Auth
data class AuthBackendRoleTagArgs(val allowInstanceMigration: Output<Boolean>? = null, val backend: Output<String>? = null, val disallowReauthentication: Output<Boolean>? = null, val instanceId: Output<String>? = null, val maxTtl: Output<String>? = null, val namespace: Output<String>? = null, val policies: Output<List<String>>? = null, val role: Output<String>? = null) : ConvertibleToJava<AuthBackendRoleTagArgs>
Reads role tag information from an AWS auth backend in Vault.
Example Usage
resources:
aws:
type: vault:AuthBackend
properties:
path: '%s'
type: aws
role:
type: vault:aws:AuthBackendRole
properties:
backend: ${aws.path}
role: '%s'
authType: ec2
boundAccountId: '123456789012'
policies:
- dev
- prod
- qa
- test
roleTag: VaultRoleTag
test:
type: vault:aws:AuthBackendRoleTag
properties:
backend: ${aws.path}
role: ${role.role}
policies:
- prod
- dev
- test
maxTtl: 1h
instanceId: i-1234567Content copied to clipboard
Constructors
Link copied to clipboard
constructor(allowInstanceMigration: Output<Boolean>? = null, backend: Output<String>? = null, disallowReauthentication: Output<Boolean>? = null, instanceId: Output<String>? = null, maxTtl: Output<String>? = null, namespace: Output<String>? = null, policies: Output<List<String>>? = null, role: Output<String>? = null)
Properties
Link copied to clipboard
If set, allows migration of the underlying instances where the client resides. Use with caution.
Link copied to clipboard
If set, only allows a single token to be granted per instance ID.
Link copied to clipboard
Instance ID for which this tag is intended for. If set, the created tag can only be used by the instance with the given ID.