Token
data class TokenArgs(val displayName: Output<String>? = null, val explicitMaxTtl: Output<String>? = null, val metadata: Output<Map<String, String>>? = null, val namespace: Output<String>? = null, val noDefaultPolicy: Output<Boolean>? = null, val noParent: Output<Boolean>? = null, val numUses: Output<Int>? = null, val period: Output<String>? = null, val policies: Output<List<String>>? = null, val renewIncrement: Output<Int>? = null, val renewMinLease: Output<Int>? = null, val renewable: Output<Boolean>? = null, val roleName: Output<String>? = null, val ttl: Output<String>? = null, val wrappingTtl: Output<String>? = null) : ConvertibleToJava<TokenArgs>
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as vault from "@pulumi/vault";
const example = new vault.Token("example", {
roleName: "app",
policies: [
"policy1",
"policy2",
],
renewable: true,
ttl: "24h",
renewMinLease: 43200,
renewIncrement: 86400,
metadata: {
purpose: "service-account",
},
});Content copied to clipboard
import pulumi
import pulumi_vault as vault
example = vault.Token("example",
role_name="app",
policies=[
"policy1",
"policy2",
],
renewable=True,
ttl="24h",
renew_min_lease=43200,
renew_increment=86400,
metadata={
"purpose": "service-account",
})Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Vault = Pulumi.Vault;
return await Deployment.RunAsync(() =>
{
var example = new Vault.Token("example", new()
{
RoleName = "app",
Policies = new[]
{
"policy1",
"policy2",
},
Renewable = true,
Ttl = "24h",
RenewMinLease = 43200,
RenewIncrement = 86400,
Metadata =
{
{ "purpose", "service-account" },
},
});
});Content copied to clipboard
package main
import (
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := vault.NewToken(ctx, "example", &vault.TokenArgs{
RoleName: pulumi.String("app"),
Policies: pulumi.StringArray{
pulumi.String("policy1"),
pulumi.String("policy2"),
},
Renewable: pulumi.Bool(true),
Ttl: pulumi.String("24h"),
RenewMinLease: pulumi.Int(43200),
RenewIncrement: pulumi.Int(86400),
Metadata: pulumi.StringMap{
"purpose": pulumi.String("service-account"),
},
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.vault.Token;
import com.pulumi.vault.TokenArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new Token("example", TokenArgs.builder()
.roleName("app")
.policies(
"policy1",
"policy2")
.renewable(true)
.ttl("24h")
.renewMinLease(43200)
.renewIncrement(86400)
.metadata(Map.of("purpose", "service-account"))
.build());
}
}Content copied to clipboard
resources:
example:
type: vault:Token
properties:
roleName: app
policies:
- policy1
- policy2
renewable: true
ttl: 24h
renewMinLease: 43200
renewIncrement: 86400
metadata:
purpose: service-accountContent copied to clipboard
Import
Tokens can be imported using its id as accessor id, e.g.
$ pulumi import vault:index/token:Token example <accessor_id>Content copied to clipboard
Constructors
Link copied to clipboard
constructor(displayName: Output<String>? = null, explicitMaxTtl: Output<String>? = null, metadata: Output<Map<String, String>>? = null, namespace: Output<String>? = null, noDefaultPolicy: Output<Boolean>? = null, noParent: Output<Boolean>? = null, numUses: Output<Int>? = null, period: Output<String>? = null, policies: Output<List<String>>? = null, renewIncrement: Output<Int>? = null, renewMinLease: Output<Int>? = null, renewable: Output<Boolean>? = null, roleName: Output<String>? = null, ttl: Output<String>? = null, wrappingTtl: Output<String>? = null)
Properties
Link copied to clipboard
String containing the token display name
Link copied to clipboard
The explicit max TTL of this token. This is specified as a numeric string with suffix like "30s" ro "5m"
Link copied to clipboard
Flag to not attach the default policy to this token
Link copied to clipboard
The renew increment. This is specified in seconds
Link copied to clipboard
The minimal lease to renew this token
Link copied to clipboard
The TTL period of the wrapped token.