Represents a {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/cert_auth_backend_role vault_cert_auth_backend_role}.
import { certAuthBackendRole } from '@cdktf/provider-vault'
new certAuthBackendRole.CertAuthBackendRole(scope: Construct, id: string, config: CertAuthBackendRoleConfig)
Name | Type | Description |
---|---|---|
scope |
constructs.Construct |
The scope in which to define this construct. |
id |
string |
The scoped construct ID. |
config |
CertAuthBackendRoleConfig |
No description. |
- Type: constructs.Construct
The scope in which to define this construct.
- Type: string
The scoped construct ID.
Must be unique amongst siblings in the same scope
Name | Description |
---|---|
toString |
Returns a string representation of this construct. |
addOverride |
No description. |
overrideLogicalId |
Overrides the auto-generated logical ID with a specific ID. |
resetOverrideLogicalId |
Resets a previously passed logical Id to use the auto-generated logical id again. |
toHclTerraform |
No description. |
toMetadata |
No description. |
toTerraform |
Adds this resource to the terraform JSON output. |
addMoveTarget |
Adds a user defined moveTarget string to this resource to be later used in .moveTo(moveTarget) to resolve the location of the move. |
getAnyMapAttribute |
No description. |
getBooleanAttribute |
No description. |
getBooleanMapAttribute |
No description. |
getListAttribute |
No description. |
getNumberAttribute |
No description. |
getNumberListAttribute |
No description. |
getNumberMapAttribute |
No description. |
getStringAttribute |
No description. |
getStringMapAttribute |
No description. |
hasResourceMove |
No description. |
importFrom |
No description. |
interpolationForAttribute |
No description. |
moveFromId |
Move the resource corresponding to "id" to this resource. |
moveTo |
Moves this resource to the target resource given by moveTarget. |
moveToId |
Moves this resource to the resource corresponding to "id". |
resetAllowedCommonNames |
No description. |
resetAllowedDnsSans |
No description. |
resetAllowedEmailSans |
No description. |
resetAllowedNames |
No description. |
resetAllowedOrganizationalUnits |
No description. |
resetAllowedUriSans |
No description. |
resetBackend |
No description. |
resetDisplayName |
No description. |
resetId |
No description. |
resetNamespace |
No description. |
resetOcspCaCertificates |
No description. |
resetOcspEnabled |
No description. |
resetOcspFailOpen |
No description. |
resetOcspQueryAllServers |
No description. |
resetOcspServersOverride |
No description. |
resetRequiredExtensions |
No description. |
resetTokenBoundCidrs |
No description. |
resetTokenExplicitMaxTtl |
No description. |
resetTokenMaxTtl |
No description. |
resetTokenNoDefaultPolicy |
No description. |
resetTokenNumUses |
No description. |
resetTokenPeriod |
No description. |
resetTokenPolicies |
No description. |
resetTokenTtl |
No description. |
resetTokenType |
No description. |
public toString(): string
Returns a string representation of this construct.
public addOverride(path: string, value: any): void
- Type: string
- Type: any
public overrideLogicalId(newLogicalId: string): void
Overrides the auto-generated logical ID with a specific ID.
- Type: string
The new logical ID to use for this stack element.
public resetOverrideLogicalId(): void
Resets a previously passed logical Id to use the auto-generated logical id again.
public toHclTerraform(): any
public toMetadata(): any
public toTerraform(): any
Adds this resource to the terraform JSON output.
public addMoveTarget(moveTarget: string): void
Adds a user defined moveTarget string to this resource to be later used in .moveTo(moveTarget) to resolve the location of the move.
- Type: string
The string move target that will correspond to this resource.
public getAnyMapAttribute(terraformAttribute: string): {[ key: string ]: any}
- Type: string
public getBooleanAttribute(terraformAttribute: string): IResolvable
- Type: string
public getBooleanMapAttribute(terraformAttribute: string): {[ key: string ]: boolean}
- Type: string
public getListAttribute(terraformAttribute: string): string[]
- Type: string
public getNumberAttribute(terraformAttribute: string): number
- Type: string
public getNumberListAttribute(terraformAttribute: string): number[]
- Type: string
public getNumberMapAttribute(terraformAttribute: string): {[ key: string ]: number}
- Type: string
public getStringAttribute(terraformAttribute: string): string
- Type: string
public getStringMapAttribute(terraformAttribute: string): {[ key: string ]: string}
- Type: string
public hasResourceMove(): TerraformResourceMoveByTarget | TerraformResourceMoveById
public importFrom(id: string, provider?: TerraformProvider): void
- Type: string
- Type: cdktf.TerraformProvider
public interpolationForAttribute(terraformAttribute: string): IResolvable
- Type: string
public moveFromId(id: string): void
Move the resource corresponding to "id" to this resource.
Note that the resource being moved from must be marked as moved using it's instance function.
- Type: string
Full id of resource being moved from, e.g. "aws_s3_bucket.example".
public moveTo(moveTarget: string, index?: string | number): void
Moves this resource to the target resource given by moveTarget.
- Type: string
The previously set user defined string set by .addMoveTarget() corresponding to the resource to move to.
- Type: string | number
Optional The index corresponding to the key the resource is to appear in the foreach of a resource to move to.
public moveToId(id: string): void
Moves this resource to the resource corresponding to "id".
- Type: string
Full id of resource to move to, e.g. "aws_s3_bucket.example".
public resetAllowedCommonNames(): void
public resetAllowedDnsSans(): void
public resetAllowedEmailSans(): void
public resetAllowedNames(): void
public resetAllowedOrganizationalUnits(): void
public resetAllowedUriSans(): void
public resetBackend(): void
public resetDisplayName(): void
public resetId(): void
public resetNamespace(): void
public resetOcspCaCertificates(): void
public resetOcspEnabled(): void
public resetOcspFailOpen(): void
public resetOcspQueryAllServers(): void
public resetOcspServersOverride(): void
public resetRequiredExtensions(): void
public resetTokenBoundCidrs(): void
public resetTokenExplicitMaxTtl(): void
public resetTokenMaxTtl(): void
public resetTokenNoDefaultPolicy(): void
public resetTokenNumUses(): void
public resetTokenPeriod(): void
public resetTokenPolicies(): void
public resetTokenTtl(): void
public resetTokenType(): void
Name | Description |
---|---|
isConstruct |
Checks if x is a construct. |
isTerraformElement |
No description. |
isTerraformResource |
No description. |
generateConfigForImport |
Generates CDKTF code for importing a CertAuthBackendRole resource upon running "cdktf plan ". |
import { certAuthBackendRole } from '@cdktf/provider-vault'
certAuthBackendRole.CertAuthBackendRole.isConstruct(x: any)
Checks if x
is a construct.
Use this method instead of instanceof
to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs
library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct
in each copy of the constructs
library
is seen as a different class, and an instance of one class will not test as
instanceof
the other class. npm install
will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof
will behave
unpredictably. It is safest to avoid using instanceof
, and using
this type-testing method instead.
- Type: any
Any object.
import { certAuthBackendRole } from '@cdktf/provider-vault'
certAuthBackendRole.CertAuthBackendRole.isTerraformElement(x: any)
- Type: any
import { certAuthBackendRole } from '@cdktf/provider-vault'
certAuthBackendRole.CertAuthBackendRole.isTerraformResource(x: any)
- Type: any
import { certAuthBackendRole } from '@cdktf/provider-vault'
certAuthBackendRole.CertAuthBackendRole.generateConfigForImport(scope: Construct, importToId: string, importFromId: string, provider?: TerraformProvider)
Generates CDKTF code for importing a CertAuthBackendRole resource upon running "cdktf plan ".
- Type: constructs.Construct
The scope in which to define this construct.
- Type: string
The construct id used in the generated config for the CertAuthBackendRole to import.
- Type: string
The id of the existing CertAuthBackendRole that should be imported.
Refer to the {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/cert_auth_backend_role#import import section} in the documentation of this resource for the id to use
- Type: cdktf.TerraformProvider
? Optional instance of the provider where the CertAuthBackendRole to import is found.
Name | Type | Description |
---|---|---|
node |
constructs.Node |
The tree node. |
cdktfStack |
cdktf.TerraformStack |
No description. |
fqn |
string |
No description. |
friendlyUniqueId |
string |
No description. |
terraformMetaArguments |
{[ key: string ]: any} |
No description. |
terraformResourceType |
string |
No description. |
terraformGeneratorMetadata |
cdktf.TerraformProviderGeneratorMetadata |
No description. |
connection |
cdktf.SSHProvisionerConnection | cdktf.WinrmProvisionerConnection |
No description. |
count |
number | cdktf.TerraformCount |
No description. |
dependsOn |
string[] |
No description. |
forEach |
cdktf.ITerraformIterator |
No description. |
lifecycle |
cdktf.TerraformResourceLifecycle |
No description. |
provider |
cdktf.TerraformProvider |
No description. |
provisioners |
cdktf.FileProvisioner | cdktf.LocalExecProvisioner | cdktf.RemoteExecProvisioner[] |
No description. |
allowedCommonNamesInput |
string[] |
No description. |
allowedDnsSansInput |
string[] |
No description. |
allowedEmailSansInput |
string[] |
No description. |
allowedNamesInput |
string[] |
No description. |
allowedOrganizationalUnitsInput |
string[] |
No description. |
allowedUriSansInput |
string[] |
No description. |
backendInput |
string |
No description. |
certificateInput |
string |
No description. |
displayNameInput |
string |
No description. |
idInput |
string |
No description. |
nameInput |
string |
No description. |
namespaceInput |
string |
No description. |
ocspCaCertificatesInput |
string |
No description. |
ocspEnabledInput |
boolean | cdktf.IResolvable |
No description. |
ocspFailOpenInput |
boolean | cdktf.IResolvable |
No description. |
ocspQueryAllServersInput |
boolean | cdktf.IResolvable |
No description. |
ocspServersOverrideInput |
string[] |
No description. |
requiredExtensionsInput |
string[] |
No description. |
tokenBoundCidrsInput |
string[] |
No description. |
tokenExplicitMaxTtlInput |
number |
No description. |
tokenMaxTtlInput |
number |
No description. |
tokenNoDefaultPolicyInput |
boolean | cdktf.IResolvable |
No description. |
tokenNumUsesInput |
number |
No description. |
tokenPeriodInput |
number |
No description. |
tokenPoliciesInput |
string[] |
No description. |
tokenTtlInput |
number |
No description. |
tokenTypeInput |
string |
No description. |
allowedCommonNames |
string[] |
No description. |
allowedDnsSans |
string[] |
No description. |
allowedEmailSans |
string[] |
No description. |
allowedNames |
string[] |
No description. |
allowedOrganizationalUnits |
string[] |
No description. |
allowedUriSans |
string[] |
No description. |
backend |
string |
No description. |
certificate |
string |
No description. |
displayName |
string |
No description. |
id |
string |
No description. |
name |
string |
No description. |
namespace |
string |
No description. |
ocspCaCertificates |
string |
No description. |
ocspEnabled |
boolean | cdktf.IResolvable |
No description. |
ocspFailOpen |
boolean | cdktf.IResolvable |
No description. |
ocspQueryAllServers |
boolean | cdktf.IResolvable |
No description. |
ocspServersOverride |
string[] |
No description. |
requiredExtensions |
string[] |
No description. |
tokenBoundCidrs |
string[] |
No description. |
tokenExplicitMaxTtl |
number |
No description. |
tokenMaxTtl |
number |
No description. |
tokenNoDefaultPolicy |
boolean | cdktf.IResolvable |
No description. |
tokenNumUses |
number |
No description. |
tokenPeriod |
number |
No description. |
tokenPolicies |
string[] |
No description. |
tokenTtl |
number |
No description. |
tokenType |
string |
No description. |
public readonly node: Node;
- Type: constructs.Node
The tree node.
public readonly cdktfStack: TerraformStack;
- Type: cdktf.TerraformStack
public readonly fqn: string;
- Type: string
public readonly friendlyUniqueId: string;
- Type: string
public readonly terraformMetaArguments: {[ key: string ]: any};
- Type: {[ key: string ]: any}
public readonly terraformResourceType: string;
- Type: string
public readonly terraformGeneratorMetadata: TerraformProviderGeneratorMetadata;
- Type: cdktf.TerraformProviderGeneratorMetadata
public readonly connection: SSHProvisionerConnection | WinrmProvisionerConnection;
- Type: cdktf.SSHProvisionerConnection | cdktf.WinrmProvisionerConnection
public readonly count: number | TerraformCount;
- Type: number | cdktf.TerraformCount
public readonly dependsOn: string[];
- Type: string[]
public readonly forEach: ITerraformIterator;
- Type: cdktf.ITerraformIterator
public readonly lifecycle: TerraformResourceLifecycle;
- Type: cdktf.TerraformResourceLifecycle
public readonly provider: TerraformProvider;
- Type: cdktf.TerraformProvider
public readonly provisioners: FileProvisioner | LocalExecProvisioner | RemoteExecProvisioner[];
- Type: cdktf.FileProvisioner | cdktf.LocalExecProvisioner | cdktf.RemoteExecProvisioner[]
public readonly allowedCommonNamesInput: string[];
- Type: string[]
public readonly allowedDnsSansInput: string[];
- Type: string[]
public readonly allowedEmailSansInput: string[];
- Type: string[]
public readonly allowedNamesInput: string[];
- Type: string[]
public readonly allowedOrganizationalUnitsInput: string[];
- Type: string[]
public readonly allowedUriSansInput: string[];
- Type: string[]
public readonly backendInput: string;
- Type: string
public readonly certificateInput: string;
- Type: string
public readonly displayNameInput: string;
- Type: string
public readonly idInput: string;
- Type: string
public readonly nameInput: string;
- Type: string
public readonly namespaceInput: string;
- Type: string
public readonly ocspCaCertificatesInput: string;
- Type: string
public readonly ocspEnabledInput: boolean | IResolvable;
- Type: boolean | cdktf.IResolvable
public readonly ocspFailOpenInput: boolean | IResolvable;
- Type: boolean | cdktf.IResolvable
public readonly ocspQueryAllServersInput: boolean | IResolvable;
- Type: boolean | cdktf.IResolvable
public readonly ocspServersOverrideInput: string[];
- Type: string[]
public readonly requiredExtensionsInput: string[];
- Type: string[]
public readonly tokenBoundCidrsInput: string[];
- Type: string[]
public readonly tokenExplicitMaxTtlInput: number;
- Type: number
public readonly tokenMaxTtlInput: number;
- Type: number
public readonly tokenNoDefaultPolicyInput: boolean | IResolvable;
- Type: boolean | cdktf.IResolvable
public readonly tokenNumUsesInput: number;
- Type: number
public readonly tokenPeriodInput: number;
- Type: number
public readonly tokenPoliciesInput: string[];
- Type: string[]
public readonly tokenTtlInput: number;
- Type: number
public readonly tokenTypeInput: string;
- Type: string
public readonly allowedCommonNames: string[];
- Type: string[]
public readonly allowedDnsSans: string[];
- Type: string[]
public readonly allowedEmailSans: string[];
- Type: string[]
public readonly allowedNames: string[];
- Type: string[]
public readonly allowedOrganizationalUnits: string[];
- Type: string[]
public readonly allowedUriSans: string[];
- Type: string[]
public readonly backend: string;
- Type: string
public readonly certificate: string;
- Type: string
public readonly displayName: string;
- Type: string
public readonly id: string;
- Type: string
public readonly name: string;
- Type: string
public readonly namespace: string;
- Type: string
public readonly ocspCaCertificates: string;
- Type: string
public readonly ocspEnabled: boolean | IResolvable;
- Type: boolean | cdktf.IResolvable
public readonly ocspFailOpen: boolean | IResolvable;
- Type: boolean | cdktf.IResolvable
public readonly ocspQueryAllServers: boolean | IResolvable;
- Type: boolean | cdktf.IResolvable
public readonly ocspServersOverride: string[];
- Type: string[]
public readonly requiredExtensions: string[];
- Type: string[]
public readonly tokenBoundCidrs: string[];
- Type: string[]
public readonly tokenExplicitMaxTtl: number;
- Type: number
public readonly tokenMaxTtl: number;
- Type: number
public readonly tokenNoDefaultPolicy: boolean | IResolvable;
- Type: boolean | cdktf.IResolvable
public readonly tokenNumUses: number;
- Type: number
public readonly tokenPeriod: number;
- Type: number
public readonly tokenPolicies: string[];
- Type: string[]
public readonly tokenTtl: number;
- Type: number
public readonly tokenType: string;
- Type: string
Name | Type | Description |
---|---|---|
tfResourceType |
string |
No description. |
public readonly tfResourceType: string;
- Type: string
import { certAuthBackendRole } from '@cdktf/provider-vault'
const certAuthBackendRoleConfig: certAuthBackendRole.CertAuthBackendRoleConfig = { ... }
Name | Type | Description |
---|---|---|
connection |
cdktf.SSHProvisionerConnection | cdktf.WinrmProvisionerConnection |
No description. |
count |
number | cdktf.TerraformCount |
No description. |
dependsOn |
cdktf.ITerraformDependable[] |
No description. |
forEach |
cdktf.ITerraformIterator |
No description. |
lifecycle |
cdktf.TerraformResourceLifecycle |
No description. |
provider |
cdktf.TerraformProvider |
No description. |
provisioners |
cdktf.FileProvisioner | cdktf.LocalExecProvisioner | cdktf.RemoteExecProvisioner[] |
No description. |
certificate |
string |
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/cert_auth_backend_role#certificate CertAuthBackendRole#certificate}. |
name |
string |
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/cert_auth_backend_role#name CertAuthBackendRole#name}. |
allowedCommonNames |
string[] |
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/cert_auth_backend_role#allowed_common_names CertAuthBackendRole#allowed_common_names}. |
allowedDnsSans |
string[] |
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/cert_auth_backend_role#allowed_dns_sans CertAuthBackendRole#allowed_dns_sans}. |
allowedEmailSans |
string[] |
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/cert_auth_backend_role#allowed_email_sans CertAuthBackendRole#allowed_email_sans}. |
allowedNames |
string[] |
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/cert_auth_backend_role#allowed_names CertAuthBackendRole#allowed_names}. |
allowedOrganizationalUnits |
string[] |
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/cert_auth_backend_role#allowed_organizational_units CertAuthBackendRole#allowed_organizational_units}. |
allowedUriSans |
string[] |
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/cert_auth_backend_role#allowed_uri_sans CertAuthBackendRole#allowed_uri_sans}. |
backend |
string |
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/cert_auth_backend_role#backend CertAuthBackendRole#backend}. |
displayName |
string |
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/cert_auth_backend_role#display_name CertAuthBackendRole#display_name}. |
id |
string |
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/cert_auth_backend_role#id CertAuthBackendRole#id}. |
namespace |
string |
Target namespace. (requires Enterprise). |
ocspCaCertificates |
string |
Any additional CA certificates needed to verify OCSP responses. Provided as base64 encoded PEM data. |
ocspEnabled |
boolean | cdktf.IResolvable |
If enabled, validate certificates' revocation status using OCSP. |
ocspFailOpen |
boolean | cdktf.IResolvable |
If true and an OCSP response cannot be fetched or is of an unknown status, the login will proceed as if the certificate has not been revoked. |
ocspQueryAllServers |
boolean | cdktf.IResolvable |
If set to true, rather than accepting the first successful OCSP response, query all servers and consider the certificate valid only if all servers agree. |
ocspServersOverride |
string[] |
A comma-separated list of OCSP server addresses. |
requiredExtensions |
string[] |
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/cert_auth_backend_role#required_extensions CertAuthBackendRole#required_extensions}. |
tokenBoundCidrs |
string[] |
Specifies the blocks of IP addresses which are allowed to use the generated token. |
tokenExplicitMaxTtl |
number |
Generated Token's Explicit Maximum TTL in seconds. |
tokenMaxTtl |
number |
The maximum lifetime of the generated token. |
tokenNoDefaultPolicy |
boolean | cdktf.IResolvable |
If true, the 'default' policy will not automatically be added to generated tokens. |
tokenNumUses |
number |
The maximum number of times a token may be used, a value of zero means unlimited. |
tokenPeriod |
number |
Generated Token's Period. |
tokenPolicies |
string[] |
Generated Token's Policies. |
tokenTtl |
number |
The initial ttl of the token to generate in seconds. |
tokenType |
string |
The type of token to generate, service or batch. |
public readonly connection: SSHProvisionerConnection | WinrmProvisionerConnection;
- Type: cdktf.SSHProvisionerConnection | cdktf.WinrmProvisionerConnection
public readonly count: number | TerraformCount;
- Type: number | cdktf.TerraformCount
public readonly dependsOn: ITerraformDependable[];
- Type: cdktf.ITerraformDependable[]
public readonly forEach: ITerraformIterator;
- Type: cdktf.ITerraformIterator
public readonly lifecycle: TerraformResourceLifecycle;
- Type: cdktf.TerraformResourceLifecycle
public readonly provider: TerraformProvider;
- Type: cdktf.TerraformProvider
public readonly provisioners: FileProvisioner | LocalExecProvisioner | RemoteExecProvisioner[];
- Type: cdktf.FileProvisioner | cdktf.LocalExecProvisioner | cdktf.RemoteExecProvisioner[]
public readonly certificate: string;
- Type: string
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/cert_auth_backend_role#certificate CertAuthBackendRole#certificate}.
public readonly name: string;
- Type: string
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/cert_auth_backend_role#name CertAuthBackendRole#name}.
public readonly allowedCommonNames: string[];
- Type: string[]
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/cert_auth_backend_role#allowed_common_names CertAuthBackendRole#allowed_common_names}.
public readonly allowedDnsSans: string[];
- Type: string[]
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/cert_auth_backend_role#allowed_dns_sans CertAuthBackendRole#allowed_dns_sans}.
public readonly allowedEmailSans: string[];
- Type: string[]
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/cert_auth_backend_role#allowed_email_sans CertAuthBackendRole#allowed_email_sans}.
public readonly allowedNames: string[];
- Type: string[]
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/cert_auth_backend_role#allowed_names CertAuthBackendRole#allowed_names}.
public readonly allowedOrganizationalUnits: string[];
- Type: string[]
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/cert_auth_backend_role#allowed_organizational_units CertAuthBackendRole#allowed_organizational_units}.
public readonly allowedUriSans: string[];
- Type: string[]
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/cert_auth_backend_role#allowed_uri_sans CertAuthBackendRole#allowed_uri_sans}.
public readonly backend: string;
- Type: string
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/cert_auth_backend_role#backend CertAuthBackendRole#backend}.
public readonly displayName: string;
- Type: string
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/cert_auth_backend_role#display_name CertAuthBackendRole#display_name}.
public readonly id: string;
- Type: string
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/cert_auth_backend_role#id CertAuthBackendRole#id}.
Please be aware that the id field is automatically added to all resources in Terraform providers using a Terraform provider SDK version below 2. If you experience problems setting this value it might not be settable. Please take a look at the provider documentation to ensure it should be settable.
public readonly namespace: string;
- Type: string
Target namespace. (requires Enterprise).
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/cert_auth_backend_role#namespace CertAuthBackendRole#namespace}
public readonly ocspCaCertificates: string;
- Type: string
Any additional CA certificates needed to verify OCSP responses. Provided as base64 encoded PEM data.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/cert_auth_backend_role#ocsp_ca_certificates CertAuthBackendRole#ocsp_ca_certificates}
public readonly ocspEnabled: boolean | IResolvable;
- Type: boolean | cdktf.IResolvable
If enabled, validate certificates' revocation status using OCSP.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/cert_auth_backend_role#ocsp_enabled CertAuthBackendRole#ocsp_enabled}
public readonly ocspFailOpen: boolean | IResolvable;
- Type: boolean | cdktf.IResolvable
If true and an OCSP response cannot be fetched or is of an unknown status, the login will proceed as if the certificate has not been revoked.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/cert_auth_backend_role#ocsp_fail_open CertAuthBackendRole#ocsp_fail_open}
public readonly ocspQueryAllServers: boolean | IResolvable;
- Type: boolean | cdktf.IResolvable
If set to true, rather than accepting the first successful OCSP response, query all servers and consider the certificate valid only if all servers agree.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/cert_auth_backend_role#ocsp_query_all_servers CertAuthBackendRole#ocsp_query_all_servers}
public readonly ocspServersOverride: string[];
- Type: string[]
A comma-separated list of OCSP server addresses.
If unset, the OCSP server is determined from the AuthorityInformationAccess extension on the certificate being inspected.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/cert_auth_backend_role#ocsp_servers_override CertAuthBackendRole#ocsp_servers_override}
public readonly requiredExtensions: string[];
- Type: string[]
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/cert_auth_backend_role#required_extensions CertAuthBackendRole#required_extensions}.
public readonly tokenBoundCidrs: string[];
- Type: string[]
Specifies the blocks of IP addresses which are allowed to use the generated token.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/cert_auth_backend_role#token_bound_cidrs CertAuthBackendRole#token_bound_cidrs}
public readonly tokenExplicitMaxTtl: number;
- Type: number
Generated Token's Explicit Maximum TTL in seconds.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/cert_auth_backend_role#token_explicit_max_ttl CertAuthBackendRole#token_explicit_max_ttl}
public readonly tokenMaxTtl: number;
- Type: number
The maximum lifetime of the generated token.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/cert_auth_backend_role#token_max_ttl CertAuthBackendRole#token_max_ttl}
public readonly tokenNoDefaultPolicy: boolean | IResolvable;
- Type: boolean | cdktf.IResolvable
If true, the 'default' policy will not automatically be added to generated tokens.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/cert_auth_backend_role#token_no_default_policy CertAuthBackendRole#token_no_default_policy}
public readonly tokenNumUses: number;
- Type: number
The maximum number of times a token may be used, a value of zero means unlimited.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/cert_auth_backend_role#token_num_uses CertAuthBackendRole#token_num_uses}
public readonly tokenPeriod: number;
- Type: number
Generated Token's Period.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/cert_auth_backend_role#token_period CertAuthBackendRole#token_period}
public readonly tokenPolicies: string[];
- Type: string[]
Generated Token's Policies.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/cert_auth_backend_role#token_policies CertAuthBackendRole#token_policies}
public readonly tokenTtl: number;
- Type: number
The initial ttl of the token to generate in seconds.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/cert_auth_backend_role#token_ttl CertAuthBackendRole#token_ttl}
public readonly tokenType: string;
- Type: string
The type of token to generate, service or batch.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/cert_auth_backend_role#token_type CertAuthBackendRole#token_type}