pulumi-vault-kotlin/com.pulumi.vault.tokenauth.kotlin/AuthBackendRole

AuthBackendRole

class AuthBackendRole : KotlinCustomResource

Manages Token auth backend role in a Vault server. See the [Vault

documentation](https://www.vaultproject.io/docs/auth/token.html) for more information.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as vault from "@pulumi/vault";
const example = new vault.tokenauth.AuthBackendRole("example", {
    roleName: "my-role",
    allowedPolicies: [
        "dev",
        "test",
    ],
    disallowedPolicies: ["default"],
    allowedEntityAliases: ["test_entity"],
    orphan: true,
    tokenPeriod: 86400,
    renewable: true,
    tokenExplicitMaxTtl: 115200,
    pathSuffix: "path-suffix",
});

import pulumi
import pulumi_vault as vault
example = vault.tokenauth.AuthBackendRole("example",
    role_name="my-role",
    allowed_policies=[
        "dev",
        "test",
    ],
    disallowed_policies=["default"],
    allowed_entity_aliases=["test_entity"],
    orphan=True,
    token_period=86400,
    renewable=True,
    token_explicit_max_ttl=115200,
    path_suffix="path-suffix")

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Vault = Pulumi.Vault;
return await Deployment.RunAsync(() =>
{
    var example = new Vault.TokenAuth.AuthBackendRole("example", new()
    {
        RoleName = "my-role",
        AllowedPolicies = new[]
        {
            "dev",
            "test",
        },
        DisallowedPolicies = new[]
        {
            "default",
        },
        AllowedEntityAliases = new[]
        {
            "test_entity",
        },
        Orphan = true,
        TokenPeriod = 86400,
        Renewable = true,
        TokenExplicitMaxTtl = 115200,
        PathSuffix = "path-suffix",
    });
});

package main
import (
	"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/tokenauth"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := tokenauth.NewAuthBackendRole(ctx, "example", &tokenauth.AuthBackendRoleArgs{
			RoleName: pulumi.String("my-role"),
			AllowedPolicies: pulumi.StringArray{
				pulumi.String("dev"),
				pulumi.String("test"),
			},
			DisallowedPolicies: pulumi.StringArray{
				pulumi.String("default"),
			},
			AllowedEntityAliases: pulumi.StringArray{
				pulumi.String("test_entity"),
			},
			Orphan:              pulumi.Bool(true),
			TokenPeriod:         pulumi.Int(86400),
			Renewable:           pulumi.Bool(true),
			TokenExplicitMaxTtl: pulumi.Int(115200),
			PathSuffix:          pulumi.String("path-suffix"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.vault.tokenauth.AuthBackendRole;
import com.pulumi.vault.tokenauth.AuthBackendRoleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var example = new AuthBackendRole("example", AuthBackendRoleArgs.builder()
            .roleName("my-role")
            .allowedPolicies(
                "dev",
                "test")
            .disallowedPolicies("default")
            .allowedEntityAliases("test_entity")
            .orphan(true)
            .tokenPeriod("86400")
            .renewable(true)
            .tokenExplicitMaxTtl("115200")
            .pathSuffix("path-suffix")
            .build());
    }
}

resources:
  example:
    type: vault:tokenauth:AuthBackendRole
    properties:
      roleName: my-role
      allowedPolicies:
        - dev
        - test
      disallowedPolicies:
        - default
      allowedEntityAliases:
        - test_entity
      orphan: true
      tokenPeriod: '86400'
      renewable: true
      tokenExplicitMaxTtl: '115200'
      pathSuffix: path-suffix

Import

Token auth backend roles can be imported with auth/token/roles/ followed by the role_name, e.g.

$ pulumi import vault:tokenauth/authBackendRole:AuthBackendRole example auth/token/roles/my-role

Properties

allowedEntityAliases

val allowedEntityAliases: Output<List<String>>?

List of allowed entity aliases.

allowedPolicies

val allowedPolicies: Output<List<String>>?

List of allowed policies for given role.

allowedPoliciesGlobs

val allowedPoliciesGlobs: Output<List<String>>?

Set of allowed policies with glob match for given role.

disallowedPolicies

val disallowedPolicies: Output<List<String>>?

List of disallowed policies for given role.

disallowedPoliciesGlobs

val disallowedPoliciesGlobs: Output<List<String>>?

Set of disallowed policies with glob match for given role.

val id: Output<String>

namespace

val namespace: Output<String>?

The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.

orphan

val orphan: Output<Boolean>?

If true, tokens created against this policy will be orphan tokens.

pathSuffix

val pathSuffix: Output<String>?

Tokens created against this role will have the given suffix as part of their path in addition to the role name.

pulumiChildResources

val pulumiChildResources: Set<KotlinResource>

pulumiResourceName

val pulumiResourceName: String

pulumiResourceType

val pulumiResourceType: String