pulumi-vault-kotlin/com.pulumi.vault.aws.kotlin/AuthBackendRoleTag

AuthBackendRoleTag

class AuthBackendRoleTag : KotlinCustomResource

Reads role tag information from an AWS auth backend in Vault.

Example Usage

resources:
  aws:
    type: vault:AuthBackend
    properties:
      path: '%s'
      type: aws
  role:
    type: vault:aws:AuthBackendRole
    properties:
      backend: ${aws.path}
      role: '%s'
      authType: ec2
      boundAccountId: '123456789012'
      policies:
        - dev
        - prod
        - qa
        - test
      roleTag: VaultRoleTag
  test:
    type: vault:aws:AuthBackendRoleTag
    properties:
      backend: ${aws.path}
      role: ${role.role}
      policies:
        - prod
        - dev
        - test
      maxTtl: 1h
      instanceId: i-1234567

Properties

allowInstanceMigration

val allowInstanceMigration: Output<Boolean>?

If set, allows migration of the underlying instances where the client resides. Use with caution.

backend

val backend: Output<String>?

The path to the AWS auth backend to read role tags from, with no leading or trailing /s. Defaults to "aws".

disallowReauthentication

val disallowReauthentication: Output<Boolean>?

If set, only allows a single token to be granted per instance ID.

val id: Output<String>

instanceId

val instanceId: Output<String>?

Instance ID for which this tag is intended for. If set, the created tag can only be used by the instance with the given ID.

maxTtl

val maxTtl: Output<String>?

The maximum TTL of the tokens issued using this role.

namespace

val namespace: Output<String>?

The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.

policies