSSQL connections.
    See Configuration Options for more info
    mysqlAuroras List<Property Map>
    A nested block containing configuration options for Aurora MySQL connections.
    See Configuration Options for more info
    mysqlLegacies List<Property Map>
    A nested block containing configuration options for legacy MySQL connections.
    See Configuration Options for more info
    mysqlRds List<Property Map>
    A nested block containing configuration options for RDS MySQL connections.
    See Configuration Options for more info
    mysqls List<Property Map>
    A nested block containing configuration options for MySQL connections.
    See Configuration Options for more info
    namespace String
    Target namespace. (requires Enterprise)
    options Map<String>
    Specifies mount type specific options that are passed to the backend
    oracles List<Property Map>
    A nested block containing configuration options for Oracle connections.
    See Configuration Options for more info
    passthroughRequestHeaders List<String>
    List of headers to allow and pass from the request to the plugin
    pluginVersion String
    Specifies the semantic version of the plugin to use, e.g. 'v1.0.0'
    postgresqls List<Property Map>
    A nested block containing configuration options for PostgreSQL connections.
    See Configuration Options for more info
    redis List<Property Map>
    A nested block containing configuration options for Redis connections.
    See Configuration Options for more info
    redisElasticaches List<Property Map>
    A nested block containing configuration options for Redis ElastiCache connections.
    See Configuration Options for more info
    redshifts List<Property Map>
    A nested block containing configuration options for AWS Redshift connections.
    See Configuration Options for more info
    sealWrap Boolean
    Boolean flag that can be explicitly set to true to enable seal wrapping for the mount, causing values stored by the mount to be wrapped by the seal's encryption capability
    snowflakes List<Property Map>
    A nested block containing configuration options for Snowflake connections.
    See Configuration Options for more info

    Outputs

    All input properties are implicitly available as output properties. Additionally, the SecretsMount resource produces the following output properties:

    Accessor string
    Accessor of the mount
    EngineCount int
    The total number of database secrets engines configured.
    Id string
    The provider-assigned unique ID for this managed resource.
    Accessor string
    Accessor of the mount
    EngineCount int
    The total number of database secrets engines configured.
    Id string
    The provider-assigned unique ID for this managed resource.
    accessor String
    Accessor of the mount
    engineCount Integer
    The total number of database secrets engines configured.
    id String
    The provider-assigned unique ID for this managed resource.
    accessor string
    Accessor of the mount
    engineCount number
    The total number of database secrets engines configured.
    id string
    The provider-assigned unique ID for this managed resource.
    accessor str
    Accessor of the mount
    engine_count int
    The total number of database secrets engines configured.
    id str
    The provider-assigned unique ID for this managed resource.
    accessor String
    Accessor of the mount
    engineCount Number
    The total number of database secrets engines configured.
    id String
    The provider-assigned unique ID for this managed resource.

    Look up Existing SecretsMount Resource

    Get an existing SecretsMount resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: SecretsMountState, opts?: CustomResourceOptions): SecretsMount
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            accessor: Optional[str] = None,
            allowed_managed_keys: Optional[Sequence[str]] = None,
            allowed_response_headers: Optional[Sequence[str]] = None,
            audit_non_hmac_request_keys: Optional[Sequence[str]] = None,
            audit_non_hmac_response_keys: Optional[Sequence[str]] = None,
            cassandras: Optional[Sequence[SecretsMountCassandraArgs]] = None,
            couchbases: Optional[Sequence[SecretsMountCouchbaseArgs]] = None,
            default_lease_ttl_seconds: Optional[int] = None,
            delegated_auth_accessors: Optional[Sequence[str]] = None,
            description: Optional[str] = None,
            elasticsearches: Optional[Sequence[SecretsMountElasticsearchArgs]] = None,
            engine_count: Optional[int] = None,
            external_entropy_access: Optional[bool] = None,
            hanas: Optional[Sequence[SecretsMountHanaArgs]] = None,
            identity_token_key: Optional[str] = None,
            influxdbs: Optional[Sequence[SecretsMountInfluxdbArgs]] = None,
            listing_visibility: Optional[str] = None,
            local: Optional[bool] = None,
            max_lease_ttl_seconds: Optional[int] = None,
            mongodbatlas: Optional[Sequence[SecretsMountMongodbatlaArgs]] = None,
            mongodbs: Optional[Sequence[SecretsMountMongodbArgs]] = None,
            mssqls: Optional[Sequence[SecretsMountMssqlArgs]] = None,
            mysql_auroras: Optional[Sequence[SecretsMountMysqlAuroraArgs]] = None,
            mysql_legacies: Optional[Sequence[SecretsMountMysqlLegacyArgs]] = None,
            mysql_rds: Optional[Sequence[SecretsMountMysqlRdArgs]] = None,
            mysqls: Optional[Sequence[SecretsMountMysqlArgs]] = None,
            namespace: Optional[str] = None,
            options: Optional[Mapping[str, str]] = None,
            oracles: Optional[Sequence[SecretsMountOracleArgs]] = None,
            passthrough_request_headers: Optional[Sequence[str]] = None,
            path: Optional[str] = None,
            plugin_version: Optional[str] = None,
            postgresqls: Optional[Sequence[SecretsMountPostgresqlArgs]] = None,
            redis: Optional[Sequence[SecretsMountRediArgs]] = None,
            redis_elasticaches: Optional[Sequence[SecretsMountRedisElasticachArgs]] = None,
            redshifts: Optional[Sequence[SecretsMountRedshiftArgs]] = None,
            seal_wrap: Optional[bool] = None,
            snowflakes: Optional[Sequence[SecretsMountSnowflakeArgs]] = None) -> SecretsMount
    func GetSecretsMount(ctx *Context, name string, id IDInput, state *SecretsMountState, opts ...ResourceOption) (*SecretsMount, error)
    public static SecretsMount Get(string name, Input<string> id, SecretsMountState? state, CustomResourceOptions? opts = null)
    public static SecretsMount get(String name, Output<String> id, SecretsMountState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    Accessor string
    Accessor of the mount
    AllowedManagedKeys List<string>

    Set of managed key registry entry names that the mount in question is allowed to access

    The following arguments are common to all database engines:

    AllowedResponseHeaders List<string>
    List of headers to allow and pass from the request to the plugin
    AuditNonHmacRequestKeys List<string>
    Specifies the list of keys that will not be HMAC'd by audit devices in the request data object.
    AuditNonHmacResponseKeys List<string>
    Specifies the list of keys that will not be HMAC'd by audit devices in the response data object.
    Cassandras List<SecretsMountCassandra>
    A nested block containing configuration options for Cassandra connections.
    See Configuration Options for more info
    Couchbases List<SecretsMountCouchbase>
    A nested block containing configuration options for Couchbase connections.
    See Configuration Options for more info
    DefaultLeaseTtlSeconds int
    Default lease duration for tokens and secrets in seconds
    DelegatedAuthAccessors List<string>
    List of headers to allow and pass from the request to the plugin
    Description string
    Human-friendly description of the mount
    Elasticsearches List<SecretsMountElasticsearch>
    A nested block containing configuration options for Elasticsearch connections.
    See Configuration Options for more info
    EngineCount int
    The total number of database secrets engines configured.
    ExternalEntropyAccess bool
    Boolean flag that can be explicitly set to true to enable the secrets engine to access Vault's external entropy source
    Hanas List<SecretsMountHana>
    A nested block containing configuration options for SAP HanaDB connections.
    See Configuration Options for more info
    IdentityTokenKey string
    The key to use for signing plugin workload identity tokens
    Influxdbs List<SecretsMountInfluxdb>
    A nested block containing configuration options for InfluxDB connections.
    See Configuration Options for more info
    ListingVisibility string
    Specifies whether to show this mount in the UI-specific listing endpoint
    Local bool
    Boolean flag that can be explicitly set to true to enforce local mount in HA environment
    MaxLeaseTtlSeconds int
    Maximum possible lease duration for tokens and secrets in seconds
    Mongodbatlas List<SecretsMountMongodbatla>
    A nested block containing configuration options for MongoDB Atlas connections.
    See Configuration Options for more info
    Mongodbs List<SecretsMountMongodb>
    A nested block containing configuration options for MongoDB connections.
    See Configuration Options for more info
    Mssqls List<SecretsMountMssql>
    A nested block containing configuration options for MSSQL connections.
    See Configuration Options for more info
    MysqlAuroras List<SecretsMountMysqlAurora>
    A nested block containing configuration options for Aurora MySQL connections.
    See Configuration Options for more info
    MysqlLegacies List<SecretsMountMysqlLegacy>
    A nested block containing configuration options for legacy MySQL connections.
    See Configuration Options for more info
    MysqlRds List<SecretsMountMysqlRd>
    A nested block containing configuration options for RDS MySQL connections.
    See Configuration Options for more info
    Mysqls List<SecretsMountMysql>
    A nested block containing configuration options for MySQL connections.
    See Configuration Options for more info
    Namespace string
    Target namespace. (requires Enterprise)
    Options Dictionary<string, string>
    Specifies mount type specific options that are passed to the backend
    Oracles List<SecretsMountOracle>
    A nested block containing configuration options for Oracle connections.
    See Configuration Options for more info
    PassthroughRequestHeaders List<string>
    List of headers to allow and pass from the request to the plugin
    Path string
    Where the secret backend will be mounted
    PluginVersion string
    Specifies the semantic version of the plugin to use, e.g. 'v1.0.0'
    Postgresqls List<SecretsMountPostgresql>
    A nested block containing configuration options for PostgreSQL connections.
    See Configuration Options for more info
    Redis List<SecretsMountRedi>
    A nested block containing configuration options for Redis connections.
    See Configuration Options for more info
    RedisElasticaches List<SecretsMountRedisElasticach>
    A nested block containing configuration options for Redis ElastiCache connections.
    See Configuration Options for more info
    Redshifts List<SecretsMountRedshift>
    A nested block containing configuration options for AWS Redshift connections.
    See Configuration Options for more info
    SealWrap bool
    Boolean flag that can be explicitly set to true to enable seal wrapping for the mount, causing values stored by the mount to be wrapped by the seal's encryption capability
    Snowflakes List<SecretsMountSnowflake>
    A nested block containing configuration options for Snowflake connections.
    See Configuration Options for more info
    Accessor string
    Accessor of the mount
    AllowedManagedKeys []string

    Set of managed key registry entry names that the mount in question is allowed to access

    The following arguments are common to all database engines:

    AllowedResponseHeaders []string
    List of headers to allow and pass from the request to the plugin
    AuditNonHmacRequestKeys []string
    Specifies the list of keys that will not be HMAC'd by audit devices in the request data object.
    AuditNonHmacResponseKeys []string
    Specifies the list of keys that will not be HMAC'd by audit devices in the response data object.
    Cassandras []SecretsMountCassandraArgs
    A nested block containing configuration options for Cassandra connections.
    See Configuration Options for more info
    Couchbases []SecretsMountCouchbaseArgs
    A nested block containing configuration options for Couchbase connections.
    See Configuration Options for more info
    DefaultLeaseTtlSeconds int
    Default lease duration for tokens and secrets in seconds
    DelegatedAuthAccessors []string
    List of headers to allow and pass from the request to the plugin
    Description string
    Human-friendly description of the mount
    Elasticsearches []SecretsMountElasticsearchArgs
    A nested block containing configuration options for Elasticsearch connections.
    See Configuration Options for more info
    EngineCount int
    The total number of database secrets engines configured.
    ExternalEntropyAccess bool
    Boolean flag that can be explicitly set to true to enable the secrets engine to access Vault's external entropy source
    Hanas []SecretsMountHanaArgs
    A nested block containing configuration options for SAP HanaDB connections.
    See Configuration Options for more info
    IdentityTokenKey string
    The key to use for signing plugin workload identity tokens
    Influxdbs []SecretsMountInfluxdbArgs
    A nested block containing configuration options for InfluxDB connections.
    See Configuration Options for more info
    ListingVisibility string
    Specifies whether to show this mount in the UI-specific listing endpoint
    Local bool
    Boolean flag that can be explicitly set to true to enforce local mount in HA environment
    MaxLeaseTtlSeconds int
    Maximum possible lease duration for tokens and secrets in seconds
    Mongodbatlas []SecretsMountMongodbatlaArgs
    A nested block containing configuration options for MongoDB Atlas connections.
    See Configuration Options for more info
    Mongodbs []SecretsMountMongodbArgs
    A nested block containing configuration options for MongoDB connections.
    See Configuration Options for more info
    Mssqls []SecretsMountMssqlArgs
    A nested block containing configuration options for MSSQL connections.
    See Configuration Options for more info
    MysqlAuroras []SecretsMountMysqlAuroraArgs
    A nested block containing configuration options for Aurora MySQL connections.
    See Configuration Options for more info
    MysqlLegacies []SecretsMountMysqlLegacyArgs
    A nested block containing configuration options for legacy MySQL connections.
    See Configuration Options for more info
    MysqlRds []SecretsMountMysqlRdArgs
    A nested block containing configuration options for RDS MySQL connections.
    See Configuration Options for more info
    Mysqls []SecretsMountMysqlArgs
    A nested block containing configuration options for MySQL connections.
    See Configuration Options for more info
    Namespace string
    Target namespace. (requires Enterprise)
    Options map[string]string
    Specifies mount type specific options that are passed to the backend
    Oracles []SecretsMountOracleArgs
    A nested block containing configuration options for Oracle connections.
    See Configuration Options for more info
    PassthroughRequestHeaders []string
    List of headers to allow and pass from the request to the plugin
    Path string
    Where the secret backend will be mounted
    PluginVersion string
    Specifies the semantic version of the plugin to use, e.g. 'v1.0.0'
    Postgresqls []SecretsMountPostgresqlArgs
    A nested block containing configuration options for PostgreSQL connections.
    See Configuration Options for more info
    Redis []SecretsMountRediArgs
    A nested block containing configuration options for Redis connections.
    See Configuration Options for more info
    RedisElasticaches []SecretsMountRedisElasticachArgs
    A nested block containing configuration options for Redis ElastiCache connections.
    See Configuration Options for more info
    Redshifts []SecretsMountRedshiftArgs
    A nested block containing configuration options for AWS Redshift connections.
    See Configuration Options for more info
    SealWrap bool
    Boolean flag that can be explicitly set to true to enable seal wrapping for the mount, causing values stored by the mount to be wrapped by the seal's encryption capability
    Snowflakes []SecretsMountSnowflakeArgs
    A nested block containing configuration options for Snowflake connections.
    See Configuration Options for more info
    accessor String
    Accessor of the mount
    allowedManagedKeys List<String>

    Set of managed key registry entry names that the mount in question is allowed to access

    The following arguments are common to all database engines:

    allowedResponseHeaders List<String>
    List of headers to allow and pass from the request to the plugin
    auditNonHmacRequestKeys List<String>
    Specifies the list of keys that will not be HMAC'd by audit devices in the request data object.
    auditNonHmacResponseKeys List<String>
    Specifies the list of keys that will not be HMAC'd by audit devices in the response data object.
    cassandras List<SecretsMountCassandra>
    A nested block containing configuration options for Cassandra connections.
    See Configuration Options for more info
    couchbases List<SecretsMountCouchbase>
    A nested block containing configuration options for Couchbase connections.
    See Configuration Options for more info
    defaultLeaseTtlSeconds Integer
    Default lease duration for tokens and secrets in seconds
    delegatedAuthAccessors List<String>
    List of headers to allow and pass from the request to the plugin
    description String
    Human-friendly description of the mount
    elasticsearches List<SecretsMountElasticsearch>
    A nested block containing configuration options for Elasticsearch connections.
    See Configuration Options for more info
    engineCount Integer
    The total number of database secrets engines configured.
    externalEntropyAccess Boolean
    Boolean flag that can be explicitly set to true to enable the secrets engine to access Vault's external entropy source
    hanas List<SecretsMountHana>
    A nested block containing configuration options for SAP HanaDB connections.
    See Configuration Options for more info
    identityTokenKey String
    The key to use for signing plugin workload identity tokens
    influxdbs List<SecretsMountInfluxdb>
    A nested block containing configuration options for InfluxDB connections.
    See Configuration Options for more info
    listingVisibility String
    Specifies whether to show this mount in the UI-specific listing endpoint
    local Boolean
    Boolean flag that can be explicitly set to true to enforce local mount in HA environment
    maxLeaseTtlSeconds Integer
    Maximum possible lease duration for tokens and secrets in seconds
    mongodbatlas List<SecretsMountMongodbatla>
    A nested block containing configuration options for MongoDB Atlas connections.
    See Configuration Options for more info
    mongodbs List<SecretsMountMongodb>
    A nested block containing configuration options for MongoDB connections.
    See Configuration Options for more info
    mssqls List<SecretsMountMssql>
    A nested block containing configuration options for MSSQL connections.
    See Configuration Options for more info
    mysqlAuroras List<SecretsMountMysqlAurora>
    A nested block containing configuration options for Aurora MySQL connections.
    See Configuration Options for more info
    mysqlLegacies List<SecretsMountMysqlLegacy>
    A nested block containing configuration options for legacy MySQL connections.
    See Configuration Options for more info
    mysqlRds List<SecretsMountMysqlRd>
    A nested block containing configuration options for RDS MySQL connections.
    See Configuration Options for more info
    mysqls List<SecretsMountMysql>
    A nested block containing configuration options for MySQL connections.
    See Configuration Options for more info
    namespace String
    Target namespace. (requires Enterprise)
    options Map<String,String>
    Specifies mount type specific options that are passed to the backend
    oracles List<SecretsMountOracle>
    A nested block containing configuration options for Oracle connections.
    See Configuration Options for more info
    passthroughRequestHeaders List<String>
    List of headers to allow and pass from the request to the plugin
    path String
    Where the secret backend will be mounted
    pluginVersion String
    Specifies the semantic version of the plugin to use, e.g. 'v1.0.0'
    postgresqls List<SecretsMountPostgresql>
    A nested block containing configuration options for PostgreSQL connections.
    See Configuration Options for more info
    redis List<SecretsMountRedi>
    A nested block containing configuration options for Redis connections.
    See Configuration Options for more info
    redisElasticaches List<SecretsMountRedisElasticach>
    A nested block containing configuration options for Redis ElastiCache connections.
    See Configuration Options for more info
    redshifts List<SecretsMountRedshift>
    A nested block containing configuration options for AWS Redshift connections.
    See Configuration Options for more info
    sealWrap Boolean
    Boolean flag that can be explicitly set to true to enable seal wrapping for the mount, causing values stored by the mount to be wrapped by the seal's encryption capability
    snowflakes List<SecretsMountSnowflake>
    A nested block containing configuration options for Snowflake connections.
    See Configuration Options for more info
    accessor string
    Accessor of the mount
    allowedManagedKeys string[]

    Set of managed key registry entry names that the mount in question is allowed to access

    The following arguments are common to all database engines:

    allowedResponseHeaders string[]
    List of headers to allow and pass from the request to the plugin
    auditNonHmacRequestKeys string[]
    Specifies the list of keys that will not be HMAC'd by audit devices in the request data object.
    auditNonHmacResponseKeys string[]
    Specifies the list of keys that will not be HMAC'd by audit devices in the response data object.
    cassandras SecretsMountCassandra[]
    A nested block containing configuration options for Cassandra connections.
    See Configuration Options for more info
    couchbases SecretsMountCouchbase[]
    A nested block containing configuration options for Couchbase connections.
    See Configuration Options for more info
    defaultLeaseTtlSeconds number
    Default lease duration for tokens and secrets in seconds
    delegatedAuthAccessors string[]
    List of headers to allow and pass from the request to the plugin
    description string
    Human-friendly description of the mount
    elasticsearches SecretsMountElasticsearch[]
    A nested block containing configuration options for Elasticsearch connections.
    See Configuration Options for more info
    engineCount number
    The total number of database secrets engines configured.
    externalEntropyAccess boolean
    Boolean flag that can be explicitly set to true to enable the secrets engine to access Vault's external entropy source
    hanas SecretsMountHana[]
    A nested block containing configuration options for SAP HanaDB connections.
    See Configuration Options for more info
    identityTokenKey string
    The key to use for signing plugin workload identity tokens
    influxdbs SecretsMountInfluxdb[]
    A nested block containing configuration options for InfluxDB connections.
    See Configuration Options for more info
    listingVisibility string
    Specifies whether to show this mount in the UI-specific listing endpoint
    local boolean
    Boolean flag that can be explicitly set to true to enforce local mount in HA environment
    maxLeaseTtlSeconds number
    Maximum possible lease duration for tokens and secrets in seconds
    mongodbatlas SecretsMountMongodbatla[]
    A nested block containing configuration options for MongoDB Atlas connections.
    See Configuration Options for more info
    mongodbs SecretsMountMongodb[]
    A nested block containing configuration options for MongoDB connections.
    See Configuration Options for more info
    mssqls SecretsMountMssql[]
    A nested block containing configuration options for MSSQL connections.
    See Configuration Options for more info
    mysqlAuroras SecretsMountMysqlAurora[]
    A nested block containing configuration options for Aurora MySQL connections.
    See Configuration Options for more info
    mysqlLegacies SecretsMountMysqlLegacy[]
    A nested block containing configuration options for legacy MySQL connections.
    See Configuration Options for more info
    mysqlRds SecretsMountMysqlRd[]
    A nested block containing configuration options for RDS MySQL connections.
    See Configuration Options for more info
    mysqls SecretsMountMysql[]
    A nested block containing configuration options for MySQL connections.
    See Configuration Options for more info
    namespace string
    Target namespace. (requires Enterprise)
    options {[key: string]: string}
    Specifies mount type specific options that are passed to the backend
    oracles SecretsMountOracle[]
    A nested block containing configuration options for Oracle connections.
    See Configuration Options for more info
    passthroughRequestHeaders string[]
    List of headers to allow and pass from the request to the plugin
    path string
    Where the secret backend will be mounted
    pluginVersion string
    Specifies the semantic version of the plugin to use, e.g. 'v1.0.0'
    postgresqls SecretsMountPostgresql[]
    A nested block containing configuration options for PostgreSQL connections.
    See Configuration Options for more info
    redis SecretsMountRedi[]
    A nested block containing configuration options for Redis connections.
    See Configuration Options for more info
    redisElasticaches SecretsMountRedisElasticach[]
    A nested block containing configuration options for Redis ElastiCache connections.
    See Configuration Options for more info
    redshifts SecretsMountRedshift[]
    A nested block containing configuration options for AWS Redshift connections.
    See Configuration Options for more info
    sealWrap boolean
    Boolean flag that can be explicitly set to true to enable seal wrapping for the mount, causing values stored by the mount to be wrapped by the seal's encryption capability
    snowflakes SecretsMountSnowflake[]
    A nested block containing configuration options for Snowflake connections.
    See Configuration Options for more info
    accessor str
    Accessor of the mount
    allowed_managed_keys Sequence[str]

    Set of managed key registry entry names that the mount in question is allowed to access

    The following arguments are common to all database engines:

    allowed_response_headers Sequence[str]
    List of headers to allow and pass from the request to the plugin
    audit_non_hmac_request_keys Sequence[str]
    Specifies the list of keys that will not be HMAC'd by audit devices in the request data object.
    audit_non_hmac_response_keys Sequence[str]
    Specifies the list of keys that will not be HMAC'd by audit devices in the response data object.
    cassandras Sequence[SecretsMountCassandraArgs]
    A nested block containing configuration options for Cassandra connections.
    See Configuration Options for more info
    couchbases Sequence[SecretsMountCouchbaseArgs]
    A nested block containing configuration options for Couchbase connections.
    See Configuration Options for more info
    default_lease_ttl_seconds int
    Default lease duration for tokens and secrets in seconds
    delegated_auth_accessors Sequence[str]
    List of headers to allow and pass from the request to the plugin
    description str
    Human-friendly description of the mount
    elasticsearches Sequence[SecretsMountElasticsearchArgs]
    A nested block containing configuration options for Elasticsearch connections.
    See Configuration Options for more info
    engine_count int
    The total number of database secrets engines configured.
    external_entropy_access bool
    Boolean flag that can be explicitly set to true to enable the secrets engine to access Vault's external entropy source
    hanas Sequence[SecretsMountHanaArgs]
    A nested block containing configuration options for SAP HanaDB connections.
    See Configuration Options for more info
    identity_token_key str
    The key to use for signing plugin workload identity tokens
    influxdbs Sequence[SecretsMountInfluxdbArgs]
    A nested block containing configuration options for InfluxDB connections.
    See Configuration Options for more info
    listing_visibility str
    Specifies whether to show this mount in the UI-specific listing endpoint
    local bool
    Boolean flag that can be explicitly set to true to enforce local mount in HA environment
    max_lease_ttl_seconds int
    Maximum possible lease duration for tokens and secrets in seconds
    mongodbatlas Sequence[SecretsMountMongodbatlaArgs]
    A nested block containing configuration options for MongoDB Atlas connections.
    See Configuration Options for more info
    mongodbs Sequence[SecretsMountMongodbArgs]
    A nested block containing configuration options for MongoDB connections.
    See Configuration Options for more info
    mssqls Sequence[SecretsMountMssqlArgs]
    A nested block containing configuration options for MSSQL connections.
    See Configuration Options for more info
    mysql_auroras Sequence[SecretsMountMysqlAuroraArgs]
    A nested block containing configuration options for Aurora MySQL connections.
    See Configuration Options for more info
    mysql_legacies Sequence[SecretsMountMysqlLegacyArgs]
    A nested block containing configuration options for legacy MySQL connections.
    See Configuration Options for more info
    mysql_rds Sequence[SecretsMountMysqlRdArgs]
    A nested block containing configuration options for RDS MySQL connections.
    See Configuration Options for more info
    mysqls Sequence[SecretsMountMysqlArgs]
    A nested block containing configuration options for MySQL connections.
    See Configuration Options for more info
    namespace str
    Target namespace. (requires Enterprise)
    options Mapping[str, str]
    Specifies mount type specific options that are passed to the backend
    oracles Sequence[SecretsMountOracleArgs]
    A nested block containing configuration options for Oracle connections.
    See Configuration Options for more info
    passthrough_request_headers Sequence[str]
    List of headers to allow and pass from the request to the plugin
    path str
    Where the secret backend will be mounted
    plugin_version str
    Specifies the semantic version of the plugin to use, e.g. 'v1.0.0'
    postgresqls Sequence[SecretsMountPostgresqlArgs]
    A nested block containing configuration options for PostgreSQL connections.
    See Configuration Options for more info
    redis Sequence[SecretsMountRediArgs]
    A nested block containing configuration options for Redis connections.
    See Configuration Options for more info
    redis_elasticaches Sequence[SecretsMountRedisElasticachArgs]
    A nested block containing configuration options for Redis ElastiCache connections.
    See Configuration Options for more info
    redshifts Sequence[SecretsMountRedshiftArgs]
    A nested block containing configuration options for AWS Redshift connections.
    See Configuration Options for more info
    seal_wrap bool
    Boolean flag that can be explicitly set to true to enable seal wrapping for the mount, causing values stored by the mount to be wrapped by the seal's encryption capability
    snowflakes Sequence[SecretsMountSnowflakeArgs]
    A nested block containing configuration options for Snowflake connections.
    See Configuration Options for more info
    accessor String
    Accessor of the mount
    allowedManagedKeys List<String>

    Set of managed key registry entry names that the mount in question is allowed to access

    The following arguments are common to all database engines:

    allowedResponseHeaders List<String>
    List of headers to allow and pass from the request to the plugin
    auditNonHmacRequestKeys List<String>
    Specifies the list of keys that will not be HMAC'd by audit devices in the request data object.
    auditNonHmacResponseKeys List<String>
    Specifies the list of keys that will not be HMAC'd by audit devices in the response data object.
    cassandras List<Property Map>
    A nested block containing configuration options for Cassandra connections.
    See Configuration Options for more info
    couchbases List<Property Map>
    A nested block containing configuration options for Couchbase connections.
    See Configuration Options for more info
    defaultLeaseTtlSeconds Number
    Default lease duration for tokens and secrets in seconds
    delegatedAuthAccessors List<String>
    List of headers to allow and pass from the request to the plugin
    description String
    Human-friendly description of the mount
    elasticsearches List<Property Map>
    A nested block containing configuration options for Elasticsearch connections.
    See Configuration Options for more info
    engineCount Number
    The total number of database secrets engines configured.
    externalEntropyAccess Boolean
    Boolean flag that can be explicitly set to true to enable the secrets engine to access Vault's external entropy source
    hanas List<Property Map>
    A nested block containing configuration options for SAP HanaDB connections.
    See Configuration Options for more info
    identityTokenKey String
    The key to use for signing plugin workload identity tokens
    influxdbs List<Property Map>
    A nested block containing configuration options for InfluxDB connections.
    See Configuration Options for more info
    listingVisibility String
    Specifies whether to show this mount in the UI-specific listing endpoint
    local Boolean
    Boolean flag that can be explicitly set to true to enforce local mount in HA environment
    maxLeaseTtlSeconds Number
    Maximum possible lease duration for tokens and secrets in seconds
    mongodbatlas List<Property Map>
    A nested block containing configuration options for MongoDB Atlas connections.
    See Configuration Options for more info
    mongodbs List<Property Map>
    A nested block containing configuration options for MongoDB connections.
    See Configuration Options for more info
    mssqls List<Property Map>
    A nested block containing configuration options for MSSQL connections.
    See Configuration Options for more info
    mysqlAuroras List<Property Map>
    A nested block containing configuration options for Aurora MySQL connections.
    See Configuration Options for more info
    mysqlLegacies List<Property Map>
    A nested block containing configuration options for legacy MySQL connections.
    See Configuration Options for more info
    mysqlRds List<Property Map>
    A nested block containing configuration options for RDS MySQL connections.
    See Configuration Options for more info
    mysqls List<Property Map>
    A nested block containing configuration options for MySQL connections.
    See Configuration Options for more info
    namespace String
    Target namespace. (requires Enterprise)
    options Map<String>
    Specifies mount type specific options that are passed to the backend
    oracles List<Property Map>
    A nested block containing configuration options for Oracle connections.
    See Configuration Options for more info
    passthroughRequestHeaders List<String>
    List of headers to allow and pass from the request to the plugin
    path String
    Where the secret backend will be mounted
    pluginVersion String
    Specifies the semantic version of the plugin to use, e.g. 'v1.0.0'
    postgresqls List<Property Map>
    A nested block containing configuration options for PostgreSQL connections.
    See Configuration Options for more info
    redis List<Property Map>
    A nested block containing configuration options for Redis connections.
    See Configuration Options for more info
    redisElasticaches List<Property Map>
    A nested block containing configuration options for Redis ElastiCache connections.
    See Configuration Options for more info
    redshifts List<Property Map>
    A nested block containing configuration options for AWS Redshift connections.
    See Configuration Options for more info
    sealWrap Boolean
    Boolean flag that can be explicitly set to true to enable seal wrapping for the mount, causing values stored by the mount to be wrapped by the seal's encryption capability
    snowflakes List<Property Map>
    A nested block containing configuration options for Snowflake connections.
    See Configuration Options for more info

    Supporting Types

    SecretsMountCassandra, SecretsMountCassandraArgs

    Name string
    Name of the database connection.
    AllowedRoles List<string>
    A list of roles that are allowed to use this connection.
    ConnectTimeout int
    The number of seconds to use as a connection timeout.
    Data Dictionary<string, string>

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    Hosts List<string>
    Cassandra hosts to connect to.
    InsecureTls bool
    Whether to skip verification of the server certificate when using TLS.
    Password string
    The password to use when authenticating with Cassandra.
    PemBundle string
    Concatenated PEM blocks containing a certificate and private key; a certificate, private key, and issuing CA certificate; or just a CA certificate.
    PemJson string
    Specifies JSON containing a certificate and private key; a certificate, private key, and issuing CA certificate; or just a CA certificate.
    PluginName string
    Specifies the name of the plugin to use.
    Port int
    The transport port to use to connect to Cassandra.
    ProtocolVersion int
    The CQL protocol version to use.
    RootRotationStatements List<string>
    A list of database statements to be executed to rotate the root user's credentials.
    SkipVerification bool
    Skip permissions checks when a connection to Cassandra is first created. These checks ensure that Vault is able to create roles, but can be resource intensive in clusters with many roles.
    Tls bool
    Whether to use TLS when connecting to Cassandra.
    Username string
    The username to use when authenticating with Cassandra.
    VerifyConnection bool
    Whether the connection should be verified on initial configuration or not.
    Name string
    Name of the database connection.
    AllowedRoles []string
    A list of roles that are allowed to use this connection.
    ConnectTimeout int
    The number of seconds to use as a connection timeout.
    Data map[string]string

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    Hosts []string
    Cassandra hosts to connect to.
    InsecureTls bool
    Whether to skip verification of the server certificate when using TLS.
    Password string
    The password to use when authenticating with Cassandra.
    PemBundle string
    Concatenated PEM blocks containing a certificate and private key; a certificate, private key, and issuing CA certificate; or just a CA certificate.
    PemJson string
    Specifies JSON containing a certificate and private key; a certificate, private key, and issuing CA certificate; or just a CA certificate.
    PluginName string
    Specifies the name of the plugin to use.
    Port int
    The transport port to use to connect to Cassandra.
    ProtocolVersion int
    The CQL protocol version to use.
    RootRotationStatements []string
    A list of database statements to be executed to rotate the root user's credentials.
    SkipVerification bool
    Skip permissions checks when a connection to Cassandra is first created. These checks ensure that Vault is able to create roles, but can be resource intensive in clusters with many roles.
    Tls bool
    Whether to use TLS when connecting to Cassandra.
    Username string
    The username to use when authenticating with Cassandra.
    VerifyConnection bool
    Whether the connection should be verified on initial configuration or not.
    name String
    Name of the database connection.
    allowedRoles List<String>
    A list of roles that are allowed to use this connection.
    connectTimeout Integer
    The number of seconds to use as a connection timeout.
    data Map<String,String>

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    hosts List<String>
    Cassandra hosts to connect to.
    insecureTls Boolean
    Whether to skip verification of the server certificate when using TLS.
    password String
    The password to use when authenticating with Cassandra.
    pemBundle String
    Concatenated PEM blocks containing a certificate and private key; a certificate, private key, and issuing CA certificate; or just a CA certificate.
    pemJson String
    Specifies JSON containing a certificate and private key; a certificate, private key, and issuing CA certificate; or just a CA certificate.
    pluginName String
    Specifies the name of the plugin to use.
    port Integer
    The transport port to use to connect to Cassandra.
    protocolVersion Integer
    The CQL protocol version to use.
    rootRotationStatements List<String>
    A list of database statements to be executed to rotate the root user's credentials.
    skipVerification Boolean
    Skip permissions checks when a connection to Cassandra is first created. These checks ensure that Vault is able to create roles, but can be resource intensive in clusters with many roles.
    tls Boolean
    Whether to use TLS when connecting to Cassandra.
    username String
    The username to use when authenticating with Cassandra.
    verifyConnection Boolean
    Whether the connection should be verified on initial configuration or not.
    name string
    Name of the database connection.
    allowedRoles string[]
    A list of roles that are allowed to use this connection.
    connectTimeout number
    The number of seconds to use as a connection timeout.
    data {[key: string]: string}

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    hosts string[]
    Cassandra hosts to connect to.
    insecureTls boolean
    Whether to skip verification of the server certificate when using TLS.
    password string
    The password to use when authenticating with Cassandra.
    pemBundle string
    Concatenated PEM blocks containing a certificate and private key; a certificate, private key, and issuing CA certificate; or just a CA certificate.
    pemJson string
    Specifies JSON containing a certificate and private key; a certificate, private key, and issuing CA certificate; or just a CA certificate.
    pluginName string
    Specifies the name of the plugin to use.
    port number
    The transport port to use to connect to Cassandra.
    protocolVersion number
    The CQL protocol version to use.
    rootRotationStatements string[]
    A list of database statements to be executed to rotate the root user's credentials.
    skipVerification boolean
    Skip permissions checks when a connection to Cassandra is first created. These checks ensure that Vault is able to create roles, but can be resource intensive in clusters with many roles.
    tls boolean
    Whether to use TLS when connecting to Cassandra.
    username string
    The username to use when authenticating with Cassandra.
    verifyConnection boolean
    Whether the connection should be verified on initial configuration or not.
    name str
    Name of the database connection.
    allowed_roles Sequence[str]
    A list of roles that are allowed to use this connection.
    connect_timeout int
    The number of seconds to use as a connection timeout.
    data Mapping[str, str]

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    hosts Sequence[str]
    Cassandra hosts to connect to.
    insecure_tls bool
    Whether to skip verification of the server certificate when using TLS.
    password str
    The password to use when authenticating with Cassandra.
    pem_bundle str
    Concatenated PEM blocks containing a certificate and private key; a certificate, private key, and issuing CA certificate; or just a CA certificate.
    pem_json str
    Specifies JSON containing a certificate and private key; a certificate, private key, and issuing CA certificate; or just a CA certificate.
    plugin_name str
    Specifies the name of the plugin to use.
    port int
    The transport port to use to connect to Cassandra.
    protocol_version int
    The CQL protocol version to use.
    root_rotation_statements Sequence[str]
    A list of database statements to be executed to rotate the root user's credentials.
    skip_verification bool
    Skip permissions checks when a connection to Cassandra is first created. These checks ensure that Vault is able to create roles, but can be resource intensive in clusters with many roles.
    tls bool
    Whether to use TLS when connecting to Cassandra.
    username str
    The username to use when authenticating with Cassandra.
    verify_connection bool
    Whether the connection should be verified on initial configuration or not.
    name String
    Name of the database connection.
    allowedRoles List<String>
    A list of roles that are allowed to use this connection.
    connectTimeout Number
    The number of seconds to use as a connection timeout.
    data Map<String>

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    hosts List<String>
    Cassandra hosts to connect to.
    insecureTls Boolean
    Whether to skip verification of the server certificate when using TLS.
    password String
    The password to use when authenticating with Cassandra.
    pemBundle String
    Concatenated PEM blocks containing a certificate and private key; a certificate, private key, and issuing CA certificate; or just a CA certificate.
    pemJson String
    Specifies JSON containing a certificate and private key; a certificate, private key, and issuing CA certificate; or just a CA certificate.
    pluginName String
    Specifies the name of the plugin to use.
    port Number
    The transport port to use to connect to Cassandra.
    protocolVersion Number
    The CQL protocol version to use.
    rootRotationStatements List<String>
    A list of database statements to be executed to rotate the root user's credentials.
    skipVerification Boolean
    Skip permissions checks when a connection to Cassandra is first created. These checks ensure that Vault is able to create roles, but can be resource intensive in clusters with many roles.
    tls Boolean
    Whether to use TLS when connecting to Cassandra.
    username String
    The username to use when authenticating with Cassandra.
    verifyConnection Boolean
    Whether the connection should be verified on initial configuration or not.

    SecretsMountCouchbase, SecretsMountCouchbaseArgs

    Hosts List<string>
    A set of Couchbase URIs to connect to. Must use couchbases:// scheme if tls is true.
    Name string
    Name of the database connection.
    Password string
    Specifies the password corresponding to the given username.
    Username string
    Specifies the username for Vault to use.
    AllowedRoles List<string>
    A list of roles that are allowed to use this connection.
    Base64Pem string
    Required if tls is true. Specifies the certificate authority of the Couchbase server, as a PEM certificate that has been base64 encoded.
    BucketName string
    Required for Couchbase versions prior to 6.5.0. This is only used to verify vault's connection to the server.
    Data Dictionary<string, string>

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    InsecureTls bool
    Specifies whether to skip verification of the server certificate when using TLS.
    PluginName string
    Specifies the name of the plugin to use.
    RootRotationStatements List<string>
    A list of database statements to be executed to rotate the root user's credentials.
    Tls bool
    Specifies whether to use TLS when connecting to Couchbase.
    UsernameTemplate string
    Template describing how dynamic usernames are generated.
    VerifyConnection bool
    Whether the connection should be verified on initial configuration or not.
    Hosts []string
    A set of Couchbase URIs to connect to. Must use couchbases:// scheme if tls is true.
    Name string
    Name of the database connection.
    Password string
    Specifies the password corresponding to the given username.
    Username string
    Specifies the username for Vault to use.
    AllowedRoles []string
    A list of roles that are allowed to use this connection.
    Base64Pem string
    Required if tls is true. Specifies the certificate authority of the Couchbase server, as a PEM certificate that has been base64 encoded.
    BucketName string
    Required for Couchbase versions prior to 6.5.0. This is only used to verify vault's connection to the server.
    Data map[string]string

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    InsecureTls bool
    Specifies whether to skip verification of the server certificate when using TLS.
    PluginName string
    Specifies the name of the plugin to use.
    RootRotationStatements []string
    A list of database statements to be executed to rotate the root user's credentials.
    Tls bool
    Specifies whether to use TLS when connecting to Couchbase.
    UsernameTemplate string
    Template describing how dynamic usernames are generated.
    VerifyConnection bool
    Whether the connection should be verified on initial configuration or not.
    hosts List<String>
    A set of Couchbase URIs to connect to. Must use couchbases:// scheme if tls is true.
    name String
    Name of the database connection.
    password String
    Specifies the password corresponding to the given username.
    username String
    Specifies the username for Vault to use.
    allowedRoles List<String>
    A list of roles that are allowed to use this connection.
    base64Pem String
    Required if tls is true. Specifies the certificate authority of the Couchbase server, as a PEM certificate that has been base64 encoded.
    bucketName String
    Required for Couchbase versions prior to 6.5.0. This is only used to verify vault's connection to the server.
    data Map<String,String>

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    insecureTls Boolean
    Specifies whether to skip verification of the server certificate when using TLS.
    pluginName String
    Specifies the name of the plugin to use.
    rootRotationStatements List<String>
    A list of database statements to be executed to rotate the root user's credentials.
    tls Boolean
    Specifies whether to use TLS when connecting to Couchbase.
    usernameTemplate String
    Template describing how dynamic usernames are generated.
    verifyConnection Boolean
    Whether the connection should be verified on initial configuration or not.
    hosts string[]
    A set of Couchbase URIs to connect to. Must use couchbases:// scheme if tls is true.
    name string
    Name of the database connection.
    password string
    Specifies the password corresponding to the given username.
    username string
    Specifies the username for Vault to use.
    allowedRoles string[]
    A list of roles that are allowed to use this connection.
    base64Pem string
    Required if tls is true. Specifies the certificate authority of the Couchbase server, as a PEM certificate that has been base64 encoded.
    bucketName string
    Required for Couchbase versions prior to 6.5.0. This is only used to verify vault's connection to the server.
    data {[key: string]: string}

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    insecureTls boolean
    Specifies whether to skip verification of the server certificate when using TLS.
    pluginName string
    Specifies the name of the plugin to use.
    rootRotationStatements string[]
    A list of database statements to be executed to rotate the root user's credentials.
    tls boolean
    Specifies whether to use TLS when connecting to Couchbase.
    usernameTemplate string
    Template describing how dynamic usernames are generated.
    verifyConnection boolean
    Whether the connection should be verified on initial configuration or not.
    hosts Sequence[str]
    A set of Couchbase URIs to connect to. Must use couchbases:// scheme if tls is true.
    name str
    Name of the database connection.
    password str
    Specifies the password corresponding to the given username.
    username str
    Specifies the username for Vault to use.
    allowed_roles Sequence[str]
    A list of roles that are allowed to use this connection.
    base64_pem str
    Required if tls is true. Specifies the certificate authority of the Couchbase server, as a PEM certificate that has been base64 encoded.
    bucket_name str
    Required for Couchbase versions prior to 6.5.0. This is only used to verify vault's connection to the server.
    data Mapping[str, str]

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    insecure_tls bool
    Specifies whether to skip verification of the server certificate when using TLS.
    plugin_name str
    Specifies the name of the plugin to use.
    root_rotation_statements Sequence[str]
    A list of database statements to be executed to rotate the root user's credentials.
    tls bool
    Specifies whether to use TLS when connecting to Couchbase.
    username_template str
    Template describing how dynamic usernames are generated.
    verify_connection bool
    Whether the connection should be verified on initial configuration or not.
    hosts List<String>
    A set of Couchbase URIs to connect to. Must use couchbases:// scheme if tls is true.
    name String
    Name of the database connection.
    password String
    Specifies the password corresponding to the given username.
    username String
    Specifies the username for Vault to use.
    allowedRoles List<String>
    A list of roles that are allowed to use this connection.
    base64Pem String
    Required if tls is true. Specifies the certificate authority of the Couchbase server, as a PEM certificate that has been base64 encoded.
    bucketName String
    Required for Couchbase versions prior to 6.5.0. This is only used to verify vault's connection to the server.
    data Map<String>

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    insecureTls Boolean
    Specifies whether to skip verification of the server certificate when using TLS.
    pluginName String
    Specifies the name of the plugin to use.
    rootRotationStatements List<String>
    A list of database statements to be executed to rotate the root user's credentials.
    tls Boolean
    Specifies whether to use TLS when connecting to Couchbase.
    usernameTemplate String
    Template describing how dynamic usernames are generated.
    verifyConnection Boolean
    Whether the connection should be verified on initial configuration or not.

    SecretsMountElasticsearch, SecretsMountElasticsearchArgs

    Name string
    Name of the database connection.
    Password string
    The password to be used in the connection URL
    Url string
    The URL for Elasticsearch's API
    Username string
    The username to be used in the connection URL
    AllowedRoles List<string>
    A list of roles that are allowed to use this connection.
    CaCert string
    The path to a PEM-encoded CA cert file to use to verify the Elasticsearch server's identity
    CaPath string
    The path to a directory of PEM-encoded CA cert files to use to verify the Elasticsearch server's identity
    ClientCert string
    The path to the certificate for the Elasticsearch client to present for communication
    ClientKey string
    The path to the key for the Elasticsearch client to use for communication
    Data Dictionary<string, string>

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    Insecure bool
    Whether to disable certificate verification
    PluginName string
    Specifies the name of the plugin to use.
    RootRotationStatements List<string>
    A list of database statements to be executed to rotate the root user's credentials.
    TlsServerName string
    This, if set, is used to set the SNI host when connecting via TLS
    UsernameTemplate string
    Template describing how dynamic usernames are generated.
    VerifyConnection bool
    Whether the connection should be verified on initial configuration or not.
    Name string
    Name of the database connection.
    Password string
    The password to be used in the connection URL
    Url string
    The URL for Elasticsearch's API
    Username string
    The username to be used in the connection URL
    AllowedRoles []string
    A list of roles that are allowed to use this connection.
    CaCert string
    The path to a PEM-encoded CA cert file to use to verify the Elasticsearch server's identity
    CaPath string
    The path to a directory of PEM-encoded CA cert files to use to verify the Elasticsearch server's identity
    ClientCert string
    The path to the certificate for the Elasticsearch client to present for communication
    ClientKey string
    The path to the key for the Elasticsearch client to use for communication
    Data map[string]string

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    Insecure bool
    Whether to disable certificate verification
    PluginName string
    Specifies the name of the plugin to use.
    RootRotationStatements []string
    A list of database statements to be executed to rotate the root user's credentials.
    TlsServerName string
    This, if set, is used to set the SNI host when connecting via TLS
    UsernameTemplate string
    Template describing how dynamic usernames are generated.
    VerifyConnection bool
    Whether the connection should be verified on initial configuration or not.
    name String
    Name of the database connection.
    password String
    The password to be used in the connection URL
    url String
    The URL for Elasticsearch's API
    username String
    The username to be used in the connection URL
    allowedRoles List<String>
    A list of roles that are allowed to use this connection.
    caCert String
    The path to a PEM-encoded CA cert file to use to verify the Elasticsearch server's identity
    caPath String
    The path to a directory of PEM-encoded CA cert files to use to verify the Elasticsearch server's identity
    clientCert String
    The path to the certificate for the Elasticsearch client to present for communication
    clientKey String
    The path to the key for the Elasticsearch client to use for communication
    data Map<String,String>

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    insecure Boolean
    Whether to disable certificate verification
    pluginName String
    Specifies the name of the plugin to use.
    rootRotationStatements List<String>
    A list of database statements to be executed to rotate the root user's credentials.
    tlsServerName String
    This, if set, is used to set the SNI host when connecting via TLS
    usernameTemplate String
    Template describing how dynamic usernames are generated.
    verifyConnection Boolean
    Whether the connection should be verified on initial configuration or not.
    name string
    Name of the database connection.
    password string
    The password to be used in the connection URL
    url string
    The URL for Elasticsearch's API
    username string
    The username to be used in the connection URL
    allowedRoles string[]
    A list of roles that are allowed to use this connection.
    caCert string
    The path to a PEM-encoded CA cert file to use to verify the Elasticsearch server's identity
    caPath string
    The path to a directory of PEM-encoded CA cert files to use to verify the Elasticsearch server's identity
    clientCert string
    The path to the certificate for the Elasticsearch client to present for communication
    clientKey string
    The path to the key for the Elasticsearch client to use for communication
    data {[key: string]: string}

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    insecure boolean
    Whether to disable certificate verification
    pluginName string
    Specifies the name of the plugin to use.
    rootRotationStatements string[]
    A list of database statements to be executed to rotate the root user's credentials.
    tlsServerName string
    This, if set, is used to set the SNI host when connecting via TLS
    usernameTemplate string
    Template describing how dynamic usernames are generated.
    verifyConnection boolean
    Whether the connection should be verified on initial configuration or not.
    name str
    Name of the database connection.
    password str
    The password to be used in the connection URL
    url str
    The URL for Elasticsearch's API
    username str
    The username to be used in the connection URL
    allowed_roles Sequence[str]
    A list of roles that are allowed to use this connection.
    ca_cert str
    The path to a PEM-encoded CA cert file to use to verify the Elasticsearch server's identity
    ca_path str
    The path to a directory of PEM-encoded CA cert files to use to verify the Elasticsearch server's identity
    client_cert str
    The path to the certificate for the Elasticsearch client to present for communication
    client_key str
    The path to the key for the Elasticsearch client to use for communication
    data Mapping[str, str]

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    insecure bool
    Whether to disable certificate verification
    plugin_name str
    Specifies the name of the plugin to use.
    root_rotation_statements Sequence[str]
    A list of database statements to be executed to rotate the root user's credentials.
    tls_server_name str
    This, if set, is used to set the SNI host when connecting via TLS
    username_template str
    Template describing how dynamic usernames are generated.
    verify_connection bool
    Whether the connection should be verified on initial configuration or not.
    name String
    Name of the database connection.
    password String
    The password to be used in the connection URL
    url String
    The URL for Elasticsearch's API
    username String
    The username to be used in the connection URL
    allowedRoles List<String>
    A list of roles that are allowed to use this connection.
    caCert String
    The path to a PEM-encoded CA cert file to use to verify the Elasticsearch server's identity
    caPath String
    The path to a directory of PEM-encoded CA cert files to use to verify the Elasticsearch server's identity
    clientCert String
    The path to the certificate for the Elasticsearch client to present for communication
    clientKey String
    The path to the key for the Elasticsearch client to use for communication
    data Map<String>

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    insecure Boolean
    Whether to disable certificate verification
    pluginName String
    Specifies the name of the plugin to use.
    rootRotationStatements List<String>
    A list of database statements to be executed to rotate the root user's credentials.
    tlsServerName String
    This, if set, is used to set the SNI host when connecting via TLS
    usernameTemplate String
    Template describing how dynamic usernames are generated.
    verifyConnection Boolean
    Whether the connection should be verified on initial configuration or not.

    SecretsMountHana, SecretsMountHanaArgs

    Name string
    Name of the database connection.
    AllowedRoles List<string>
    A list of roles that are allowed to use this connection.
    ConnectionUrl string
    Connection string to use to connect to the database.
    Data Dictionary<string, string>

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    DisableEscaping bool
    Disable special character escaping in username and password
    MaxConnectionLifetime int
    Maximum number of seconds a connection may be reused.
    MaxIdleConnections int
    Maximum number of idle connections to the database.
    MaxOpenConnections int
    Maximum number of open connections to the database.
    Password string
    The root credential password used in the connection URL
    PluginName string
    Specifies the name of the plugin to use.
    RootRotationStatements List<string>
    A list of database statements to be executed to rotate the root user's credentials.
    Username string
    The root credential username used in the connection URL
    VerifyConnection bool
    Whether the connection should be verified on initial configuration or not.
    Name string
    Name of the database connection.
    AllowedRoles []string
    A list of roles that are allowed to use this connection.
    ConnectionUrl string
    Connection string to use to connect to the database.
    Data map[string]string

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    DisableEscaping bool
    Disable special character escaping in username and password
    MaxConnectionLifetime int
    Maximum number of seconds a connection may be reused.
    MaxIdleConnections int
    Maximum number of idle connections to the database.
    MaxOpenConnections int
    Maximum number of open connections to the database.
    Password string
    The root credential password used in the connection URL
    PluginName string
    Specifies the name of the plugin to use.
    RootRotationStatements []string
    A list of database statements to be executed to rotate the root user's credentials.
    Username string
    The root credential username used in the connection URL
    VerifyConnection bool
    Whether the connection should be verified on initial configuration or not.
    name String
    Name of the database connection.
    allowedRoles List<String>
    A list of roles that are allowed to use this connection.
    connectionUrl String
    Connection string to use to connect to the database.
    data Map<String,String>

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    disableEscaping Boolean
    Disable special character escaping in username and password
    maxConnectionLifetime Integer
    Maximum number of seconds a connection may be reused.
    maxIdleConnections Integer
    Maximum number of idle connections to the database.
    maxOpenConnections Integer
    Maximum number of open connections to the database.
    password String
    The root credential password used in the connection URL
    pluginName String
    Specifies the name of the plugin to use.
    rootRotationStatements List<String>
    A list of database statements to be executed to rotate the root user's credentials.
    username String
    The root credential username used in the connection URL
    verifyConnection Boolean
    Whether the connection should be verified on initial configuration or not.
    name string
    Name of the database connection.
    allowedRoles string[]
    A list of roles that are allowed to use this connection.
    connectionUrl string
    Connection string to use to connect to the database.
    data {[key: string]: string}

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    disableEscaping boolean
    Disable special character escaping in username and password
    maxConnectionLifetime number
    Maximum number of seconds a connection may be reused.
    maxIdleConnections number
    Maximum number of idle connections to the database.
    maxOpenConnections number
    Maximum number of open connections to the database.
    password string
    The root credential password used in the connection URL
    pluginName string
    Specifies the name of the plugin to use.
    rootRotationStatements string[]
    A list of database statements to be executed to rotate the root user's credentials.
    username string
    The root credential username used in the connection URL
    verifyConnection boolean
    Whether the connection should be verified on initial configuration or not.
    name str
    Name of the database connection.
    allowed_roles Sequence[str]
    A list of roles that are allowed to use this connection.
    connection_url str
    Connection string to use to connect to the database.
    data Mapping[str, str]

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    disable_escaping bool
    Disable special character escaping in username and password
    max_connection_lifetime int
    Maximum number of seconds a connection may be reused.
    max_idle_connections int
    Maximum number of idle connections to the database.
    max_open_connections int
    Maximum number of open connections to the database.
    password str
    The root credential password used in the connection URL
    plugin_name str
    Specifies the name of the plugin to use.
    root_rotation_statements Sequence[str]
    A list of database statements to be executed to rotate the root user's credentials.
    username str
    The root credential username used in the connection URL
    verify_connection bool
    Whether the connection should be verified on initial configuration or not.
    name String
    Name of the database connection.
    allowedRoles List<String>
    A list of roles that are allowed to use this connection.
    connectionUrl String
    Connection string to use to connect to the database.
    data Map<String>

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    disableEscaping Boolean
    Disable special character escaping in username and password
    maxConnectionLifetime Number
    Maximum number of seconds a connection may be reused.
    maxIdleConnections Number
    Maximum number of idle connections to the database.
    maxOpenConnections Number
    Maximum number of open connections to the database.
    password String
    The root credential password used in the connection URL
    pluginName String
    Specifies the name of the plugin to use.
    rootRotationStatements List<String>
    A list of database statements to be executed to rotate the root user's credentials.
    username String
    The root credential username used in the connection URL
    verifyConnection Boolean
    Whether the connection should be verified on initial configuration or not.

    SecretsMountInfluxdb, SecretsMountInfluxdbArgs

    Host string
    Influxdb host to connect to.
    Name string
    Name of the database connection.
    Password string
    Specifies the password corresponding to the given username.
    Username string
    Specifies the username to use for superuser access.
    AllowedRoles List<string>
    A list of roles that are allowed to use this connection.
    ConnectTimeout int
    The number of seconds to use as a connection timeout.
    Data Dictionary<string, string>

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    InsecureTls bool
    Whether to skip verification of the server certificate when using TLS.
    PemBundle string
    Concatenated PEM blocks containing a certificate and private key; a certificate, private key, and issuing CA certificate; or just a CA certificate.
    PemJson string
    Specifies JSON containing a certificate and private key; a certificate, private key, and issuing CA certificate; or just a CA certificate.
    PluginName string
    Specifies the name of the plugin to use.
    Port int
    The transport port to use to connect to Influxdb.
    RootRotationStatements List<string>
    A list of database statements to be executed to rotate the root user's credentials.
    Tls bool
    Whether to use TLS when connecting to Influxdb.
    UsernameTemplate string
    Template describing how dynamic usernames are generated.
    VerifyConnection bool
    Whether the connection should be verified on initial configuration or not.
    Host string
    Influxdb host to connect to.
    Name string
    Name of the database connection.
    Password string
    Specifies the password corresponding to the given username.
    Username string
    Specifies the username to use for superuser access.
    AllowedRoles []string
    A list of roles that are allowed to use this connection.
    ConnectTimeout int
    The number of seconds to use as a connection timeout.
    Data map[string]string

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    InsecureTls bool
    Whether to skip verification of the server certificate when using TLS.
    PemBundle string
    Concatenated PEM blocks containing a certificate and private key; a certificate, private key, and issuing CA certificate; or just a CA certificate.
    PemJson string
    Specifies JSON containing a certificate and private key; a certificate, private key, and issuing CA certificate; or just a CA certificate.
    PluginName string
    Specifies the name of the plugin to use.
    Port int
    The transport port to use to connect to Influxdb.
    RootRotationStatements []string
    A list of database statements to be executed to rotate the root user's credentials.
    Tls bool
    Whether to use TLS when connecting to Influxdb.
    UsernameTemplate string
    Template describing how dynamic usernames are generated.
    VerifyConnection bool
    Whether the connection should be verified on initial configuration or not.
    host String
    Influxdb host to connect to.
    name String
    Name of the database connection.
    password String
    Specifies the password corresponding to the given username.
    username String
    Specifies the username to use for superuser access.
    allowedRoles List<String>
    A list of roles that are allowed to use this connection.
    connectTimeout Integer
    The number of seconds to use as a connection timeout.
    data Map<String,String>

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    insecureTls Boolean
    Whether to skip verification of the server certificate when using TLS.
    pemBundle String
    Concatenated PEM blocks containing a certificate and private key; a certificate, private key, and issuing CA certificate; or just a CA certificate.
    pemJson String
    Specifies JSON containing a certificate and private key; a certificate, private key, and issuing CA certificate; or just a CA certificate.
    pluginName String
    Specifies the name of the plugin to use.
    port Integer
    The transport port to use to connect to Influxdb.
    rootRotationStatements List<String>
    A list of database statements to be executed to rotate the root user's credentials.
    tls Boolean
    Whether to use TLS when connecting to Influxdb.
    usernameTemplate String
    Template describing how dynamic usernames are generated.
    verifyConnection Boolean
    Whether the connection should be verified on initial configuration or not.
    host string
    Influxdb host to connect to.
    name string
    Name of the database connection.
    password string
    Specifies the password corresponding to the given username.
    username string
    Specifies the username to use for superuser access.
    allowedRoles string[]
    A list of roles that are allowed to use this connection.
    connectTimeout number
    The number of seconds to use as a connection timeout.
    data {[key: string]: string}

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    insecureTls boolean
    Whether to skip verification of the server certificate when using TLS.
    pemBundle string
    Concatenated PEM blocks containing a certificate and private key; a certificate, private key, and issuing CA certificate; or just a CA certificate.
    pemJson string
    Specifies JSON containing a certificate and private key; a certificate, private key, and issuing CA certificate; or just a CA certificate.
    pluginName string
    Specifies the name of the plugin to use.
    port number
    The transport port to use to connect to Influxdb.
    rootRotationStatements string[]
    A list of database statements to be executed to rotate the root user's credentials.
    tls boolean
    Whether to use TLS when connecting to Influxdb.
    usernameTemplate string
    Template describing how dynamic usernames are generated.
    verifyConnection boolean
    Whether the connection should be verified on initial configuration or not.
    host str
    Influxdb host to connect to.
    name str
    Name of the database connection.
    password str
    Specifies the password corresponding to the given username.
    username str
    Specifies the username to use for superuser access.
    allowed_roles Sequence[str]
    A list of roles that are allowed to use this connection.
    connect_timeout int
    The number of seconds to use as a connection timeout.
    data Mapping[str, str]

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    insecure_tls bool
    Whether to skip verification of the server certificate when using TLS.
    pem_bundle str
    Concatenated PEM blocks containing a certificate and private key; a certificate, private key, and issuing CA certificate; or just a CA certificate.
    pem_json str
    Specifies JSON containing a certificate and private key; a certificate, private key, and issuing CA certificate; or just a CA certificate.
    plugin_name str
    Specifies the name of the plugin to use.
    port int
    The transport port to use to connect to Influxdb.
    root_rotation_statements Sequence[str]
    A list of database statements to be executed to rotate the root user's credentials.
    tls bool
    Whether to use TLS when connecting to Influxdb.
    username_template str
    Template describing how dynamic usernames are generated.
    verify_connection bool
    Whether the connection should be verified on initial configuration or not.
    host String
    Influxdb host to connect to.
    name String
    Name of the database connection.
    password String
    Specifies the password corresponding to the given username.
    username String
    Specifies the username to use for superuser access.
    allowedRoles List<String>
    A list of roles that are allowed to use this connection.
    connectTimeout Number
    The number of seconds to use as a connection timeout.
    data Map<String>

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    insecureTls Boolean
    Whether to skip verification of the server certificate when using TLS.
    pemBundle String
    Concatenated PEM blocks containing a certificate and private key; a certificate, private key, and issuing CA certificate; or just a CA certificate.
    pemJson String
    Specifies JSON containing a certificate and private key; a certificate, private key, and issuing CA certificate; or just a CA certificate.
    pluginName String
    Specifies the name of the plugin to use.
    port Number
    The transport port to use to connect to Influxdb.
    rootRotationStatements List<String>
    A list of database statements to be executed to rotate the root user's credentials.
    tls Boolean
    Whether to use TLS when connecting to Influxdb.
    usernameTemplate String
    Template describing how dynamic usernames are generated.
    verifyConnection Boolean
    Whether the connection should be verified on initial configuration or not.

    SecretsMountMongodb, SecretsMountMongodbArgs

    Name string
    Name of the database connection.
    AllowedRoles List<string>
    A list of roles that are allowed to use this connection.
    ConnectionUrl string
    Connection string to use to connect to the database.
    Data Dictionary<string, string>

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    MaxConnectionLifetime int
    Maximum number of seconds a connection may be reused.
    MaxIdleConnections int
    Maximum number of idle connections to the database.
    MaxOpenConnections int
    Maximum number of open connections to the database.
    Password string
    The root credential password used in the connection URL
    PluginName string
    Specifies the name of the plugin to use.
    RootRotationStatements List<string>
    A list of database statements to be executed to rotate the root user's credentials.
    Username string
    The root credential username used in the connection URL
    UsernameTemplate string
    Username generation template.
    VerifyConnection bool
    Whether the connection should be verified on initial configuration or not.
    Name string
    Name of the database connection.
    AllowedRoles []string
    A list of roles that are allowed to use this connection.
    ConnectionUrl string
    Connection string to use to connect to the database.
    Data map[string]string

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    MaxConnectionLifetime int
    Maximum number of seconds a connection may be reused.
    MaxIdleConnections int
    Maximum number of idle connections to the database.
    MaxOpenConnections int
    Maximum number of open connections to the database.
    Password string
    The root credential password used in the connection URL
    PluginName string
    Specifies the name of the plugin to use.
    RootRotationStatements []string
    A list of database statements to be executed to rotate the root user's credentials.
    Username string
    The root credential username used in the connection URL
    UsernameTemplate string
    Username generation template.
    VerifyConnection bool
    Whether the connection should be verified on initial configuration or not.
    name String
    Name of the database connection.
    allowedRoles List<String>
    A list of roles that are allowed to use this connection.
    connectionUrl String
    Connection string to use to connect to the database.
    data Map<String,String>

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    maxConnectionLifetime Integer
    Maximum number of seconds a connection may be reused.
    maxIdleConnections Integer
    Maximum number of idle connections to the database.
    maxOpenConnections Integer
    Maximum number of open connections to the database.
    password String
    The root credential password used in the connection URL
    pluginName String
    Specifies the name of the plugin to use.
    rootRotationStatements List<String>
    A list of database statements to be executed to rotate the root user's credentials.
    username String
    The root credential username used in the connection URL
    usernameTemplate String
    Username generation template.
    verifyConnection Boolean
    Whether the connection should be verified on initial configuration or not.
    name string
    Name of the database connection.
    allowedRoles string[]
    A list of roles that are allowed to use this connection.
    connectionUrl string
    Connection string to use to connect to the database.
    data {[key: string]: string}

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    maxConnectionLifetime number
    Maximum number of seconds a connection may be reused.
    maxIdleConnections number
    Maximum number of idle connections to the database.
    maxOpenConnections number
    Maximum number of open connections to the database.
    password string
    The root credential password used in the connection URL
    pluginName string
    Specifies the name of the plugin to use.
    rootRotationStatements string[]
    A list of database statements to be executed to rotate the root user's credentials.
    username string
    The root credential username used in the connection URL
    usernameTemplate string
    Username generation template.
    verifyConnection boolean
    Whether the connection should be verified on initial configuration or not.
    name str
    Name of the database connection.
    allowed_roles Sequence[str]
    A list of roles that are allowed to use this connection.
    connection_url str
    Connection string to use to connect to the database.
    data Mapping[str, str]

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    max_connection_lifetime int
    Maximum number of seconds a connection may be reused.
    max_idle_connections int
    Maximum number of idle connections to the database.
    max_open_connections int
    Maximum number of open connections to the database.
    password str
    The root credential password used in the connection URL
    plugin_name str
    Specifies the name of the plugin to use.
    root_rotation_statements Sequence[str]
    A list of database statements to be executed to rotate the root user's credentials.
    username str
    The root credential username used in the connection URL
    username_template str
    Username generation template.
    verify_connection bool
    Whether the connection should be verified on initial configuration or not.
    name String
    Name of the database connection.
    allowedRoles List<String>
    A list of roles that are allowed to use this connection.
    connectionUrl String
    Connection string to use to connect to the database.
    data Map<String>

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    maxConnectionLifetime Number
    Maximum number of seconds a connection may be reused.
    maxIdleConnections Number
    Maximum number of idle connections to the database.
    maxOpenConnections Number
    Maximum number of open connections to the database.
    password String
    The root credential password used in the connection URL
    pluginName String
    Specifies the name of the plugin to use.
    rootRotationStatements List<String>
    A list of database statements to be executed to rotate the root user's credentials.
    username String
    The root credential username used in the connection URL
    usernameTemplate String
    Username generation template.
    verifyConnection Boolean
    Whether the connection should be verified on initial configuration or not.

    SecretsMountMongodbatla, SecretsMountMongodbatlaArgs

    Name string
    Name of the database connection.
    PrivateKey string
    The Private Programmatic API Key used to connect with MongoDB Atlas API.
    ProjectId string
    The Project ID the Database User should be created within.
    PublicKey string
    The Public Programmatic API Key used to authenticate with the MongoDB Atlas API.
    AllowedRoles List<string>
    A list of roles that are allowed to use this connection.
    Data Dictionary<string, string>

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    PluginName string
    Specifies the name of the plugin to use.
    RootRotationStatements List<string>
    A list of database statements to be executed to rotate the root user's credentials.
    VerifyConnection bool
    Whether the connection should be verified on initial configuration or not.
    Name string
    Name of the database connection.
    PrivateKey string
    The Private Programmatic API Key used to connect with MongoDB Atlas API.
    ProjectId string
    The Project ID the Database User should be created within.
    PublicKey string
    The Public Programmatic API Key used to authenticate with the MongoDB Atlas API.
    AllowedRoles []string
    A list of roles that are allowed to use this connection.
    Data map[string]string

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    PluginName string
    Specifies the name of the plugin to use.
    RootRotationStatements []string
    A list of database statements to be executed to rotate the root user's credentials.
    VerifyConnection bool
    Whether the connection should be verified on initial configuration or not.
    name String
    Name of the database connection.
    privateKey String
    The Private Programmatic API Key used to connect with MongoDB Atlas API.
    projectId String
    The Project ID the Database User should be created within.
    publicKey String
    The Public Programmatic API Key used to authenticate with the MongoDB Atlas API.
    allowedRoles List<String>
    A list of roles that are allowed to use this connection.
    data Map<String,String>

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    pluginName String
    Specifies the name of the plugin to use.
    rootRotationStatements List<String>
    A list of database statements to be executed to rotate the root user's credentials.
    verifyConnection Boolean
    Whether the connection should be verified on initial configuration or not.
    name string
    Name of the database connection.
    privateKey string
    The Private Programmatic API Key used to connect with MongoDB Atlas API.
    projectId string
    The Project ID the Database User should be created within.
    publicKey string
    The Public Programmatic API Key used to authenticate with the MongoDB Atlas API.
    allowedRoles string[]
    A list of roles that are allowed to use this connection.
    data {[key: string]: string}

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    pluginName string
    Specifies the name of the plugin to use.
    rootRotationStatements string[]
    A list of database statements to be executed to rotate the root user's credentials.
    verifyConnection boolean
    Whether the connection should be verified on initial configuration or not.
    name str
    Name of the database connection.
    private_key str
    The Private Programmatic API Key used to connect with MongoDB Atlas API.
    project_id str
    The Project ID the Database User should be created within.
    public_key str
    The Public Programmatic API Key used to authenticate with the MongoDB Atlas API.
    allowed_roles Sequence[str]
    A list of roles that are allowed to use this connection.
    data Mapping[str, str]

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    plugin_name str
    Specifies the name of the plugin to use.
    root_rotation_statements Sequence[str]
    A list of database statements to be executed to rotate the root user's credentials.
    verify_connection bool
    Whether the connection should be verified on initial configuration or not.
    name String
    Name of the database connection.
    privateKey String
    The Private Programmatic API Key used to connect with MongoDB Atlas API.
    projectId String
    The Project ID the Database User should be created within.
    publicKey String
    The Public Programmatic API Key used to authenticate with the MongoDB Atlas API.
    allowedRoles List<String>
    A list of roles that are allowed to use this connection.
    data Map<String>

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    pluginName String
    Specifies the name of the plugin to use.
    rootRotationStatements List<String>
    A list of database statements to be executed to rotate the root user's credentials.
    verifyConnection Boolean
    Whether the connection should be verified on initial configuration or not.

    SecretsMountMssql, SecretsMountMssqlArgs

    Name string
    Name of the database connection.
    AllowedRoles List<string>
    A list of roles that are allowed to use this connection.
    ConnectionUrl string
    Connection string to use to connect to the database.
    ContainedDb bool
    Set to true when the target is a Contained Database, e.g. AzureSQL.
    Data Dictionary<string, string>

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    DisableEscaping bool
    Disable special character escaping in username and password
    MaxConnectionLifetime int
    Maximum number of seconds a connection may be reused.
    MaxIdleConnections int
    Maximum number of idle connections to the database.
    MaxOpenConnections int
    Maximum number of open connections to the database.
    Password string
    The root credential password used in the connection URL
    PluginName string
    Specifies the name of the plugin to use.
    RootRotationStatements List<string>
    A list of database statements to be executed to rotate the root user's credentials.
    Username string
    The root credential username used in the connection URL
    UsernameTemplate string
    Username generation template.
    VerifyConnection bool
    Whether the connection should be verified on initial configuration or not.
    Name string
    Name of the database connection.
    AllowedRoles []string
    A list of roles that are allowed to use this connection.
    ConnectionUrl string
    Connection string to use to connect to the database.
    ContainedDb bool
    Set to true when the target is a Contained Database, e.g. AzureSQL.
    Data map[string]string

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    DisableEscaping bool
    Disable special character escaping in username and password
    MaxConnectionLifetime int
    Maximum number of seconds a connection may be reused.
    MaxIdleConnections int
    Maximum number of idle connections to the database.
    MaxOpenConnections int
    Maximum number of open connections to the database.
    Password string
    The root credential password used in the connection URL
    PluginName string
    Specifies the name of the plugin to use.
    RootRotationStatements []string
    A list of database statements to be executed to rotate the root user's credentials.
    Username string
    The root credential username used in the connection URL
    UsernameTemplate string
    Username generation template.
    VerifyConnection bool
    Whether the connection should be verified on initial configuration or not.
    name String
    Name of the database connection.
    allowedRoles List<String>
    A list of roles that are allowed to use this connection.
    connectionUrl String
    Connection string to use to connect to the database.
    containedDb Boolean
    Set to true when the target is a Contained Database, e.g. AzureSQL.
    data Map<String,String>

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    disableEscaping Boolean
    Disable special character escaping in username and password
    maxConnectionLifetime Integer
    Maximum number of seconds a connection may be reused.
    maxIdleConnections Integer
    Maximum number of idle connections to the database.
    maxOpenConnections Integer
    Maximum number of open connections to the database.
    password String
    The root credential password used in the connection URL
    pluginName String
    Specifies the name of the plugin to use.
    rootRotationStatements List<String>
    A list of database statements to be executed to rotate the root user's credentials.
    username String
    The root credential username used in the connection URL
    usernameTemplate String
    Username generation template.
    verifyConnection Boolean
    Whether the connection should be verified on initial configuration or not.
    name string
    Name of the database connection.
    allowedRoles string[]
    A list of roles that are allowed to use this connection.
    connectionUrl string
    Connection string to use to connect to the database.
    containedDb boolean
    Set to true when the target is a Contained Database, e.g. AzureSQL.
    data {[key: string]: string}

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    disableEscaping boolean
    Disable special character escaping in username and password
    maxConnectionLifetime number
    Maximum number of seconds a connection may be reused.
    maxIdleConnections number
    Maximum number of idle connections to the database.
    maxOpenConnections number
    Maximum number of open connections to the database.
    password string
    The root credential password used in the connection URL
    pluginName string
    Specifies the name of the plugin to use.
    rootRotationStatements string[]
    A list of database statements to be executed to rotate the root user's credentials.
    username string
    The root credential username used in the connection URL
    usernameTemplate string
    Username generation template.
    verifyConnection boolean
    Whether the connection should be verified on initial configuration or not.
    name str
    Name of the database connection.
    allowed_roles Sequence[str]
    A list of roles that are allowed to use this connection.
    connection_url str
    Connection string to use to connect to the database.
    contained_db bool
    Set to true when the target is a Contained Database, e.g. AzureSQL.
    data Mapping[str, str]

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    disable_escaping bool
    Disable special character escaping in username and password
    max_connection_lifetime int
    Maximum number of seconds a connection may be reused.
    max_idle_connections int
    Maximum number of idle connections to the database.
    max_open_connections int
    Maximum number of open connections to the database.
    password str
    The root credential password used in the connection URL
    plugin_name str
    Specifies the name of the plugin to use.
    root_rotation_statements Sequence[str]
    A list of database statements to be executed to rotate the root user's credentials.
    username str
    The root credential username used in the connection URL
    username_template str
    Username generation template.
    verify_connection bool
    Whether the connection should be verified on initial configuration or not.
    name String
    Name of the database connection.
    allowedRoles List<String>
    A list of roles that are allowed to use this connection.
    connectionUrl String
    Connection string to use to connect to the database.
    containedDb Boolean
    Set to true when the target is a Contained Database, e.g. AzureSQL.
    data Map<String>

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    disableEscaping Boolean
    Disable special character escaping in username and password
    maxConnectionLifetime Number
    Maximum number of seconds a connection may be reused.
    maxIdleConnections Number
    Maximum number of idle connections to the database.
    maxOpenConnections Number
    Maximum number of open connections to the database.
    password String
    The root credential password used in the connection URL
    pluginName String
    Specifies the name of the plugin to use.
    rootRotationStatements List<String>
    A list of database statements to be executed to rotate the root user's credentials.
    username String
    The root credential username used in the connection URL
    usernameTemplate String
    Username generation template.
    verifyConnection Boolean
    Whether the connection should be verified on initial configuration or not.

    SecretsMountMysql, SecretsMountMysqlArgs

    Name string
    Name of the database connection.
    AllowedRoles List<string>
    A list of roles that are allowed to use this connection.
    AuthType string
    Specify alternative authorization type. (Only 'gcp_iam' is valid currently)
    ConnectionUrl string
    Connection string to use to connect to the database.
    Data Dictionary<string, string>

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    MaxConnectionLifetime int
    Maximum number of seconds a connection may be reused.
    MaxIdleConnections int
    Maximum number of idle connections to the database.
    MaxOpenConnections int
    Maximum number of open connections to the database.
    Password string
    The root credential password used in the connection URL
    PluginName string
    Specifies the name of the plugin to use.
    RootRotationStatements List<string>
    A list of database statements to be executed to rotate the root user's credentials.
    ServiceAccountJson string
    A JSON encoded credential for use with IAM authorization
    TlsCa string
    x509 CA file for validating the certificate presented by the MySQL server. Must be PEM encoded.
    TlsCertificateKey string
    x509 certificate for connecting to the database. This must be a PEM encoded version of the private key and the certificate combined.
    Username string
    The root credential username used in the connection URL
    UsernameTemplate string
    Username generation template.
    VerifyConnection bool
    Whether the connection should be verified on initial configuration or not.
    Name string
    Name of the database connection.
    AllowedRoles []string
    A list of roles that are allowed to use this connection.
    AuthType string
    Specify alternative authorization type. (Only 'gcp_iam' is valid currently)
    ConnectionUrl string
    Connection string to use to connect to the database.
    Data map[string]string

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    MaxConnectionLifetime int
    Maximum number of seconds a connection may be reused.
    MaxIdleConnections int
    Maximum number of idle connections to the database.
    MaxOpenConnections int
    Maximum number of open connections to the database.
    Password string
    The root credential password used in the connection URL
    PluginName string
    Specifies the name of the plugin to use.
    RootRotationStatements []string
    A list of database statements to be executed to rotate the root user's credentials.
    ServiceAccountJson string
    A JSON encoded credential for use with IAM authorization
    TlsCa string
    x509 CA file for validating the certificate presented by the MySQL server. Must be PEM encoded.
    TlsCertificateKey string
    x509 certificate for connecting to the database. This must be a PEM encoded version of the private key and the certificate combined.
    Username string
    The root credential username used in the connection URL
    UsernameTemplate string
    Username generation template.
    VerifyConnection bool
    Whether the connection should be verified on initial configuration or not.
    name String
    Name of the database connection.
    allowedRoles List<String>
    A list of roles that are allowed to use this connection.
    authType String
    Specify alternative authorization type. (Only 'gcp_iam' is valid currently)
    connectionUrl String
    Connection string to use to connect to the database.
    data Map<String,String>

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    maxConnectionLifetime Integer
    Maximum number of seconds a connection may be reused.
    maxIdleConnections Integer
    Maximum number of idle connections to the database.
    maxOpenConnections Integer
    Maximum number of open connections to the database.
    password String
    The root credential password used in the connection URL
    pluginName String
    Specifies the name of the plugin to use.
    rootRotationStatements List<String>
    A list of database statements to be executed to rotate the root user's credentials.
    serviceAccountJson String
    A JSON encoded credential for use with IAM authorization
    tlsCa String
    x509 CA file for validating the certificate presented by the MySQL server. Must be PEM encoded.
    tlsCertificateKey String
    x509 certificate for connecting to the database. This must be a PEM encoded version of the private key and the certificate combined.
    username String
    The root credential username used in the connection URL
    usernameTemplate String
    Username generation template.
    verifyConnection Boolean
    Whether the connection should be verified on initial configuration or not.
    name string
    Name of the database connection.
    allowedRoles string[]
    A list of roles that are allowed to use this connection.
    authType string
    Specify alternative authorization type. (Only 'gcp_iam' is valid currently)
    connectionUrl string
    Connection string to use to connect to the database.
    data {[key: string]: string}

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    maxConnectionLifetime number
    Maximum number of seconds a connection may be reused.
    maxIdleConnections number
    Maximum number of idle connections to the database.
    maxOpenConnections number
    Maximum number of open connections to the database.
    password string
    The root credential password used in the connection URL
    pluginName string
    Specifies the name of the plugin to use.
    rootRotationStatements string[]
    A list of database statements to be executed to rotate the root user's credentials.
    serviceAccountJson string
    A JSON encoded credential for use with IAM authorization
    tlsCa string
    x509 CA file for validating the certificate presented by the MySQL server. Must be PEM encoded.
    tlsCertificateKey string
    x509 certificate for connecting to the database. This must be a PEM encoded version of the private key and the certificate combined.
    username string
    The root credential username used in the connection URL
    usernameTemplate string
    Username generation template.
    verifyConnection boolean
    Whether the connection should be verified on initial configuration or not.
    name str
    Name of the database connection.
    allowed_roles Sequence[str]
    A list of roles that are allowed to use this connection.
    auth_type str
    Specify alternative authorization type. (Only 'gcp_iam' is valid currently)
    connection_url str
    Connection string to use to connect to the database.
    data Mapping[str, str]

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    max_connection_lifetime int
    Maximum number of seconds a connection may be reused.
    max_idle_connections int
    Maximum number of idle connections to the database.
    max_open_connections int
    Maximum number of open connections to the database.
    password str
    The root credential password used in the connection URL
    plugin_name str
    Specifies the name of the plugin to use.
    root_rotation_statements Sequence[str]
    A list of database statements to be executed to rotate the root user's credentials.
    service_account_json str
    A JSON encoded credential for use with IAM authorization
    tls_ca str
    x509 CA file for validating the certificate presented by the MySQL server. Must be PEM encoded.
    tls_certificate_key str
    x509 certificate for connecting to the database. This must be a PEM encoded version of the private key and the certificate combined.
    username str
    The root credential username used in the connection URL
    username_template str
    Username generation template.
    verify_connection bool
    Whether the connection should be verified on initial configuration or not.
    name String
    Name of the database connection.
    allowedRoles List<String>
    A list of roles that are allowed to use this connection.
    authType String
    Specify alternative authorization type. (Only 'gcp_iam' is valid currently)
    connectionUrl String
    Connection string to use to connect to the database.
    data Map<String>

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    maxConnectionLifetime Number
    Maximum number of seconds a connection may be reused.
    maxIdleConnections Number
    Maximum number of idle connections to the database.
    maxOpenConnections Number
    Maximum number of open connections to the database.
    password String
    The root credential password used in the connection URL
    pluginName String
    Specifies the name of the plugin to use.
    rootRotationStatements List<String>
    A list of database statements to be executed to rotate the root user's credentials.
    serviceAccountJson String
    A JSON encoded credential for use with IAM authorization
    tlsCa String
    x509 CA file for validating the certificate presented by the MySQL server. Must be PEM encoded.
    tlsCertificateKey String
    x509 certificate for connecting to the database. This must be a PEM encoded version of the private key and the certificate combined.
    username String
    The root credential username used in the connection URL
    usernameTemplate String
    Username generation template.
    verifyConnection Boolean
    Whether the connection should be verified on initial configuration or not.

    SecretsMountMysqlAurora, SecretsMountMysqlAuroraArgs

    Name string
    Name of the database connection.
    AllowedRoles List<string>
    A list of roles that are allowed to use this connection.
    AuthType string
    Specify alternative authorization type. (Only 'gcp_iam' is valid currently)
    ConnectionUrl string
    Connection string to use to connect to the database.
    Data Dictionary<string, string>

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    MaxConnectionLifetime int
    Maximum number of seconds a connection may be reused.
    MaxIdleConnections int
    Maximum number of idle connections to the database.
    MaxOpenConnections int
    Maximum number of open connections to the database.
    Password string
    The root credential password used in the connection URL
    PluginName string
    Specifies the name of the plugin to use.
    RootRotationStatements List<string>
    A list of database statements to be executed to rotate the root user's credentials.
    ServiceAccountJson string
    A JSON encoded credential for use with IAM authorization
    TlsCa string
    x509 CA file for validating the certificate presented by the MySQL server. Must be PEM encoded.
    TlsCertificateKey string
    x509 certificate for connecting to the database. This must be a PEM encoded version of the private key and the certificate combined.
    Username string
    The root credential username used in the connection URL
    UsernameTemplate string
    Username generation template.
    VerifyConnection bool
    Whether the connection should be verified on initial configuration or not.
    Name string
    Name of the database connection.
    AllowedRoles []string
    A list of roles that are allowed to use this connection.
    AuthType string
    Specify alternative authorization type. (Only 'gcp_iam' is valid currently)
    ConnectionUrl string
    Connection string to use to connect to the database.
    Data map[string]string

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    MaxConnectionLifetime int
    Maximum number of seconds a connection may be reused.
    MaxIdleConnections int
    Maximum number of idle connections to the database.
    MaxOpenConnections int
    Maximum number of open connections to the database.
    Password string
    The root credential password used in the connection URL
    PluginName string
    Specifies the name of the plugin to use.
    RootRotationStatements []string
    A list of database statements to be executed to rotate the root user's credentials.
    ServiceAccountJson string
    A JSON encoded credential for use with IAM authorization
    TlsCa string
    x509 CA file for validating the certificate presented by the MySQL server. Must be PEM encoded.
    TlsCertificateKey string
    x509 certificate for connecting to the database. This must be a PEM encoded version of the private key and the certificate combined.
    Username string
    The root credential username used in the connection URL
    UsernameTemplate string
    Username generation template.
    VerifyConnection bool
    Whether the connection should be verified on initial configuration or not.
    name String
    Name of the database connection.
    allowedRoles List<String>
    A list of roles that are allowed to use this connection.
    authType String
    Specify alternative authorization type. (Only 'gcp_iam' is valid currently)
    connectionUrl String
    Connection string to use to connect to the database.
    data Map<String,String>

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    maxConnectionLifetime Integer
    Maximum number of seconds a connection may be reused.
    maxIdleConnections Integer
    Maximum number of idle connections to the database.
    maxOpenConnections Integer
    Maximum number of open connections to the database.
    password String
    The root credential password used in the connection URL
    pluginName String
    Specifies the name of the plugin to use.
    rootRotationStatements List<String>
    A list of database statements to be executed to rotate the root user's credentials.
    serviceAccountJson String
    A JSON encoded credential for use with IAM authorization
    tlsCa String
    x509 CA file for validating the certificate presented by the MySQL server. Must be PEM encoded.
    tlsCertificateKey String
    x509 certificate for connecting to the database. This must be a PEM encoded version of the private key and the certificate combined.
    username String
    The root credential username used in the connection URL
    usernameTemplate String
    Username generation template.
    verifyConnection Boolean
    Whether the connection should be verified on initial configuration or not.
    name string
    Name of the database connection.
    allowedRoles string[]
    A list of roles that are allowed to use this connection.
    authType string
    Specify alternative authorization type. (Only 'gcp_iam' is valid currently)
    connectionUrl string
    Connection string to use to connect to the database.
    data {[key: string]: string}

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    maxConnectionLifetime number
    Maximum number of seconds a connection may be reused.
    maxIdleConnections number
    Maximum number of idle connections to the database.
    maxOpenConnections number
    Maximum number of open connections to the database.
    password string
    The root credential password used in the connection URL
    pluginName string
    Specifies the name of the plugin to use.
    rootRotationStatements string[]
    A list of database statements to be executed to rotate the root user's credentials.
    serviceAccountJson string
    A JSON encoded credential for use with IAM authorization
    tlsCa string
    x509 CA file for validating the certificate presented by the MySQL server. Must be PEM encoded.
    tlsCertificateKey string
    x509 certificate for connecting to the database. This must be a PEM encoded version of the private key and the certificate combined.
    username string
    The root credential username used in the connection URL
    usernameTemplate string
    Username generation template.
    verifyConnection boolean
    Whether the connection should be verified on initial configuration or not.
    name str
    Name of the database connection.
    allowed_roles Sequence[str]
    A list of roles that are allowed to use this connection.
    auth_type str
    Specify alternative authorization type. (Only 'gcp_iam' is valid currently)
    connection_url str
    Connection string to use to connect to the database.
    data Mapping[str, str]

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    max_connection_lifetime int
    Maximum number of seconds a connection may be reused.
    max_idle_connections int
    Maximum number of idle connections to the database.
    max_open_connections int
    Maximum number of open connections to the database.
    password str
    The root credential password used in the connection URL
    plugin_name str
    Specifies the name of the plugin to use.
    root_rotation_statements Sequence[str]
    A list of database statements to be executed to rotate the root user's credentials.
    service_account_json str
    A JSON encoded credential for use with IAM authorization
    tls_ca str
    x509 CA file for validating the certificate presented by the MySQL server. Must be PEM encoded.
    tls_certificate_key str
    x509 certificate for connecting to the database. This must be a PEM encoded version of the private key and the certificate combined.
    username str
    The root credential username used in the connection URL
    username_template str
    Username generation template.
    verify_connection bool
    Whether the connection should be verified on initial configuration or not.
    name String
    Name of the database connection.
    allowedRoles List<String>
    A list of roles that are allowed to use this connection.
    authType String
    Specify alternative authorization type. (Only 'gcp_iam' is valid currently)
    connectionUrl String
    Connection string to use to connect to the database.
    data Map<String>

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    maxConnectionLifetime Number
    Maximum number of seconds a connection may be reused.
    maxIdleConnections Number
    Maximum number of idle connections to the database.
    maxOpenConnections Number
    Maximum number of open connections to the database.
    password String
    The root credential password used in the connection URL
    pluginName String
    Specifies the name of the plugin to use.
    rootRotationStatements List<String>
    A list of database statements to be executed to rotate the root user's credentials.
    serviceAccountJson String
    A JSON encoded credential for use with IAM authorization
    tlsCa String
    x509 CA file for validating the certificate presented by the MySQL server. Must be PEM encoded.
    tlsCertificateKey String
    x509 certificate for connecting to the database. This must be a PEM encoded version of the private key and the certificate combined.
    username String
    The root credential username used in the connection URL
    usernameTemplate String
    Username generation template.
    verifyConnection Boolean
    Whether the connection should be verified on initial configuration or not.

    SecretsMountMysqlLegacy, SecretsMountMysqlLegacyArgs

    Name string
    Name of the database connection.
    AllowedRoles List<string>
    A list of roles that are allowed to use this connection.
    AuthType string
    Specify alternative authorization type. (Only 'gcp_iam' is valid currently)
    ConnectionUrl string
    Connection string to use to connect to the database.
    Data Dictionary<string, string>

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    MaxConnectionLifetime int
    Maximum number of seconds a connection may be reused.
    MaxIdleConnections int
    Maximum number of idle connections to the database.
    MaxOpenConnections int
    Maximum number of open connections to the database.
    Password string
    The root credential password used in the connection URL
    PluginName string
    Specifies the name of the plugin to use.
    RootRotationStatements List<string>
    A list of database statements to be executed to rotate the root user's credentials.
    ServiceAccountJson string
    A JSON encoded credential for use with IAM authorization
    TlsCa string
    x509 CA file for validating the certificate presented by the MySQL server. Must be PEM encoded.
    TlsCertificateKey string
    x509 certificate for connecting to the database. This must be a PEM encoded version of the private key and the certificate combined.
    Username string
    The root credential username used in the connection URL
    UsernameTemplate string
    Username generation template.
    VerifyConnection bool
    Whether the connection should be verified on initial configuration or not.
    Name string
    Name of the database connection.
    AllowedRoles []string
    A list of roles that are allowed to use this connection.
    AuthType string
    Specify alternative authorization type. (Only 'gcp_iam' is valid currently)
    ConnectionUrl string
    Connection string to use to connect to the database.
    Data map[string]string

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    MaxConnectionLifetime int
    Maximum number of seconds a connection may be reused.
    MaxIdleConnections int
    Maximum number of idle connections to the database.
    MaxOpenConnections int
    Maximum number of open connections to the database.
    Password string
    The root credential password used in the connection URL
    PluginName string
    Specifies the name of the plugin to use.
    RootRotationStatements []string
    A list of database statements to be executed to rotate the root user's credentials.
    ServiceAccountJson string
    A JSON encoded credential for use with IAM authorization
    TlsCa string
    x509 CA file for validating the certificate presented by the MySQL server. Must be PEM encoded.
    TlsCertificateKey string
    x509 certificate for connecting to the database. This must be a PEM encoded version of the private key and the certificate combined.
    Username string
    The root credential username used in the connection URL
    UsernameTemplate string
    Username generation template.
    VerifyConnection bool
    Whether the connection should be verified on initial configuration or not.
    name String
    Name of the database connection.
    allowedRoles List<String>
    A list of roles that are allowed to use this connection.
    authType String
    Specify alternative authorization type. (Only 'gcp_iam' is valid currently)
    connectionUrl String
    Connection string to use to connect to the database.
    data Map<String,String>

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    maxConnectionLifetime Integer
    Maximum number of seconds a connection may be reused.
    maxIdleConnections Integer
    Maximum number of idle connections to the database.
    maxOpenConnections Integer
    Maximum number of open connections to the database.
    password String
    The root credential password used in the connection URL
    pluginName String
    Specifies the name of the plugin to use.
    rootRotationStatements List<String>
    A list of database statements to be executed to rotate the root user's credentials.
    serviceAccountJson String
    A JSON encoded credential for use with IAM authorization
    tlsCa String
    x509 CA file for validating the certificate presented by the MySQL server. Must be PEM encoded.
    tlsCertificateKey String
    x509 certificate for connecting to the database. This must be a PEM encoded version of the private key and the certificate combined.
    username String
    The root credential username used in the connection URL
    usernameTemplate String
    Username generation template.
    verifyConnection Boolean
    Whether the connection should be verified on initial configuration or not.
    name string
    Name of the database connection.
    allowedRoles string[]
    A list of roles that are allowed to use this connection.
    authType string
    Specify alternative authorization type. (Only 'gcp_iam' is valid currently)
    connectionUrl string
    Connection string to use to connect to the database.
    data {[key: string]: string}

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    maxConnectionLifetime number
    Maximum number of seconds a connection may be reused.
    maxIdleConnections number
    Maximum number of idle connections to the database.
    maxOpenConnections number
    Maximum number of open connections to the database.
    password string
    The root credential password used in the connection URL
    pluginName string
    Specifies the name of the plugin to use.
    rootRotationStatements string[]
    A list of database statements to be executed to rotate the root user's credentials.
    serviceAccountJson string
    A JSON encoded credential for use with IAM authorization
    tlsCa string
    x509 CA file for validating the certificate presented by the MySQL server. Must be PEM encoded.
    tlsCertificateKey string
    x509 certificate for connecting to the database. This must be a PEM encoded version of the private key and the certificate combined.
    username string
    The root credential username used in the connection URL
    usernameTemplate string
    Username generation template.
    verifyConnection boolean
    Whether the connection should be verified on initial configuration or not.
    name str
    Name of the database connection.
    allowed_roles Sequence[str]
    A list of roles that are allowed to use this connection.
    auth_type str
    Specify alternative authorization type. (Only 'gcp_iam' is valid currently)
    connection_url str
    Connection string to use to connect to the database.
    data Mapping[str, str]

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    max_connection_lifetime int
    Maximum number of seconds a connection may be reused.
    max_idle_connections int
    Maximum number of idle connections to the database.
    max_open_connections int
    Maximum number of open connections to the database.
    password str
    The root credential password used in the connection URL
    plugin_name str
    Specifies the name of the plugin to use.
    root_rotation_statements Sequence[str]
    A list of database statements to be executed to rotate the root user's credentials.
    service_account_json str
    A JSON encoded credential for use with IAM authorization
    tls_ca str
    x509 CA file for validating the certificate presented by the MySQL server. Must be PEM encoded.
    tls_certificate_key str
    x509 certificate for connecting to the database. This must be a PEM encoded version of the private key and the certificate combined.
    username str
    The root credential username used in the connection URL
    username_template str
    Username generation template.
    verify_connection bool
    Whether the connection should be verified on initial configuration or not.
    name String
    Name of the database connection.
    allowedRoles List<String>
    A list of roles that are allowed to use this connection.
    authType String
    Specify alternative authorization type. (Only 'gcp_iam' is valid currently)
    connectionUrl String
    Connection string to use to connect to the database.
    data Map<String>

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    maxConnectionLifetime Number
    Maximum number of seconds a connection may be reused.
    maxIdleConnections Number
    Maximum number of idle connections to the database.
    maxOpenConnections Number
    Maximum number of open connections to the database.
    password String
    The root credential password used in the connection URL
    pluginName String
    Specifies the name of the plugin to use.
    rootRotationStatements List<String>
    A list of database statements to be executed to rotate the root user's credentials.
    serviceAccountJson String
    A JSON encoded credential for use with IAM authorization
    tlsCa String
    x509 CA file for validating the certificate presented by the MySQL server. Must be PEM encoded.
    tlsCertificateKey String
    x509 certificate for connecting to the database. This must be a PEM encoded version of the private key and the certificate combined.
    username String
    The root credential username used in the connection URL
    usernameTemplate String
    Username generation template.
    verifyConnection Boolean
    Whether the connection should be verified on initial configuration or not.

    SecretsMountMysqlRd, SecretsMountMysqlRdArgs

    Name string
    Name of the database connection.
    AllowedRoles List<string>
    A list of roles that are allowed to use this connection.
    AuthType string
    Specify alternative authorization type. (Only 'gcp_iam' is valid currently)
    ConnectionUrl string
    Connection string to use to connect to the database.
    Data Dictionary<string, string>

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    MaxConnectionLifetime int
    Maximum number of seconds a connection may be reused.
    MaxIdleConnections int
    Maximum number of idle connections to the database.
    MaxOpenConnections int
    Maximum number of open connections to the database.
    Password string
    The root credential password used in the connection URL
    PluginName string
    Specifies the name of the plugin to use.
    RootRotationStatements List<string>
    A list of database statements to be executed to rotate the root user's credentials.
    ServiceAccountJson string
    A JSON encoded credential for use with IAM authorization
    TlsCa string
    x509 CA file for validating the certificate presented by the MySQL server. Must be PEM encoded.
    TlsCertificateKey string
    x509 certificate for connecting to the database. This must be a PEM encoded version of the private key and the certificate combined.
    Username string
    The root credential username used in the connection URL
    UsernameTemplate string
    Username generation template.
    VerifyConnection bool
    Whether the connection should be verified on initial configuration or not.
    Name string
    Name of the database connection.
    AllowedRoles []string
    A list of roles that are allowed to use this connection.
    AuthType string
    Specify alternative authorization type. (Only 'gcp_iam' is valid currently)
    ConnectionUrl string
    Connection string to use to connect to the database.
    Data map[string]string

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    MaxConnectionLifetime int
    Maximum number of seconds a connection may be reused.
    MaxIdleConnections int
    Maximum number of idle connections to the database.
    MaxOpenConnections int
    Maximum number of open connections to the database.
    Password string
    The root credential password used in the connection URL
    PluginName string
    Specifies the name of the plugin to use.
    RootRotationStatements []string
    A list of database statements to be executed to rotate the root user's credentials.
    ServiceAccountJson string
    A JSON encoded credential for use with IAM authorization
    TlsCa string
    x509 CA file for validating the certificate presented by the MySQL server. Must be PEM encoded.
    TlsCertificateKey string
    x509 certificate for connecting to the database. This must be a PEM encoded version of the private key and the certificate combined.
    Username string
    The root credential username used in the connection URL
    UsernameTemplate string
    Username generation template.
    VerifyConnection bool
    Whether the connection should be verified on initial configuration or not.
    name String
    Name of the database connection.
    allowedRoles List<String>
    A list of roles that are allowed to use this connection.
    authType String
    Specify alternative authorization type. (Only 'gcp_iam' is valid currently)
    connectionUrl String
    Connection string to use to connect to the database.
    data Map<String,String>

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    maxConnectionLifetime Integer
    Maximum number of seconds a connection may be reused.
    maxIdleConnections Integer
    Maximum number of idle connections to the database.
    maxOpenConnections Integer
    Maximum number of open connections to the database.
    password String
    The root credential password used in the connection URL
    pluginName String
    Specifies the name of the plugin to use.
    rootRotationStatements List<String>
    A list of database statements to be executed to rotate the root user's credentials.
    serviceAccountJson String
    A JSON encoded credential for use with IAM authorization
    tlsCa String
    x509 CA file for validating the certificate presented by the MySQL server. Must be PEM encoded.
    tlsCertificateKey String
    x509 certificate for connecting to the database. This must be a PEM encoded version of the private key and the certificate combined.
    username String
    The root credential username used in the connection URL
    usernameTemplate String
    Username generation template.
    verifyConnection Boolean
    Whether the connection should be verified on initial configuration or not.
    name string
    Name of the database connection.
    allowedRoles string[]
    A list of roles that are allowed to use this connection.
    authType string
    Specify alternative authorization type. (Only 'gcp_iam' is valid currently)
    connectionUrl string
    Connection string to use to connect to the database.
    data {[key: string]: string}

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    maxConnectionLifetime number
    Maximum number of seconds a connection may be reused.
    maxIdleConnections number
    Maximum number of idle connections to the database.
    maxOpenConnections number
    Maximum number of open connections to the database.
    password string
    The root credential password used in the connection URL
    pluginName string
    Specifies the name of the plugin to use.
    rootRotationStatements string[]
    A list of database statements to be executed to rotate the root user's credentials.
    serviceAccountJson string
    A JSON encoded credential for use with IAM authorization
    tlsCa string
    x509 CA file for validating the certificate presented by the MySQL server. Must be PEM encoded.
    tlsCertificateKey string
    x509 certificate for connecting to the database. This must be a PEM encoded version of the private key and the certificate combined.
    username string
    The root credential username used in the connection URL
    usernameTemplate string
    Username generation template.
    verifyConnection boolean
    Whether the connection should be verified on initial configuration or not.
    name str
    Name of the database connection.
    allowed_roles Sequence[str]
    A list of roles that are allowed to use this connection.
    auth_type str
    Specify alternative authorization type. (Only 'gcp_iam' is valid currently)
    connection_url str
    Connection string to use to connect to the database.
    data Mapping[str, str]

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    max_connection_lifetime int
    Maximum number of seconds a connection may be reused.
    max_idle_connections int
    Maximum number of idle connections to the database.
    max_open_connections int
    Maximum number of open connections to the database.
    password str
    The root credential password used in the connection URL
    plugin_name str
    Specifies the name of the plugin to use.
    root_rotation_statements Sequence[str]
    A list of database statements to be executed to rotate the root user's credentials.
    service_account_json str
    A JSON encoded credential for use with IAM authorization
    tls_ca str
    x509 CA file for validating the certificate presented by the MySQL server. Must be PEM encoded.
    tls_certificate_key str
    x509 certificate for connecting to the database. This must be a PEM encoded version of the private key and the certificate combined.
    username str
    The root credential username used in the connection URL
    username_template str
    Username generation template.
    verify_connection bool
    Whether the connection should be verified on initial configuration or not.
    name String
    Name of the database connection.
    allowedRoles List<String>
    A list of roles that are allowed to use this connection.
    authType String
    Specify alternative authorization type. (Only 'gcp_iam' is valid currently)
    connectionUrl String
    Connection string to use to connect to the database.
    data Map<String>

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    maxConnectionLifetime Number
    Maximum number of seconds a connection may be reused.
    maxIdleConnections Number
    Maximum number of idle connections to the database.
    maxOpenConnections Number
    Maximum number of open connections to the database.
    password String
    The root credential password used in the connection URL
    pluginName String
    Specifies the name of the plugin to use.
    rootRotationStatements List<String>
    A list of database statements to be executed to rotate the root user's credentials.
    serviceAccountJson String
    A JSON encoded credential for use with IAM authorization
    tlsCa String
    x509 CA file for validating the certificate presented by the MySQL server. Must be PEM encoded.
    tlsCertificateKey String
    x509 certificate for connecting to the database. This must be a PEM encoded version of the private key and the certificate combined.
    username String
    The root credential username used in the connection URL
    usernameTemplate String
    Username generation template.
    verifyConnection Boolean
    Whether the connection should be verified on initial configuration or not.

    SecretsMountOracle, SecretsMountOracleArgs

    Name string
    Name of the database connection.
    AllowedRoles List<string>
    A list of roles that are allowed to use this connection.
    ConnectionUrl string
    Connection string to use to connect to the database.
    Data Dictionary<string, string>

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    DisconnectSessions bool
    Set to true to disconnect any open sessions prior to running the revocation statements.
    MaxConnectionLifetime int
    Maximum number of seconds a connection may be reused.
    MaxIdleConnections int
    Maximum number of idle connections to the database.
    MaxOpenConnections int
    Maximum number of open connections to the database.
    Password string
    The root credential password used in the connection URL
    PluginName string
    Specifies the name of the plugin to use.
    RootRotationStatements List<string>
    A list of database statements to be executed to rotate the root user's credentials.
    SplitStatements bool
    Set to true in order to split statements after semi-colons.
    Username string
    The root credential username used in the connection URL
    UsernameTemplate string
    Username generation template.
    VerifyConnection bool
    Whether the connection should be verified on initial configuration or not.
    Name string
    Name of the database connection.
    AllowedRoles []string
    A list of roles that are allowed to use this connection.
    ConnectionUrl string
    Connection string to use to connect to the database.
    Data map[string]string

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    DisconnectSessions bool
    Set to true to disconnect any open sessions prior to running the revocation statements.
    MaxConnectionLifetime int
    Maximum number of seconds a connection may be reused.
    MaxIdleConnections int
    Maximum number of idle connections to the database.
    MaxOpenConnections int
    Maximum number of open connections to the database.
    Password string
    The root credential password used in the connection URL
    PluginName string
    Specifies the name of the plugin to use.
    RootRotationStatements []string
    A list of database statements to be executed to rotate the root user's credentials.
    SplitStatements bool
    Set to true in order to split statements after semi-colons.
    Username string
    The root credential username used in the connection URL
    UsernameTemplate string
    Username generation template.
    VerifyConnection bool
    Whether the connection should be verified on initial configuration or not.
    name String
    Name of the database connection.
    allowedRoles List<String>
    A list of roles that are allowed to use this connection.
    connectionUrl String
    Connection string to use to connect to the database.
    data Map<String,String>

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    disconnectSessions Boolean
    Set to true to disconnect any open sessions prior to running the revocation statements.
    maxConnectionLifetime Integer
    Maximum number of seconds a connection may be reused.
    maxIdleConnections Integer
    Maximum number of idle connections to the database.
    maxOpenConnections Integer
    Maximum number of open connections to the database.
    password String
    The root credential password used in the connection URL
    pluginName String
    Specifies the name of the plugin to use.
    rootRotationStatements List<String>
    A list of database statements to be executed to rotate the root user's credentials.
    splitStatements Boolean
    Set to true in order to split statements after semi-colons.
    username String
    The root credential username used in the connection URL
    usernameTemplate String
    Username generation template.
    verifyConnection Boolean
    Whether the connection should be verified on initial configuration or not.
    name string
    Name of the database connection.
    allowedRoles string[]
    A list of roles that are allowed to use this connection.
    connectionUrl string
    Connection string to use to connect to the database.
    data {[key: string]: string}

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    disconnectSessions boolean
    Set to true to disconnect any open sessions prior to running the revocation statements.
    maxConnectionLifetime number
    Maximum number of seconds a connection may be reused.
    maxIdleConnections number
    Maximum number of idle connections to the database.
    maxOpenConnections number
    Maximum number of open connections to the database.
    password string
    The root credential password used in the connection URL
    pluginName string
    Specifies the name of the plugin to use.
    rootRotationStatements string[]
    A list of database statements to be executed to rotate the root user's credentials.
    splitStatements boolean
    Set to true in order to split statements after semi-colons.
    username string
    The root credential username used in the connection URL
    usernameTemplate string
    Username generation template.
    verifyConnection boolean
    Whether the connection should be verified on initial configuration or not.
    name str
    Name of the database connection.
    allowed_roles Sequence[str]
    A list of roles that are allowed to use this connection.
    connection_url str
    Connection string to use to connect to the database.
    data Mapping[str, str]

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    disconnect_sessions bool
    Set to true to disconnect any open sessions prior to running the revocation statements.
    max_connection_lifetime int
    Maximum number of seconds a connection may be reused.
    max_idle_connections int
    Maximum number of idle connections to the database.
    max_open_connections int
    Maximum number of open connections to the database.
    password str
    The root credential password used in the connection URL
    plugin_name str
    Specifies the name of the plugin to use.
    root_rotation_statements Sequence[str]
    A list of database statements to be executed to rotate the root user's credentials.
    split_statements bool
    Set to true in order to split statements after semi-colons.
    username str
    The root credential username used in the connection URL
    username_template str
    Username generation template.
    verify_connection bool
    Whether the connection should be verified on initial configuration or not.
    name String
    Name of the database connection.
    allowedRoles List<String>
    A list of roles that are allowed to use this connection.
    connectionUrl String
    Connection string to use to connect to the database.
    data Map<String>

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    disconnectSessions Boolean
    Set to true to disconnect any open sessions prior to running the revocation statements.
    maxConnectionLifetime Number
    Maximum number of seconds a connection may be reused.
    maxIdleConnections Number
    Maximum number of idle connections to the database.
    maxOpenConnections Number
    Maximum number of open connections to the database.
    password String
    The root credential password used in the connection URL
    pluginName String
    Specifies the name of the plugin to use.
    rootRotationStatements List<String>
    A list of database statements to be executed to rotate the root user's credentials.
    splitStatements Boolean
    Set to true in order to split statements after semi-colons.
    username String
    The root credential username used in the connection URL
    usernameTemplate String
    Username generation template.
    verifyConnection Boolean
    Whether the connection should be verified on initial configuration or not.

    SecretsMountPostgresql, SecretsMountPostgresqlArgs

    Name string
    Name of the database connection.
    AllowedRoles List<string>
    A list of roles that are allowed to use this connection.
    AuthType string
    Specify alternative authorization type. (Only 'gcp_iam' is valid currently)
    ConnectionUrl string
    Connection string to use to connect to the database.
    Data Dictionary<string, string>

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    DisableEscaping bool
    Disable special character escaping in username and password
    MaxConnectionLifetime int
    Maximum number of seconds a connection may be reused.
    MaxIdleConnections int
    Maximum number of idle connections to the database.
    MaxOpenConnections int
    Maximum number of open connections to the database.
    Password string
    The root credential password used in the connection URL
    PluginName string
    Specifies the name of the plugin to use.
    PrivateKey string
    The secret key used for the x509 client certificate. Must be PEM encoded.
    RootRotationStatements List<string>
    A list of database statements to be executed to rotate the root user's credentials.
    SelfManaged bool
    If set, allows onboarding static roles with a rootless connection configuration.
    ServiceAccountJson string
    A JSON encoded credential for use with IAM authorization
    TlsCa string
    The x509 CA file for validating the certificate presented by the PostgreSQL server. Must be PEM encoded.
    TlsCertificate string
    The x509 client certificate for connecting to the database. Must be PEM encoded.
    Username string
    The root credential username used in the connection URL
    UsernameTemplate string
    Username generation template.
    VerifyConnection bool
    Whether the connection should be verified on initial configuration or not.
    Name string
    Name of the database connection.
    AllowedRoles []string
    A list of roles that are allowed to use this connection.
    AuthType string
    Specify alternative authorization type. (Only 'gcp_iam' is valid currently)
    ConnectionUrl string
    Connection string to use to connect to the database.
    Data map[string]string

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    DisableEscaping bool
    Disable special character escaping in username and password
    MaxConnectionLifetime int
    Maximum number of seconds a connection may be reused.
    MaxIdleConnections int
    Maximum number of idle connections to the database.
    MaxOpenConnections int
    Maximum number of open connections to the database.
    Password string
    The root credential password used in the connection URL
    PluginName string
    Specifies the name of the plugin to use.
    PrivateKey string
    The secret key used for the x509 client certificate. Must be PEM encoded.
    RootRotationStatements []string
    A list of database statements to be executed to rotate the root user's credentials.
    SelfManaged bool
    If set, allows onboarding static roles with a rootless connection configuration.
    ServiceAccountJson string
    A JSON encoded credential for use with IAM authorization
    TlsCa string
    The x509 CA file for validating the certificate presented by the PostgreSQL server. Must be PEM encoded.
    TlsCertificate string
    The x509 client certificate for connecting to the database. Must be PEM encoded.
    Username string
    The root credential username used in the connection URL
    UsernameTemplate string
    Username generation template.
    VerifyConnection bool
    Whether the connection should be verified on initial configuration or not.
    name String
    Name of the database connection.
    allowedRoles List<String>
    A list of roles that are allowed to use this connection.
    authType String
    Specify alternative authorization type. (Only 'gcp_iam' is valid currently)
    connectionUrl String
    Connection string to use to connect to the database.
    data Map<String,String>

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    disableEscaping Boolean
    Disable special character escaping in username and password
    maxConnectionLifetime Integer
    Maximum number of seconds a connection may be reused.
    maxIdleConnections Integer
    Maximum number of idle connections to the database.
    maxOpenConnections Integer
    Maximum number of open connections to the database.
    password String
    The root credential password used in the connection URL
    pluginName String
    Specifies the name of the plugin to use.
    privateKey String
    The secret key used for the x509 client certificate. Must be PEM encoded.
    rootRotationStatements List<String>
    A list of database statements to be executed to rotate the root user's credentials.
    selfManaged Boolean
    If set, allows onboarding static roles with a rootless connection configuration.
    serviceAccountJson String
    A JSON encoded credential for use with IAM authorization
    tlsCa String
    The x509 CA file for validating the certificate presented by the PostgreSQL server. Must be PEM encoded.
    tlsCertificate String
    The x509 client certificate for connecting to the database. Must be PEM encoded.
    username String
    The root credential username used in the connection URL
    usernameTemplate String
    Username generation template.
    verifyConnection Boolean
    Whether the connection should be verified on initial configuration or not.
    name string
    Name of the database connection.
    allowedRoles string[]
    A list of roles that are allowed to use this connection.
    authType string
    Specify alternative authorization type. (Only 'gcp_iam' is valid currently)
    connectionUrl string
    Connection string to use to connect to the database.
    data {[key: string]: string}

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    disableEscaping boolean
    Disable special character escaping in username and password
    maxConnectionLifetime number
    Maximum number of seconds a connection may be reused.
    maxIdleConnections number
    Maximum number of idle connections to the database.
    maxOpenConnections number
    Maximum number of open connections to the database.
    password string
    The root credential password used in the connection URL
    pluginName string
    Specifies the name of the plugin to use.
    privateKey string
    The secret key used for the x509 client certificate. Must be PEM encoded.
    rootRotationStatements string[]
    A list of database statements to be executed to rotate the root user's credentials.
    selfManaged boolean
    If set, allows onboarding static roles with a rootless connection configuration.
    serviceAccountJson string
    A JSON encoded credential for use with IAM authorization
    tlsCa string
    The x509 CA file for validating the certificate presented by the PostgreSQL server. Must be PEM encoded.
    tlsCertificate string
    The x509 client certificate for connecting to the database. Must be PEM encoded.
    username string
    The root credential username used in the connection URL
    usernameTemplate string
    Username generation template.
    verifyConnection boolean
    Whether the connection should be verified on initial configuration or not.
    name str
    Name of the database connection.
    allowed_roles Sequence[str]
    A list of roles that are allowed to use this connection.
    auth_type str
    Specify alternative authorization type. (Only 'gcp_iam' is valid currently)
    connection_url str
    Connection string to use to connect to the database.
    data Mapping[str, str]

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    disable_escaping bool
    Disable special character escaping in username and password
    max_connection_lifetime int
    Maximum number of seconds a connection may be reused.
    max_idle_connections int
    Maximum number of idle connections to the database.
    max_open_connections int
    Maximum number of open connections to the database.
    password str
    The root credential password used in the connection URL
    plugin_name str
    Specifies the name of the plugin to use.
    private_key str
    The secret key used for the x509 client certificate. Must be PEM encoded.
    root_rotation_statements Sequence[str]
    A list of database statements to be executed to rotate the root user's credentials.
    self_managed bool
    If set, allows onboarding static roles with a rootless connection configuration.
    service_account_json str
    A JSON encoded credential for use with IAM authorization
    tls_ca str
    The x509 CA file for validating the certificate presented by the PostgreSQL server. Must be PEM encoded.
    tls_certificate str
    The x509 client certificate for connecting to the database. Must be PEM encoded.
    username str
    The root credential username used in the connection URL
    username_template str
    Username generation template.
    verify_connection bool
    Whether the connection should be verified on initial configuration or not.
    name String
    Name of the database connection.
    allowedRoles List<String>
    A list of roles that are allowed to use this connection.
    authType String
    Specify alternative authorization type. (Only 'gcp_iam' is valid currently)
    connectionUrl String
    Connection string to use to connect to the database.
    data Map<String>

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    disableEscaping Boolean
    Disable special character escaping in username and password
    maxConnectionLifetime Number
    Maximum number of seconds a connection may be reused.
    maxIdleConnections Number
    Maximum number of idle connections to the database.
    maxOpenConnections Number
    Maximum number of open connections to the database.
    password String
    The root credential password used in the connection URL
    pluginName String
    Specifies the name of the plugin to use.
    privateKey String
    The secret key used for the x509 client certificate. Must be PEM encoded.
    rootRotationStatements List<String>
    A list of database statements to be executed to rotate the root user's credentials.
    selfManaged Boolean
    If set, allows onboarding static roles with a rootless connection configuration.
    serviceAccountJson String
    A JSON encoded credential for use with IAM authorization
    tlsCa String
    The x509 CA file for validating the certificate presented by the PostgreSQL server. Must be PEM encoded.
    tlsCertificate String
    The x509 client certificate for connecting to the database. Must be PEM encoded.
    username String
    The root credential username used in the connection URL
    usernameTemplate String
    Username generation template.
    verifyConnection Boolean
    Whether the connection should be verified on initial configuration or not.

    SecretsMountRedi, SecretsMountRediArgs

    Host string
    Specifies the host to connect to
    Name string
    Name of the database connection.
    Password string
    Specifies the password corresponding to the given username.
    Username string
    Specifies the username for Vault to use.
    AllowedRoles List<string>
    A list of roles that are allowed to use this connection.
    CaCert string
    The contents of a PEM-encoded CA cert file to use to verify the Redis server's identity.
    Data Dictionary<string, string>

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    InsecureTls bool
    Specifies whether to skip verification of the server certificate when using TLS.
    PluginName string
    Specifies the name of the plugin to use.
    Port int
    The transport port to use to connect to Redis.
    RootRotationStatements List<string>
    A list of database statements to be executed to rotate the root user's credentials.
    Tls bool
    Specifies whether to use TLS when connecting to Redis.
    VerifyConnection bool
    Whether the connection should be verified on initial configuration or not.
    Host string
    Specifies the host to connect to
    Name string
    Name of the database connection.
    Password string
    Specifies the password corresponding to the given username.
    Username string
    Specifies the username for Vault to use.
    AllowedRoles []string
    A list of roles that are allowed to use this connection.
    CaCert string
    The contents of a PEM-encoded CA cert file to use to verify the Redis server's identity.
    Data map[string]string

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    InsecureTls bool
    Specifies whether to skip verification of the server certificate when using TLS.
    PluginName string
    Specifies the name of the plugin to use.
    Port int
    The transport port to use to connect to Redis.
    RootRotationStatements []string
    A list of database statements to be executed to rotate the root user's credentials.
    Tls bool
    Specifies whether to use TLS when connecting to Redis.
    VerifyConnection bool
    Whether the connection should be verified on initial configuration or not.
    host String
    Specifies the host to connect to
    name String
    Name of the database connection.
    password String
    Specifies the password corresponding to the given username.
    username String
    Specifies the username for Vault to use.
    allowedRoles List<String>
    A list of roles that are allowed to use this connection.
    caCert String
    The contents of a PEM-encoded CA cert file to use to verify the Redis server's identity.
    data Map<String,String>

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    insecureTls Boolean
    Specifies whether to skip verification of the server certificate when using TLS.
    pluginName String
    Specifies the name of the plugin to use.
    port Integer
    The transport port to use to connect to Redis.
    rootRotationStatements List<String>
    A list of database statements to be executed to rotate the root user's credentials.
    tls Boolean
    Specifies whether to use TLS when connecting to Redis.
    verifyConnection Boolean
    Whether the connection should be verified on initial configuration or not.
    host string
    Specifies the host to connect to
    name string
    Name of the database connection.
    password string
    Specifies the password corresponding to the given username.
    username string
    Specifies the username for Vault to use.
    allowedRoles string[]
    A list of roles that are allowed to use this connection.
    caCert string
    The contents of a PEM-encoded CA cert file to use to verify the Redis server's identity.
    data {[key: string]: string}

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    insecureTls boolean
    Specifies whether to skip verification of the server certificate when using TLS.
    pluginName string
    Specifies the name of the plugin to use.
    port number
    The transport port to use to connect to Redis.
    rootRotationStatements string[]
    A list of database statements to be executed to rotate the root user's credentials.
    tls boolean
    Specifies whether to use TLS when connecting to Redis.
    verifyConnection boolean
    Whether the connection should be verified on initial configuration or not.
    host str
    Specifies the host to connect to
    name str
    Name of the database connection.
    password str
    Specifies the password corresponding to the given username.
    username str
    Specifies the username for Vault to use.
    allowed_roles Sequence[str]
    A list of roles that are allowed to use this connection.
    ca_cert str
    The contents of a PEM-encoded CA cert file to use to verify the Redis server's identity.
    data Mapping[str, str]

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    insecure_tls bool
    Specifies whether to skip verification of the server certificate when using TLS.
    plugin_name str
    Specifies the name of the plugin to use.
    port int
    The transport port to use to connect to Redis.
    root_rotation_statements Sequence[str]
    A list of database statements to be executed to rotate the root user's credentials.
    tls bool
    Specifies whether to use TLS when connecting to Redis.
    verify_connection bool
    Whether the connection should be verified on initial configuration or not.
    host String
    Specifies the host to connect to
    name String
    Name of the database connection.
    password String
    Specifies the password corresponding to the given username.
    username String
    Specifies the username for Vault to use.
    allowedRoles List<String>
    A list of roles that are allowed to use this connection.
    caCert String
    The contents of a PEM-encoded CA cert file to use to verify the Redis server's identity.
    data Map<String>

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    insecureTls Boolean
    Specifies whether to skip verification of the server certificate when using TLS.
    pluginName String
    Specifies the name of the plugin to use.
    port Number
    The transport port to use to connect to Redis.
    rootRotationStatements List<String>
    A list of database statements to be executed to rotate the root user's credentials.
    tls Boolean
    Specifies whether to use TLS when connecting to Redis.
    verifyConnection Boolean
    Whether the connection should be verified on initial configuration or not.

    SecretsMountRedisElasticach, SecretsMountRedisElasticachArgs

    Name string
    Name of the database connection.
    Url string
    The configuration endpoint for the ElastiCache cluster to connect to.
    AllowedRoles List<string>
    A list of roles that are allowed to use this connection.
    Data Dictionary<string, string>

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    Password string
    The AWS secret key id to use to talk to ElastiCache. If omitted the credentials chain provider is used instead.
    PluginName string
    Specifies the name of the plugin to use.
    Region string
    The AWS region where the ElastiCache cluster is hosted. If omitted the plugin tries to infer the region from the environment.
    RootRotationStatements List<string>
    A list of database statements to be executed to rotate the root user's credentials.
    Username string
    The AWS access key id to use to talk to ElastiCache. If omitted the credentials chain provider is used instead.
    VerifyConnection bool
    Whether the connection should be verified on initial configuration or not.
    Name string
    Name of the database connection.
    Url string
    The configuration endpoint for the ElastiCache cluster to connect to.
    AllowedRoles []string
    A list of roles that are allowed to use this connection.
    Data map[string]string

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    Password string
    The AWS secret key id to use to talk to ElastiCache. If omitted the credentials chain provider is used instead.
    PluginName string
    Specifies the name of the plugin to use.
    Region string
    The AWS region where the ElastiCache cluster is hosted. If omitted the plugin tries to infer the region from the environment.
    RootRotationStatements []string
    A list of database statements to be executed to rotate the root user's credentials.
    Username string
    The AWS access key id to use to talk to ElastiCache. If omitted the credentials chain provider is used instead.
    VerifyConnection bool
    Whether the connection should be verified on initial configuration or not.
    name String
    Name of the database connection.
    url String
    The configuration endpoint for the ElastiCache cluster to connect to.
    allowedRoles List<String>
    A list of roles that are allowed to use this connection.
    data Map<String,String>

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    password String
    The AWS secret key id to use to talk to ElastiCache. If omitted the credentials chain provider is used instead.
    pluginName String
    Specifies the name of the plugin to use.
    region String
    The AWS region where the ElastiCache cluster is hosted. If omitted the plugin tries to infer the region from the environment.
    rootRotationStatements List<String>
    A list of database statements to be executed to rotate the root user's credentials.
    username String
    The AWS access key id to use to talk to ElastiCache. If omitted the credentials chain provider is used instead.
    verifyConnection Boolean
    Whether the connection should be verified on initial configuration or not.
    name string
    Name of the database connection.
    url string
    The configuration endpoint for the ElastiCache cluster to connect to.
    allowedRoles string[]
    A list of roles that are allowed to use this connection.
    data {[key: string]: string}

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    password string
    The AWS secret key id to use to talk to ElastiCache. If omitted the credentials chain provider is used instead.
    pluginName string
    Specifies the name of the plugin to use.
    region string
    The AWS region where the ElastiCache cluster is hosted. If omitted the plugin tries to infer the region from the environment.
    rootRotationStatements string[]
    A list of database statements to be executed to rotate the root user's credentials.
    username string
    The AWS access key id to use to talk to ElastiCache. If omitted the credentials chain provider is used instead.
    verifyConnection boolean
    Whether the connection should be verified on initial configuration or not.
    name str
    Name of the database connection.
    url str
    The configuration endpoint for the ElastiCache cluster to connect to.
    allowed_roles Sequence[str]
    A list of roles that are allowed to use this connection.
    data Mapping[str, str]

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    password str
    The AWS secret key id to use to talk to ElastiCache. If omitted the credentials chain provider is used instead.
    plugin_name str
    Specifies the name of the plugin to use.
    region str
    The AWS region where the ElastiCache cluster is hosted. If omitted the plugin tries to infer the region from the environment.
    root_rotation_statements Sequence[str]
    A list of database statements to be executed to rotate the root user's credentials.
    username str
    The AWS access key id to use to talk to ElastiCache. If omitted the credentials chain provider is used instead.
    verify_connection bool
    Whether the connection should be verified on initial configuration or not.
    name String
    Name of the database connection.
    url String
    The configuration endpoint for the ElastiCache cluster to connect to.
    allowedRoles List<String>
    A list of roles that are allowed to use this connection.
    data Map<String>

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    password String
    The AWS secret key id to use to talk to ElastiCache. If omitted the credentials chain provider is used instead.
    pluginName String
    Specifies the name of the plugin to use.
    region String
    The AWS region where the ElastiCache cluster is hosted. If omitted the plugin tries to infer the region from the environment.
    rootRotationStatements List<String>
    A list of database statements to be executed to rotate the root user's credentials.
    username String
    The AWS access key id to use to talk to ElastiCache. If omitted the credentials chain provider is used instead.
    verifyConnection Boolean
    Whether the connection should be verified on initial configuration or not.

    SecretsMountRedshift, SecretsMountRedshiftArgs

    Name string
    Name of the database connection.
    AllowedRoles List<string>
    A list of roles that are allowed to use this connection.
    ConnectionUrl string
    Connection string to use to connect to the database.
    Data Dictionary<string, string>

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    DisableEscaping bool
    Disable special character escaping in username and password
    MaxConnectionLifetime int
    Maximum number of seconds a connection may be reused.
    MaxIdleConnections int
    Maximum number of idle connections to the database.
    MaxOpenConnections int
    Maximum number of open connections to the database.
    Password string
    The root credential password used in the connection URL
    PluginName string
    Specifies the name of the plugin to use.
    RootRotationStatements List<string>
    A list of database statements to be executed to rotate the root user's credentials.
    Username string
    The root credential username used in the connection URL
    UsernameTemplate string
    Username generation template.
    VerifyConnection bool
    Whether the connection should be verified on initial configuration or not.
    Name string
    Name of the database connection.
    AllowedRoles []string
    A list of roles that are allowed to use this connection.
    ConnectionUrl string
    Connection string to use to connect to the database.
    Data map[string]string

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    DisableEscaping bool
    Disable special character escaping in username and password
    MaxConnectionLifetime int
    Maximum number of seconds a connection may be reused.
    MaxIdleConnections int
    Maximum number of idle connections to the database.
    MaxOpenConnections int
    Maximum number of open connections to the database.
    Password string
    The root credential password used in the connection URL
    PluginName string
    Specifies the name of the plugin to use.
    RootRotationStatements []string
    A list of database statements to be executed to rotate the root user's credentials.
    Username string
    The root credential username used in the connection URL
    UsernameTemplate string
    Username generation template.
    VerifyConnection bool
    Whether the connection should be verified on initial configuration or not.
    name String
    Name of the database connection.
    allowedRoles List<String>
    A list of roles that are allowed to use this connection.
    connectionUrl String
    Connection string to use to connect to the database.
    data Map<String,String>

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    disableEscaping Boolean
    Disable special character escaping in username and password
    maxConnectionLifetime Integer
    Maximum number of seconds a connection may be reused.
    maxIdleConnections Integer
    Maximum number of idle connections to the database.
    maxOpenConnections Integer
    Maximum number of open connections to the database.
    password String
    The root credential password used in the connection URL
    pluginName String
    Specifies the name of the plugin to use.
    rootRotationStatements List<String>
    A list of database statements to be executed to rotate the root user's credentials.
    username String
    The root credential username used in the connection URL
    usernameTemplate String
    Username generation template.
    verifyConnection Boolean
    Whether the connection should be verified on initial configuration or not.
    name string
    Name of the database connection.
    allowedRoles string[]
    A list of roles that are allowed to use this connection.
    connectionUrl string
    Connection string to use to connect to the database.
    data {[key: string]: string}

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    disableEscaping boolean
    Disable special character escaping in username and password
    maxConnectionLifetime number
    Maximum number of seconds a connection may be reused.
    maxIdleConnections number
    Maximum number of idle connections to the database.
    maxOpenConnections number
    Maximum number of open connections to the database.
    password string
    The root credential password used in the connection URL
    pluginName string
    Specifies the name of the plugin to use.
    rootRotationStatements string[]
    A list of database statements to be executed to rotate the root user's credentials.
    username string
    The root credential username used in the connection URL
    usernameTemplate string
    Username generation template.
    verifyConnection boolean
    Whether the connection should be verified on initial configuration or not.
    name str
    Name of the database connection.
    allowed_roles Sequence[str]
    A list of roles that are allowed to use this connection.
    connection_url str
    Connection string to use to connect to the database.
    data Mapping[str, str]

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    disable_escaping bool
    Disable special character escaping in username and password
    max_connection_lifetime int
    Maximum number of seconds a connection may be reused.
    max_idle_connections int
    Maximum number of idle connections to the database.
    max_open_connections int
    Maximum number of open connections to the database.
    password str
    The root credential password used in the connection URL
    plugin_name str
    Specifies the name of the plugin to use.
    root_rotation_statements Sequence[str]
    A list of database statements to be executed to rotate the root user's credentials.
    username str
    The root credential username used in the connection URL
    username_template str
    Username generation template.
    verify_connection bool
    Whether the connection should be verified on initial configuration or not.
    name String
    Name of the database connection.
    allowedRoles List<String>
    A list of roles that are allowed to use this connection.
    connectionUrl String
    Connection string to use to connect to the database.
    data Map<String>

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    disableEscaping Boolean
    Disable special character escaping in username and password
    maxConnectionLifetime Number
    Maximum number of seconds a connection may be reused.
    maxIdleConnections Number
    Maximum number of idle connections to the database.
    maxOpenConnections Number
    Maximum number of open connections to the database.
    password String
    The root credential password used in the connection URL
    pluginName String
    Specifies the name of the plugin to use.
    rootRotationStatements List<String>
    A list of database statements to be executed to rotate the root user's credentials.
    username String
    The root credential username used in the connection URL
    usernameTemplate String
    Username generation template.
    verifyConnection Boolean
    Whether the connection should be verified on initial configuration or not.

    SecretsMountSnowflake, SecretsMountSnowflakeArgs

    Name string
    Name of the database connection.
    AllowedRoles List<string>
    A list of roles that are allowed to use this connection.
    ConnectionUrl string
    Connection string to use to connect to the database.
    Data Dictionary<string, string>

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    MaxConnectionLifetime int
    Maximum number of seconds a connection may be reused.
    MaxIdleConnections int
    Maximum number of idle connections to the database.
    MaxOpenConnections int
    Maximum number of open connections to the database.
    Password string
    The root credential password used in the connection URL
    PluginName string
    Specifies the name of the plugin to use.
    RootRotationStatements List<string>
    A list of database statements to be executed to rotate the root user's credentials.
    Username string
    The root credential username used in the connection URL
    UsernameTemplate string
    Username generation template.
    VerifyConnection bool
    Whether the connection should be verified on initial configuration or not.
    Name string
    Name of the database connection.
    AllowedRoles []string
    A list of roles that are allowed to use this connection.
    ConnectionUrl string
    Connection string to use to connect to the database.
    Data map[string]string

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    MaxConnectionLifetime int
    Maximum number of seconds a connection may be reused.
    MaxIdleConnections int
    Maximum number of idle connections to the database.
    MaxOpenConnections int
    Maximum number of open connections to the database.
    Password string
    The root credential password used in the connection URL
    PluginName string
    Specifies the name of the plugin to use.
    RootRotationStatements []string
    A list of database statements to be executed to rotate the root user's credentials.
    Username string
    The root credential username used in the connection URL
    UsernameTemplate string
    Username generation template.
    VerifyConnection bool
    Whether the connection should be verified on initial configuration or not.
    name String
    Name of the database connection.
    allowedRoles List<String>
    A list of roles that are allowed to use this connection.
    connectionUrl String
    Connection string to use to connect to the database.
    data Map<String,String>

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    maxConnectionLifetime Integer
    Maximum number of seconds a connection may be reused.
    maxIdleConnections Integer
    Maximum number of idle connections to the database.
    maxOpenConnections Integer
    Maximum number of open connections to the database.
    password String
    The root credential password used in the connection URL
    pluginName String
    Specifies the name of the plugin to use.
    rootRotationStatements List<String>
    A list of database statements to be executed to rotate the root user's credentials.
    username String
    The root credential username used in the connection URL
    usernameTemplate String
    Username generation template.
    verifyConnection Boolean
    Whether the connection should be verified on initial configuration or not.
    name string
    Name of the database connection.
    allowedRoles string[]
    A list of roles that are allowed to use this connection.
    connectionUrl string
    Connection string to use to connect to the database.
    data {[key: string]: string}

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    maxConnectionLifetime number
    Maximum number of seconds a connection may be reused.
    maxIdleConnections number
    Maximum number of idle connections to the database.
    maxOpenConnections number
    Maximum number of open connections to the database.
    password string
    The root credential password used in the connection URL
    pluginName string
    Specifies the name of the plugin to use.
    rootRotationStatements string[]
    A list of database statements to be executed to rotate the root user's credentials.
    username string
    The root credential username used in the connection URL
    usernameTemplate string
    Username generation template.
    verifyConnection boolean
    Whether the connection should be verified on initial configuration or not.
    name str
    Name of the database connection.
    allowed_roles Sequence[str]
    A list of roles that are allowed to use this connection.
    connection_url str
    Connection string to use to connect to the database.
    data Mapping[str, str]

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    max_connection_lifetime int
    Maximum number of seconds a connection may be reused.
    max_idle_connections int
    Maximum number of idle connections to the database.
    max_open_connections int
    Maximum number of open connections to the database.
    password str
    The root credential password used in the connection URL
    plugin_name str
    Specifies the name of the plugin to use.
    root_rotation_statements Sequence[str]
    A list of database statements to be executed to rotate the root user's credentials.
    username str
    The root credential username used in the connection URL
    username_template str
    Username generation template.
    verify_connection bool
    Whether the connection should be verified on initial configuration or not.
    name String
    Name of the database connection.
    allowedRoles List<String>
    A list of roles that are allowed to use this connection.
    connectionUrl String
    Connection string to use to connect to the database.
    data Map<String>

    A map of sensitive data to pass to the endpoint. Useful for templated connection strings.

    Supported list of database secrets engines that can be configured:

    maxConnectionLifetime Number
    Maximum number of seconds a connection may be reused.
    maxIdleConnections Number
    Maximum number of idle connections to the database.
    maxOpenConnections Number
    Maximum number of open connections to the database.
    password String
    The root credential password used in the connection URL
    pluginName String
    Specifies the name of the plugin to use.
    rootRotationStatements List<String>
    A list of database statements to be executed to rotate the root user's credentials.
    username String
    The root credential username used in the connection URL
    usernameTemplate String
    Username generation template.
    verifyConnection Boolean
    Whether the connection should be verified on initial configuration or not.

    Import

    Database secret backend connections can be imported using the path e.g.

    $ pulumi import vault:database/secretsMount:SecretsMount db db
    

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    Vault pulumi/pulumi-vault
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the vault Terraform Provider.
    vault logo
    HashiCorp Vault v6.4.0 published on Wednesday, Nov 20, 2024 by Pulumi