approleAuthBackendRole.python.md

approleAuthBackendRole Submodule

Constructs

ApproleAuthBackendRole

Represents a {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/approle_auth_backend_role vault_approle_auth_backend_role}.

Initializers

from cdktf_cdktf_provider_vault import approle_auth_backend_role

approleAuthBackendRole.ApproleAuthBackendRole(
  scope: Construct,
  id: str,
  connection: typing.Union[SSHProvisionerConnection, WinrmProvisionerConnection] = None,
  count: typing.Union[typing.Union[int, float], TerraformCount] = None,
  depends_on: typing.List[ITerraformDependable] = None,
  for_each: ITerraformIterator = None,
  lifecycle: TerraformResourceLifecycle = None,
  provider: TerraformProvider = None,
  provisioners: typing.List[typing.Union[FileProvisioner, LocalExecProvisioner, RemoteExecProvisioner]] = None,
  role_name: str,
  backend: str = None,
  bind_secret_id: typing.Union[bool, IResolvable] = None,
  id: str = None,
  namespace: str = None,
  role_id: str = None,
  secret_id_bound_cidrs: typing.List[str] = None,
  secret_id_num_uses: typing.Union[int, float] = None,
  secret_id_ttl: typing.Union[int, float] = None,
  token_bound_cidrs: typing.List[str] = None,
  token_explicit_max_ttl: typing.Union[int, float] = None,
  token_max_ttl: typing.Union[int, float] = None,
  token_no_default_policy: typing.Union[bool, IResolvable] = None,
  token_num_uses: typing.Union[int, float] = None,
  token_period: typing.Union[int, float] = None,
  token_policies: typing.List[str] = None,
  token_ttl: typing.Union[int, float] = None,
  token_type: str = None
)

Name	Type	Description
scope	constructs.Construct	The scope in which to define this construct.
id	str	The scoped construct ID.
connection	typing.Union[cdktf.SSHProvisionerConnection, cdktf.WinrmProvisionerConnection]	No description.
count	typing.Union[typing.Union[int, float], cdktf.TerraformCount]	No description.
depends_on	typing.List[cdktf.ITerraformDependable]	No description.
for_each	cdktf.ITerraformIterator	No description.
lifecycle	cdktf.TerraformResourceLifecycle	No description.
provider	cdktf.TerraformProvider	No description.
provisioners	typing.List[typing.Union[cdktf.FileProvisioner, cdktf.LocalExecProvisioner, cdktf.RemoteExecProvisioner]]	No description.
role_name	str	Name of the role.
backend	str	Unique name of the auth backend to configure.
bind_secret_id	typing.Union[bool, cdktf.IResolvable]	Whether or not to require secret_id to be present when logging in using this AppRole.
id	str	Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/approle_auth_backend_role#id ApproleAuthBackendRole#id}.
namespace	str	Target namespace. (requires Enterprise).
role_id	str	The RoleID of the role. Autogenerated if not set.
secret_id_bound_cidrs	typing.List[str]	List of CIDR blocks that can log in using the AppRole.
secret_id_num_uses	typing.Union[int, float]	Number of times which a particular SecretID can be used to fetch a token from this AppRole, after which the SecretID will expire.
secret_id_ttl	typing.Union[int, float]	Number of seconds a SecretID remains valid for.
token_bound_cidrs	typing.List[str]	Specifies the blocks of IP addresses which are allowed to use the generated token.
token_explicit_max_ttl	typing.Union[int, float]	Generated Token's Explicit Maximum TTL in seconds.
token_max_ttl	typing.Union[int, float]	The maximum lifetime of the generated token.
token_no_default_policy	typing.Union[bool, cdktf.IResolvable]	If true, the 'default' policy will not automatically be added to generated tokens.
token_num_uses	typing.Union[int, float]	The maximum number of times a token may be used, a value of zero means unlimited.
token_period	typing.Union[int, float]	Generated Token's Period.
token_policies	typing.List[str]	Generated Token's Policies.
token_ttl	typing.Union[int, float]	The initial ttl of the token to generate in seconds.
token_type	str	The type of token to generate, service or batch.

---

scope^Required

• Type: constructs.Construct

The scope in which to define this construct.

---

id^Required

• Type: str

The scoped construct ID.

Must be unique amongst siblings in the same scope

---

connection^Optional

• Type: typing.Union[cdktf.SSHProvisionerConnection, cdktf.WinrmProvisionerConnection]

---

count^Optional

• Type: typing.Union[typing.Union[int, float], cdktf.TerraformCount]

---

depends_on^Optional

• Type: typing.List[cdktf.ITerraformDependable]

---

for_each^Optional

• Type: cdktf.ITerraformIterator

---

lifecycle^Optional

• Type: cdktf.TerraformResourceLifecycle

---

provider^Optional

• Type: cdktf.TerraformProvider

---

provisioners^Optional

• Type: typing.List[typing.Union[cdktf.FileProvisioner, cdktf.LocalExecProvisioner, cdktf.RemoteExecProvisioner]]

---

role_name^Required

• Type: str

Name of the role.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/approle_auth_backend_role#role_name ApproleAuthBackendRole#role_name}

---

backend^Optional

• Type: str

Unique name of the auth backend to configure.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/approle_auth_backend_role#backend ApproleAuthBackendRole#backend}

---

bind_secret_id^Optional

• Type: typing.Union[bool, cdktf.IResolvable]

Whether or not to require secret_id to be present when logging in using this AppRole.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/approle_auth_backend_role#bind_secret_id ApproleAuthBackendRole#bind_secret_id}

---

id^Optional

• Type: str

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/approle_auth_backend_role#id ApproleAuthBackendRole#id}.

Please be aware that the id field is automatically added to all resources in Terraform providers using a Terraform provider SDK version below 2. If you experience problems setting this value it might not be settable. Please take a look at the provider documentation to ensure it should be settable.

---

namespace^Optional

• Type: str

Target namespace. (requires Enterprise).

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/approle_auth_backend_role#namespace ApproleAuthBackendRole#namespace}

---

role_id^Optional

• Type: str

The RoleID of the role. Autogenerated if not set.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/approle_auth_backend_role#role_id ApproleAuthBackendRole#role_id}

---

secret_id_bound_cidrs^Optional

• Type: typing.List[str]

List of CIDR blocks that can log in using the AppRole.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/approle_auth_backend_role#secret_id_bound_cidrs ApproleAuthBackendRole#secret_id_bound_cidrs}

---

secret_id_num_uses^Optional

• Type: typing.Union[int, float]

Number of times which a particular SecretID can be used to fetch a token from this AppRole, after which the SecretID will expire.

Leaving this unset or setting it to 0 will allow unlimited uses.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/approle_auth_backend_role#secret_id_num_uses ApproleAuthBackendRole#secret_id_num_uses}

---

secret_id_ttl^Optional

• Type: typing.Union[int, float]

Number of seconds a SecretID remains valid for.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/approle_auth_backend_role#secret_id_ttl ApproleAuthBackendRole#secret_id_ttl}

---

token_bound_cidrs^Optional

• Type: typing.List[str]

Specifies the blocks of IP addresses which are allowed to use the generated token.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/approle_auth_backend_role#token_bound_cidrs ApproleAuthBackendRole#token_bound_cidrs}

---

token_explicit_max_ttl^Optional

• Type: typing.Union[int, float]

Generated Token's Explicit Maximum TTL in seconds.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/approle_auth_backend_role#token_explicit_max_ttl ApproleAuthBackendRole#token_explicit_max_ttl}

---

token_max_ttl^Optional

• Type: typing.Union[int, float]

The maximum lifetime of the generated token.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/approle_auth_backend_role#token_max_ttl ApproleAuthBackendRole#token_max_ttl}

---

token_no_default_policy^Optional

• Type: typing.Union[bool, cdktf.IResolvable]

If true, the 'default' policy will not automatically be added to generated tokens.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/approle_auth_backend_role#token_no_default_policy ApproleAuthBackendRole#token_no_default_policy}

---

token_num_uses^Optional

• Type: typing.Union[int, float]

The maximum number of times a token may be used, a value of zero means unlimited.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/approle_auth_backend_role#token_num_uses ApproleAuthBackendRole#token_num_uses}

---

token_period^Optional

• Type: typing.Union[int, float]

Generated Token's Period.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/approle_auth_backend_role#token_period ApproleAuthBackendRole#token_period}

---

token_policies^Optional

• Type: typing.List[str]

Generated Token's Policies.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/approle_auth_backend_role#token_policies ApproleAuthBackendRole#token_policies}

---

token_ttl^Optional

• Type: typing.Union[int, float]

The initial ttl of the token to generate in seconds.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/approle_auth_backend_role#token_ttl ApproleAuthBackendRole#token_ttl}

---

token_type^Optional

• Type: str

The type of token to generate, service or batch.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/approle_auth_backend_role#token_type ApproleAuthBackendRole#token_type}

---

Methods

Name	Description
to_string	Returns a string representation of this construct.
add_override	No description.
override_logical_id	Overrides the auto-generated logical ID with a specific ID.
reset_override_logical_id	Resets a previously passed logical Id to use the auto-generated logical id again.
to_hcl_terraform	No description.
to_metadata	No description.
to_terraform	Adds this resource to the terraform JSON output.
add_move_target	Adds a user defined moveTarget string to this resource to be later used in .moveTo(moveTarget) to resolve the location of the move.
get_any_map_attribute	No description.
get_boolean_attribute	No description.
get_boolean_map_attribute	No description.
get_list_attribute	No description.
get_number_attribute	No description.
get_number_list_attribute	No description.
get_number_map_attribute	No description.
get_string_attribute	No description.
get_string_map_attribute	No description.
has_resource_move	No description.
import_from	No description.
interpolation_for_attribute	No description.
move_from_id	Move the resource corresponding to "id" to this resource.
move_to	Moves this resource to the target resource given by moveTarget.
move_to_id	Moves this resource to the resource corresponding to "id".
reset_backend	No description.
reset_bind_secret_id	No description.
reset_id	No description.
reset_namespace	No description.
reset_role_id	No description.
reset_secret_id_bound_cidrs	No description.
reset_secret_id_num_uses	No description.
reset_secret_id_ttl	No description.
reset_token_bound_cidrs	No description.
reset_token_explicit_max_ttl	No description.
reset_token_max_ttl	No description.
reset_token_no_default_policy	No description.
reset_token_num_uses	No description.
reset_token_period	No description.
reset_token_policies	No description.
reset_token_ttl	No description.
reset_token_type	No description.

---

to_string

def to_string() -> str

Returns a string representation of this construct.

add_override

def add_override(
  path: str,
  value: typing.Any
) -> None

path^Required

• Type: str

---

value^Required

• Type: typing.Any

---

override_logical_id

def override_logical_id(
  new_logical_id: str
) -> None

Overrides the auto-generated logical ID with a specific ID.

new_logical_id^Required

• Type: str

The new logical ID to use for this stack element.

---

reset_override_logical_id

def reset_override_logical_id() -> None

Resets a previously passed logical Id to use the auto-generated logical id again.

to_hcl_terraform

def to_hcl_terraform() -> typing.Any

to_metadata

def to_metadata() -> typing.Any

to_terraform

def to_terraform() -> typing.Any

Adds this resource to the terraform JSON output.

add_move_target

def add_move_target(
  move_target: str
) -> None

Adds a user defined moveTarget string to this resource to be later used in .moveTo(moveTarget) to resolve the location of the move.

move_target^Required

• Type: str

The string move target that will correspond to this resource.

---

get_any_map_attribute

def get_any_map_attribute(
  terraform_attribute: str
) -> typing.Mapping[typing.Any]

terraform_attribute^Required

• Type: str

---

get_boolean_attribute

def get_boolean_attribute(
  terraform_attribute: str
) -> IResolvable

terraform_attribute^Required

• Type: str

---

get_boolean_map_attribute

def get_boolean_map_attribute(
  terraform_attribute: str
) -> typing.Mapping[bool]

terraform_attribute^Required

• Type: str

---

get_list_attribute

def get_list_attribute(
  terraform_attribute: str
) -> typing.List[str]

terraform_attribute^Required

• Type: str

---

get_number_attribute

def get_number_attribute(
  terraform_attribute: str
) -> typing.Union[int, float]

terraform_attribute^Required

• Type: str

---

get_number_list_attribute

def get_number_list_attribute(
  terraform_attribute: str
) -> typing.List[typing.Union[int, float]]

terraform_attribute^Required

• Type: str

---

get_number_map_attribute

def get_number_map_attribute(
  terraform_attribute: str
) -> typing.Mapping[typing.Union[int, float]]

terraform_attribute^Required

• Type: str

---

get_string_attribute

def get_string_attribute(
  terraform_attribute: str
) -> str

terraform_attribute^Required

• Type: str

---

get_string_map_attribute

def get_string_map_attribute(
  terraform_attribute: str
) -> typing.Mapping[str]

terraform_attribute^Required

• Type: str

---

has_resource_move

def has_resource_move() -> typing.Union[TerraformResourceMoveByTarget, TerraformResourceMoveById]

import_from

def import_from(
  id: str,
  provider: TerraformProvider = None
) -> None

id^Required

• Type: str

---

provider^Optional

• Type: cdktf.TerraformProvider

---

interpolation_for_attribute

def interpolation_for_attribute(
  terraform_attribute: str
) -> IResolvable

terraform_attribute^Required

• Type: str

---

move_from_id

def move_from_id(
  id: str
) -> None

Move the resource corresponding to "id" to this resource.

Note that the resource being moved from must be marked as moved using it's instance function.

id^Required

• Type: str

Full id of resource being moved from, e.g. "aws_s3_bucket.example".

---

move_to

def move_to(
  move_target: str,
  index: typing.Union[str, typing.Union[int, float]] = None
) -> None

Moves this resource to the target resource given by moveTarget.

move_target^Required

• Type: str

The previously set user defined string set by .addMoveTarget() corresponding to the resource to move to.

---

index^Optional

• Type: typing.Union[str, typing.Union[int, float]]

Optional The index corresponding to the key the resource is to appear in the foreach of a resource to move to.

---

move_to_id

def move_to_id(
  id: str
) -> None

Moves this resource to the resource corresponding to "id".

id^Required

• Type: str

Full id of resource to move to, e.g. "aws_s3_bucket.example".

---

reset_backend

def reset_backend() -> None

reset_bind_secret_id

def reset_bind_secret_id() -> None

reset_id

def reset_id() -> None

reset_namespace

def reset_namespace() -> None

reset_role_id

def reset_role_id() -> None

reset_secret_id_bound_cidrs

def reset_secret_id_bound_cidrs() -> None

reset_secret_id_num_uses

def reset_secret_id_num_uses() -> None

reset_secret_id_ttl

def reset_secret_id_ttl() -> None

reset_token_bound_cidrs

def reset_token_bound_cidrs() -> None

reset_token_explicit_max_ttl

def reset_token_explicit_max_ttl() -> None

reset_token_max_ttl

def reset_token_max_ttl() -> None

reset_token_no_default_policy

def reset_token_no_default_policy() -> None

reset_token_num_uses

def reset_token_num_uses() -> None

reset_token_period

def reset_token_period() -> None

reset_token_policies

def reset_token_policies() -> None

reset_token_ttl

def reset_token_ttl() -> None

reset_token_type

def reset_token_type() -> None

Static Functions

Name	Description
is_construct	Checks if x is a construct.
is_terraform_element	No description.
is_terraform_resource	No description.
generate_config_for_import	Generates CDKTF code for importing a ApproleAuthBackendRole resource upon running "cdktf plan ".

---

is_construct

from cdktf_cdktf_provider_vault import approle_auth_backend_role

approleAuthBackendRole.ApproleAuthBackendRole.is_construct(
  x: typing.Any
)

Checks if x is a construct.

Use this method instead of instanceof to properly detect Construct instances, even when the construct library is symlinked.

Explanation: in JavaScript, multiple copies of the constructs library on disk are seen as independent, completely different libraries. As a consequence, the class Construct in each copy of the constructs library is seen as a different class, and an instance of one class will not test as instanceof the other class. npm install will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the constructs library can be accidentally installed, and instanceof will behave unpredictably. It is safest to avoid using instanceof, and using this type-testing method instead.

x^Required

• Type: typing.Any

Any object.

---

is_terraform_element

from cdktf_cdktf_provider_vault import approle_auth_backend_role

approleAuthBackendRole.ApproleAuthBackendRole.is_terraform_element(
  x: typing.Any
)

x^Required

• Type: typing.Any

---

is_terraform_resource

from cdktf_cdktf_provider_vault import approle_auth_backend_role

approleAuthBackendRole.ApproleAuthBackendRole.is_terraform_resource(
  x: typing.Any
)

x^Required

• Type: typing.Any

---

generate_config_for_import

from cdktf_cdktf_provider_vault import approle_auth_backend_role

approleAuthBackendRole.ApproleAuthBackendRole.generate_config_for_import(
  scope: Construct,
  import_to_id: str,
  import_from_id: str,
  provider: TerraformProvider = None
)

Generates CDKTF code for importing a ApproleAuthBackendRole resource upon running "cdktf plan ".

scope^Required

• Type: constructs.Construct

The scope in which to define this construct.

---

import_to_id^Required

• Type: str

The construct id used in the generated config for the ApproleAuthBackendRole to import.

---

import_from_id^Required

• Type: str

The id of the existing ApproleAuthBackendRole that should be imported.

Refer to the {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/approle_auth_backend_role#import import section} in the documentation of this resource for the id to use

---

provider^Optional

• Type: cdktf.TerraformProvider

? Optional instance of the provider where the ApproleAuthBackendRole to import is found.

---

Properties

Name	Type	Description
node	constructs.Node	The tree node.
cdktf_stack	cdktf.TerraformStack	No description.
fqn	str	No description.
friendly_unique_id	str	No description.
terraform_meta_arguments	typing.Mapping[typing.Any]	No description.
terraform_resource_type	str	No description.
terraform_generator_metadata	cdktf.TerraformProviderGeneratorMetadata	No description.
connection	typing.Union[cdktf.SSHProvisionerConnection, cdktf.WinrmProvisionerConnection]	No description.
count	typing.Union[typing.Union[int, float], cdktf.TerraformCount]	No description.
depends_on	typing.List[str]	No description.
for_each	cdktf.ITerraformIterator	No description.
lifecycle	cdktf.TerraformResourceLifecycle	No description.
provider	cdktf.TerraformProvider	No description.
provisioners	typing.List[typing.Union[cdktf.FileProvisioner, cdktf.LocalExecProvisioner, cdktf.RemoteExecProvisioner]]	No description.
backend_input	str	No description.
bind_secret_id_input	typing.Union[bool, cdktf.IResolvable]	No description.
id_input	str	No description.
namespace_input	str	No description.
role_id_input	str	No description.
role_name_input	str	No description.
secret_id_bound_cidrs_input	typing.List[str]	No description.
secret_id_num_uses_input	typing.Union[int, float]	No description.
secret_id_ttl_input	typing.Union[int, float]	No description.
token_bound_cidrs_input	typing.List[str]	No description.
token_explicit_max_ttl_input	typing.Union[int, float]	No description.
token_max_ttl_input	typing.Union[int, float]	No description.
token_no_default_policy_input	typing.Union[bool, cdktf.IResolvable]	No description.
token_num_uses_input	typing.Union[int, float]	No description.
token_period_input	typing.Union[int, float]	No description.
token_policies_input	typing.List[str]	No description.
token_ttl_input	typing.Union[int, float]	No description.
token_type_input	str	No description.
backend	str	No description.
bind_secret_id	typing.Union[bool, cdktf.IResolvable]	No description.
id	str	No description.
namespace	str	No description.
role_id	str	No description.
role_name	str	No description.
secret_id_bound_cidrs	typing.List[str]	No description.
secret_id_num_uses	typing.Union[int, float]	No description.
secret_id_ttl	typing.Union[int, float]	No description.
token_bound_cidrs	typing.List[str]	No description.
token_explicit_max_ttl	typing.Union[int, float]	No description.
token_max_ttl	typing.Union[int, float]	No description.
token_no_default_policy	typing.Union[bool, cdktf.IResolvable]	No description.
token_num_uses	typing.Union[int, float]	No description.
token_period	typing.Union[int, float]	No description.
token_policies	typing.List[str]	No description.
token_ttl	typing.Union[int, float]	No description.
token_type	str	No description.

---

node^Required

node: Node

• Type: constructs.Node

The tree node.

---

cdktf_stack^Required

cdktf_stack: TerraformStack

• Type: cdktf.TerraformStack

---

fqn^Required

fqn: str

• Type: str

---

friendly_unique_id^Required

friendly_unique_id: str

• Type: str

---

terraform_meta_arguments^Required

terraform_meta_arguments: typing.Mapping[typing.Any]

• Type: typing.Mapping[typing.Any]

---

terraform_resource_type^Required

terraform_resource_type: str

• Type: str

---

terraform_generator_metadata^Optional

terraform_generator_metadata: TerraformProviderGeneratorMetadata

• Type: cdktf.TerraformProviderGeneratorMetadata

---

connection^Optional

connection: typing.Union[SSHProvisionerConnection, WinrmProvisionerConnection]

• Type: typing.Union[cdktf.SSHProvisionerConnection, cdktf.WinrmProvisionerConnection]

---

count^Optional

count: typing.Union[typing.Union[int, float], TerraformCount]

• Type: typing.Union[typing.Union[int, float], cdktf.TerraformCount]

---

depends_on^Optional

depends_on: typing.List[str]

• Type: typing.List[str]

---

for_each^Optional

for_each: ITerraformIterator

• Type: cdktf.ITerraformIterator

---

lifecycle^Optional

lifecycle: TerraformResourceLifecycle

• Type: cdktf.TerraformResourceLifecycle

---

provider^Optional

provider: TerraformProvider

• Type: cdktf.TerraformProvider

---

provisioners^Optional

provisioners: typing.List[typing.Union[FileProvisioner, LocalExecProvisioner, RemoteExecProvisioner]]

• Type: typing.List[typing.Union[cdktf.FileProvisioner, cdktf.LocalExecProvisioner, cdktf.RemoteExecProvisioner]]

---

backend_input^Optional

backend_input: str

• Type: str

---

bind_secret_id_input^Optional

bind_secret_id_input: typing.Union[bool, IResolvable]

• Type: typing.Union[bool, cdktf.IResolvable]

---

id_input^Optional

id_input: str

• Type: str

---

namespace_input^Optional

namespace_input: str

• Type: str

---

role_id_input^Optional

role_id_input: str

• Type: str

---

role_name_input^Optional

role_name_input: str

• Type: str

---

secret_id_bound_cidrs_input^Optional

secret_id_bound_cidrs_input: typing.List[str]

• Type: typing.List[str]

---

secret_id_num_uses_input^Optional

secret_id_num_uses_input: typing.Union[int, float]

• Type: typing.Union[int, float]

---

secret_id_ttl_input^Optional

secret_id_ttl_input: typing.Union[int, float]

• Type: typing.Union[int, float]

---

token_bound_cidrs_input^Optional

token_bound_cidrs_input: typing.List[str]

• Type: typing.List[str]

---

token_explicit_max_ttl_input^Optional

token_explicit_max_ttl_input: typing.Union[int, float]

• Type: typing.Union[int, float]

---

token_max_ttl_input^Optional

token_max_ttl_input: typing.Union[int, float]

• Type: typing.Union[int, float]

---

token_no_default_policy_input^Optional

token_no_default_policy_input: typing.Union[bool, IResolvable]

• Type: typing.Union[bool, cdktf.IResolvable]

---

token_num_uses_input^Optional

token_num_uses_input: typing.Union[int, float]

• Type: typing.Union[int, float]

---

token_period_input^Optional

token_period_input: typing.Union[int, float]

• Type: typing.Union[int, float]

---

token_policies_input^Optional

token_policies_input: typing.List[str]

• Type: typing.List[str]

---

token_ttl_input^Optional

token_ttl_input: typing.Union[int, float]

• Type: typing.Union[int, float]

---

token_type_input^Optional

token_type_input: str

• Type: str

---

backend^Required

backend: str

• Type: str

---

bind_secret_id^Required

bind_secret_id: typing.Union[bool, IResolvable]

• Type: typing.Union[bool, cdktf.IResolvable]

---

id^Required

id: str

• Type: str

---

namespace^Required

namespace: str

• Type: str

---

role_id^Required

role_id: str

• Type: str

---

role_name^Required

role_name: str

• Type: str

---

secret_id_bound_cidrs^Required

secret_id_bound_cidrs: typing.List[str]

• Type: typing.List[str]

---

secret_id_num_uses^Required

secret_id_num_uses: typing.Union[int, float]

• Type: typing.Union[int, float]

---

secret_id_ttl^Required

secret_id_ttl: typing.Union[int, float]

• Type: typing.Union[int, float]

---

token_bound_cidrs^Required

token_bound_cidrs: typing.List[str]

• Type: typing.List[str]

---

token_explicit_max_ttl^Required

token_explicit_max_ttl: typing.Union[int, float]

• Type: typing.Union[int, float]

---

token_max_ttl^Required

token_max_ttl: typing.Union[int, float]

• Type: typing.Union[int, float]

---

token_no_default_policy^Required

token_no_default_policy: typing.Union[bool, IResolvable]

• Type: typing.Union[bool, cdktf.IResolvable]

---

token_num_uses^Required

token_num_uses: typing.Union[int, float]

• Type: typing.Union[int, float]

---

token_period^Required

token_period: typing.Union[int, float]

• Type: typing.Union[int, float]

---

token_policies^Required

token_policies: typing.List[str]

• Type: typing.List[str]

---

token_ttl^Required

token_ttl: typing.Union[int, float]

• Type: typing.Union[int, float]

---

token_type^Required

token_type: str

• Type: str

---

Constants

Name	Type	Description
tfResourceType	str	No description.

---

tfResourceType^Required

tfResourceType: str

• Type: str

---

Structs

ApproleAuthBackendRoleConfig

Initializer

from cdktf_cdktf_provider_vault import approle_auth_backend_role

approleAuthBackendRole.ApproleAuthBackendRoleConfig(
  connection: typing.Union[SSHProvisionerConnection, WinrmProvisionerConnection] = None,
  count: typing.Union[typing.Union[int, float], TerraformCount] = None,
  depends_on: typing.List[ITerraformDependable] = None,
  for_each: ITerraformIterator = None,
  lifecycle: TerraformResourceLifecycle = None,
  provider: TerraformProvider = None,
  provisioners: typing.List[typing.Union[FileProvisioner, LocalExecProvisioner, RemoteExecProvisioner]] = None,
  role_name: str,
  backend: str = None,
  bind_secret_id: typing.Union[bool, IResolvable] = None,
  id: str = None,
  namespace: str = None,
  role_id: str = None,
  secret_id_bound_cidrs: typing.List[str] = None,
  secret_id_num_uses: typing.Union[int, float] = None,
  secret_id_ttl: typing.Union[int, float] = None,
  token_bound_cidrs: typing.List[str] = None,
  token_explicit_max_ttl: typing.Union[int, float] = None,
  token_max_ttl: typing.Union[int, float] = None,
  token_no_default_policy: typing.Union[bool, IResolvable] = None,
  token_num_uses: typing.Union[int, float] = None,
  token_period: typing.Union[int, float] = None,
  token_policies: typing.List[str] = None,
  token_ttl: typing.Union[int, float] = None,
  token_type: str = None
)

Properties

Name	Type	Description
connection	typing.Union[cdktf.SSHProvisionerConnection, cdktf.WinrmProvisionerConnection]	No description.
count	typing.Union[typing.Union[int, float], cdktf.TerraformCount]	No description.
depends_on	typing.List[cdktf.ITerraformDependable]	No description.
for_each	cdktf.ITerraformIterator	No description.
lifecycle	cdktf.TerraformResourceLifecycle	No description.
provider	cdktf.TerraformProvider	No description.
provisioners	typing.List[typing.Union[cdktf.FileProvisioner, cdktf.LocalExecProvisioner, cdktf.RemoteExecProvisioner]]	No description.
role_name	str	Name of the role.
backend	str	Unique name of the auth backend to configure.
bind_secret_id	typing.Union[bool, cdktf.IResolvable]	Whether or not to require secret_id to be present when logging in using this AppRole.
id	str	Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/approle_auth_backend_role#id ApproleAuthBackendRole#id}.
namespace	str	Target namespace. (requires Enterprise).
role_id	str	The RoleID of the role. Autogenerated if not set.
secret_id_bound_cidrs	typing.List[str]	List of CIDR blocks that can log in using the AppRole.
secret_id_num_uses	typing.Union[int, float]	Number of times which a particular SecretID can be used to fetch a token from this AppRole, after which the SecretID will expire.
secret_id_ttl	typing.Union[int, float]	Number of seconds a SecretID remains valid for.
token_bound_cidrs	typing.List[str]	Specifies the blocks of IP addresses which are allowed to use the generated token.
token_explicit_max_ttl	typing.Union[int, float]	Generated Token's Explicit Maximum TTL in seconds.
token_max_ttl	typing.Union[int, float]	The maximum lifetime of the generated token.
token_no_default_policy	typing.Union[bool, cdktf.IResolvable]	If true, the 'default' policy will not automatically be added to generated tokens.
token_num_uses	typing.Union[int, float]	The maximum number of times a token may be used, a value of zero means unlimited.
token_period	typing.Union[int, float]	Generated Token's Period.
token_policies	typing.List[str]	Generated Token's Policies.
token_ttl	typing.Union[int, float]	The initial ttl of the token to generate in seconds.
token_type	str	The type of token to generate, service or batch.

---

connection^Optional

connection: typing.Union[SSHProvisionerConnection, WinrmProvisionerConnection]

• Type: typing.Union[cdktf.SSHProvisionerConnection, cdktf.WinrmProvisionerConnection]

---

count^Optional

count: typing.Union[typing.Union[int, float], TerraformCount]

• Type: typing.Union[typing.Union[int, float], cdktf.TerraformCount]

---

depends_on^Optional

depends_on: typing.List[ITerraformDependable]

• Type: typing.List[cdktf.ITerraformDependable]

---

for_each^Optional

for_each: ITerraformIterator

• Type: cdktf.ITerraformIterator

---

lifecycle^Optional

lifecycle: TerraformResourceLifecycle

• Type: cdktf.TerraformResourceLifecycle

---

provider^Optional

provider: TerraformProvider

• Type: cdktf.TerraformProvider

---

provisioners^Optional

provisioners: typing.List[typing.Union[FileProvisioner, LocalExecProvisioner, RemoteExecProvisioner]]

• Type: typing.List[typing.Union[cdktf.FileProvisioner, cdktf.LocalExecProvisioner, cdktf.RemoteExecProvisioner]]

---

role_name^Required

role_name: str

• Type: str

Name of the role.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/approle_auth_backend_role#role_name ApproleAuthBackendRole#role_name}

---

backend^Optional

backend: str

• Type: str

Unique name of the auth backend to configure.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/approle_auth_backend_role#backend ApproleAuthBackendRole#backend}

---

bind_secret_id^Optional

bind_secret_id: typing.Union[bool, IResolvable]

• Type: typing.Union[bool, cdktf.IResolvable]

Whether or not to require secret_id to be present when logging in using this AppRole.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/approle_auth_backend_role#bind_secret_id ApproleAuthBackendRole#bind_secret_id}

---

id^Optional

id: str

• Type: str

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/approle_auth_backend_role#id ApproleAuthBackendRole#id}.

Please be aware that the id field is automatically added to all resources in Terraform providers using a Terraform provider SDK version below 2. If you experience problems setting this value it might not be settable. Please take a look at the provider documentation to ensure it should be settable.

---

namespace^Optional

namespace: str

• Type: str

Target namespace. (requires Enterprise).

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/approle_auth_backend_role#namespace ApproleAuthBackendRole#namespace}

---

role_id^Optional

role_id: str

• Type: str

The RoleID of the role. Autogenerated if not set.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/approle_auth_backend_role#role_id ApproleAuthBackendRole#role_id}

---

secret_id_bound_cidrs^Optional

secret_id_bound_cidrs: typing.List[str]

• Type: typing.List[str]

List of CIDR blocks that can log in using the AppRole.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/approle_auth_backend_role#secret_id_bound_cidrs ApproleAuthBackendRole#secret_id_bound_cidrs}

---

secret_id_num_uses^Optional

secret_id_num_uses: typing.Union[int, float]

• Type: typing.Union[int, float]

Number of times which a particular SecretID can be used to fetch a token from this AppRole, after which the SecretID will expire.

Leaving this unset or setting it to 0 will allow unlimited uses.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/approle_auth_backend_role#secret_id_num_uses ApproleAuthBackendRole#secret_id_num_uses}

---

secret_id_ttl^Optional

secret_id_ttl: typing.Union[int, float]

• Type: typing.Union[int, float]

Number of seconds a SecretID remains valid for.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/approle_auth_backend_role#secret_id_ttl ApproleAuthBackendRole#secret_id_ttl}

---

token_bound_cidrs^Optional

token_bound_cidrs: typing.List[str]

• Type: typing.List[str]

Specifies the blocks of IP addresses which are allowed to use the generated token.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/approle_auth_backend_role#token_bound_cidrs ApproleAuthBackendRole#token_bound_cidrs}

---

token_explicit_max_ttl^Optional

token_explicit_max_ttl: typing.Union[int, float]

• Type: typing.Union[int, float]

Generated Token's Explicit Maximum TTL in seconds.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/approle_auth_backend_role#token_explicit_max_ttl ApproleAuthBackendRole#token_explicit_max_ttl}

---

token_max_ttl^Optional

token_max_ttl: typing.Union[int, float]

• Type: typing.Union[int, float]

The maximum lifetime of the generated token.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/approle_auth_backend_role#token_max_ttl ApproleAuthBackendRole#token_max_ttl}

---

token_no_default_policy^Optional

token_no_default_policy: typing.Union[bool, IResolvable]

• Type: typing.Union[bool, cdktf.IResolvable]

If true, the 'default' policy will not automatically be added to generated tokens.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/approle_auth_backend_role#token_no_default_policy ApproleAuthBackendRole#token_no_default_policy}

---

token_num_uses^Optional

token_num_uses: typing.Union[int, float]

• Type: typing.Union[int, float]

The maximum number of times a token may be used, a value of zero means unlimited.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/approle_auth_backend_role#token_num_uses ApproleAuthBackendRole#token_num_uses}

---

token_period^Optional

token_period: typing.Union[int, float]

• Type: typing.Union[int, float]

Generated Token's Period.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/approle_auth_backend_role#token_period ApproleAuthBackendRole#token_period}

---

token_policies^Optional

token_policies: typing.List[str]

• Type: typing.List[str]

Generated Token's Policies.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/approle_auth_backend_role#token_policies ApproleAuthBackendRole#token_policies}

---

token_ttl^Optional

token_ttl: typing.Union[int, float]

• Type: typing.Union[int, float]

The initial ttl of the token to generate in seconds.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/approle_auth_backend_role#token_ttl ApproleAuthBackendRole#token_ttl}

---

token_type^Optional

token_type: str

• Type: str

The type of token to generate, service or batch.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/approle_auth_backend_role#token_type ApproleAuthBackendRole#token_type}

---