awsAuthBackendRole.java.md

awsAuthBackendRole Submodule

Constructs

AwsAuthBackendRole

Represents a {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role vault_aws_auth_backend_role}.

Initializers

import com.hashicorp.cdktf.providers.vault.aws_auth_backend_role.AwsAuthBackendRole;

AwsAuthBackendRole.Builder.create(Construct scope, java.lang.String id)
//  .connection(SSHProvisionerConnection)
//  .connection(WinrmProvisionerConnection)
//  .count(java.lang.Number)
//  .count(TerraformCount)
//  .dependsOn(java.util.List<ITerraformDependable>)
//  .forEach(ITerraformIterator)
//  .lifecycle(TerraformResourceLifecycle)
//  .provider(TerraformProvider)
//  .provisioners(java.util.List<FileProvisioner)
//  .provisioners(LocalExecProvisioner)
//  .provisioners(RemoteExecProvisioner>)
    .role(java.lang.String)
//  .allowInstanceMigration(java.lang.Boolean)
//  .allowInstanceMigration(IResolvable)
//  .authType(java.lang.String)
//  .backend(java.lang.String)
//  .boundAccountIds(java.util.List<java.lang.String>)
//  .boundAmiIds(java.util.List<java.lang.String>)
//  .boundEc2InstanceIds(java.util.List<java.lang.String>)
//  .boundIamInstanceProfileArns(java.util.List<java.lang.String>)
//  .boundIamPrincipalArns(java.util.List<java.lang.String>)
//  .boundIamRoleArns(java.util.List<java.lang.String>)
//  .boundRegions(java.util.List<java.lang.String>)
//  .boundSubnetIds(java.util.List<java.lang.String>)
//  .boundVpcIds(java.util.List<java.lang.String>)
//  .disallowReauthentication(java.lang.Boolean)
//  .disallowReauthentication(IResolvable)
//  .id(java.lang.String)
//  .inferredAwsRegion(java.lang.String)
//  .inferredEntityType(java.lang.String)
//  .namespace(java.lang.String)
//  .resolveAwsUniqueIds(java.lang.Boolean)
//  .resolveAwsUniqueIds(IResolvable)
//  .roleTag(java.lang.String)
//  .tokenBoundCidrs(java.util.List<java.lang.String>)
//  .tokenExplicitMaxTtl(java.lang.Number)
//  .tokenMaxTtl(java.lang.Number)
//  .tokenNoDefaultPolicy(java.lang.Boolean)
//  .tokenNoDefaultPolicy(IResolvable)
//  .tokenNumUses(java.lang.Number)
//  .tokenPeriod(java.lang.Number)
//  .tokenPolicies(java.util.List<java.lang.String>)
//  .tokenTtl(java.lang.Number)
//  .tokenType(java.lang.String)
    .build();

Name	Type	Description
scope	software.constructs.Construct	The scope in which to define this construct.
id	java.lang.String	The scoped construct ID.
connection	com.hashicorp.cdktf.SSHProvisionerConnection OR com.hashicorp.cdktf.WinrmProvisionerConnection	No description.
count	java.lang.Number OR com.hashicorp.cdktf.TerraformCount	No description.
dependsOn	java.util.List<com.hashicorp.cdktf.ITerraformDependable>	No description.
forEach	com.hashicorp.cdktf.ITerraformIterator	No description.
lifecycle	com.hashicorp.cdktf.TerraformResourceLifecycle	No description.
provider	com.hashicorp.cdktf.TerraformProvider	No description.
provisioners	java.util.List<com.hashicorp.cdktf.FileProvisioner OR com.hashicorp.cdktf.LocalExecProvisioner OR com.hashicorp.cdktf.RemoteExecProvisioner>	No description.
role	java.lang.String	Name of the role.
allowInstanceMigration	java.lang.Boolean OR com.hashicorp.cdktf.IResolvable	When true, allows migration of the underlying instance where the client resides. Use with caution.
authType	java.lang.String	The auth type permitted for this role.
backend	java.lang.String	Unique name of the auth backend to configure.
boundAccountIds	java.util.List<java.lang.String>	Only EC2 instances with this account ID in their identity document will be permitted to log in.
boundAmiIds	java.util.List<java.lang.String>	Only EC2 instances using this AMI ID will be permitted to log in.
boundEc2InstanceIds	java.util.List<java.lang.String>	Only EC2 instances that match this instance ID will be permitted to log in.
boundIamInstanceProfileArns	java.util.List<java.lang.String>	Only EC2 instances associated with an IAM instance profile ARN that matches this value will be permitted to log in.
boundIamPrincipalArns	java.util.List<java.lang.String>	The IAM principal that must be authenticated using the iam auth method.
boundIamRoleArns	java.util.List<java.lang.String>	Only EC2 instances that match this IAM role ARN will be permitted to log in.
boundRegions	java.util.List<java.lang.String>	Only EC2 instances in this region will be permitted to log in.
boundSubnetIds	java.util.List<java.lang.String>	Only EC2 instances associated with this subnet ID will be permitted to log in.
boundVpcIds	java.util.List<java.lang.String>	Only EC2 instances associated with this VPC ID will be permitted to log in.
disallowReauthentication	java.lang.Boolean OR com.hashicorp.cdktf.IResolvable	When true, only allows a single token to be granted per instance ID.
id	java.lang.String	Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#id AwsAuthBackendRole#id}.
inferredAwsRegion	java.lang.String	The region to search for the inferred entities in.
inferredEntityType	java.lang.String	The type of inferencing Vault should do.
namespace	java.lang.String	Target namespace. (requires Enterprise).
resolveAwsUniqueIds	java.lang.Boolean OR com.hashicorp.cdktf.IResolvable	Whether or not Vault should resolve the bound_iam_principal_arn to an AWS Unique ID.
roleTag	java.lang.String	The key of the tag on EC2 instance to use for role tags.
tokenBoundCidrs	java.util.List<java.lang.String>	Specifies the blocks of IP addresses which are allowed to use the generated token.
tokenExplicitMaxTtl	java.lang.Number	Generated Token's Explicit Maximum TTL in seconds.
tokenMaxTtl	java.lang.Number	The maximum lifetime of the generated token.
tokenNoDefaultPolicy	java.lang.Boolean OR com.hashicorp.cdktf.IResolvable	If true, the 'default' policy will not automatically be added to generated tokens.
tokenNumUses	java.lang.Number	The maximum number of times a token may be used, a value of zero means unlimited.
tokenPeriod	java.lang.Number	Generated Token's Period.
tokenPolicies	java.util.List<java.lang.String>	Generated Token's Policies.
tokenTtl	java.lang.Number	The initial ttl of the token to generate in seconds.
tokenType	java.lang.String	The type of token to generate, service or batch.

---

scope^Required

• Type: software.constructs.Construct

The scope in which to define this construct.

---

id^Required

• Type: java.lang.String

The scoped construct ID.

Must be unique amongst siblings in the same scope

---

connection^Optional

• Type: com.hashicorp.cdktf.SSHProvisionerConnection OR com.hashicorp.cdktf.WinrmProvisionerConnection

---

count^Optional

• Type: java.lang.Number OR com.hashicorp.cdktf.TerraformCount

---

dependsOn^Optional

• Type: java.util.List<com.hashicorp.cdktf.ITerraformDependable>

---

forEach^Optional

• Type: com.hashicorp.cdktf.ITerraformIterator

---

lifecycle^Optional

• Type: com.hashicorp.cdktf.TerraformResourceLifecycle

---

provider^Optional

• Type: com.hashicorp.cdktf.TerraformProvider

---

provisioners^Optional

• Type: java.util.List<com.hashicorp.cdktf.FileProvisioner OR com.hashicorp.cdktf.LocalExecProvisioner OR com.hashicorp.cdktf.RemoteExecProvisioner>

---

role^Required

• Type: java.lang.String

Name of the role.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#role AwsAuthBackendRole#role}

---

allowInstanceMigration^Optional

• Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

When true, allows migration of the underlying instance where the client resides. Use with caution.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#allow_instance_migration AwsAuthBackendRole#allow_instance_migration}

---

authType^Optional

• Type: java.lang.String

The auth type permitted for this role.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#auth_type AwsAuthBackendRole#auth_type}

---

backend^Optional

• Type: java.lang.String

Unique name of the auth backend to configure.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#backend AwsAuthBackendRole#backend}

---

boundAccountIds^Optional

• Type: java.util.List<java.lang.String>

Only EC2 instances with this account ID in their identity document will be permitted to log in.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#bound_account_ids AwsAuthBackendRole#bound_account_ids}

---

boundAmiIds^Optional

• Type: java.util.List<java.lang.String>

Only EC2 instances using this AMI ID will be permitted to log in.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#bound_ami_ids AwsAuthBackendRole#bound_ami_ids}

---

boundEc2InstanceIds^Optional

• Type: java.util.List<java.lang.String>

Only EC2 instances that match this instance ID will be permitted to log in.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#bound_ec2_instance_ids AwsAuthBackendRole#bound_ec2_instance_ids}

---

boundIamInstanceProfileArns^Optional

• Type: java.util.List<java.lang.String>

Only EC2 instances associated with an IAM instance profile ARN that matches this value will be permitted to log in.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#bound_iam_instance_profile_arns AwsAuthBackendRole#bound_iam_instance_profile_arns}

---

boundIamPrincipalArns^Optional

• Type: java.util.List<java.lang.String>

The IAM principal that must be authenticated using the iam auth method.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#bound_iam_principal_arns AwsAuthBackendRole#bound_iam_principal_arns}

---

boundIamRoleArns^Optional

• Type: java.util.List<java.lang.String>

Only EC2 instances that match this IAM role ARN will be permitted to log in.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#bound_iam_role_arns AwsAuthBackendRole#bound_iam_role_arns}

---

boundRegions^Optional

• Type: java.util.List<java.lang.String>

Only EC2 instances in this region will be permitted to log in.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#bound_regions AwsAuthBackendRole#bound_regions}

---

boundSubnetIds^Optional

• Type: java.util.List<java.lang.String>

Only EC2 instances associated with this subnet ID will be permitted to log in.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#bound_subnet_ids AwsAuthBackendRole#bound_subnet_ids}

---

boundVpcIds^Optional

• Type: java.util.List<java.lang.String>

Only EC2 instances associated with this VPC ID will be permitted to log in.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#bound_vpc_ids AwsAuthBackendRole#bound_vpc_ids}

---

disallowReauthentication^Optional

• Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

When true, only allows a single token to be granted per instance ID.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#disallow_reauthentication AwsAuthBackendRole#disallow_reauthentication}

---

id^Optional

• Type: java.lang.String

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#id AwsAuthBackendRole#id}.

Please be aware that the id field is automatically added to all resources in Terraform providers using a Terraform provider SDK version below 2. If you experience problems setting this value it might not be settable. Please take a look at the provider documentation to ensure it should be settable.

---

inferredAwsRegion^Optional

• Type: java.lang.String

The region to search for the inferred entities in.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#inferred_aws_region AwsAuthBackendRole#inferred_aws_region}

---

inferredEntityType^Optional

• Type: java.lang.String

The type of inferencing Vault should do.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#inferred_entity_type AwsAuthBackendRole#inferred_entity_type}

---

namespace^Optional

• Type: java.lang.String

Target namespace. (requires Enterprise).

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#namespace AwsAuthBackendRole#namespace}

---

resolveAwsUniqueIds^Optional

• Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

Whether or not Vault should resolve the bound_iam_principal_arn to an AWS Unique ID.

When true, deleting a principal and recreating it with the same name won't automatically grant the new principal the same roles in Vault that the old principal had.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#resolve_aws_unique_ids AwsAuthBackendRole#resolve_aws_unique_ids}

---

roleTag^Optional

• Type: java.lang.String

The key of the tag on EC2 instance to use for role tags.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#role_tag AwsAuthBackendRole#role_tag}

---

tokenBoundCidrs^Optional

• Type: java.util.List<java.lang.String>

Specifies the blocks of IP addresses which are allowed to use the generated token.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#token_bound_cidrs AwsAuthBackendRole#token_bound_cidrs}

---

tokenExplicitMaxTtl^Optional

• Type: java.lang.Number

Generated Token's Explicit Maximum TTL in seconds.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#token_explicit_max_ttl AwsAuthBackendRole#token_explicit_max_ttl}

---

tokenMaxTtl^Optional

• Type: java.lang.Number

The maximum lifetime of the generated token.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#token_max_ttl AwsAuthBackendRole#token_max_ttl}

---

tokenNoDefaultPolicy^Optional

• Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

If true, the 'default' policy will not automatically be added to generated tokens.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#token_no_default_policy AwsAuthBackendRole#token_no_default_policy}

---

tokenNumUses^Optional

• Type: java.lang.Number

The maximum number of times a token may be used, a value of zero means unlimited.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#token_num_uses AwsAuthBackendRole#token_num_uses}

---

tokenPeriod^Optional

• Type: java.lang.Number

Generated Token's Period.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#token_period AwsAuthBackendRole#token_period}

---

tokenPolicies^Optional

• Type: java.util.List<java.lang.String>

Generated Token's Policies.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#token_policies AwsAuthBackendRole#token_policies}

---

tokenTtl^Optional

• Type: java.lang.Number

The initial ttl of the token to generate in seconds.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#token_ttl AwsAuthBackendRole#token_ttl}

---

tokenType^Optional

• Type: java.lang.String

The type of token to generate, service or batch.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#token_type AwsAuthBackendRole#token_type}

---

Methods

Name	Description
toString	Returns a string representation of this construct.
addOverride	No description.
overrideLogicalId	Overrides the auto-generated logical ID with a specific ID.
resetOverrideLogicalId	Resets a previously passed logical Id to use the auto-generated logical id again.
toHclTerraform	No description.
toMetadata	No description.
toTerraform	Adds this resource to the terraform JSON output.
addMoveTarget	Adds a user defined moveTarget string to this resource to be later used in .moveTo(moveTarget) to resolve the location of the move.
getAnyMapAttribute	No description.
getBooleanAttribute	No description.
getBooleanMapAttribute	No description.
getListAttribute	No description.
getNumberAttribute	No description.
getNumberListAttribute	No description.
getNumberMapAttribute	No description.
getStringAttribute	No description.
getStringMapAttribute	No description.
hasResourceMove	No description.
importFrom	No description.
interpolationForAttribute	No description.
moveFromId	Move the resource corresponding to "id" to this resource.
moveTo	Moves this resource to the target resource given by moveTarget.
moveToId	Moves this resource to the resource corresponding to "id".
resetAllowInstanceMigration	No description.
resetAuthType	No description.
resetBackend	No description.
resetBoundAccountIds	No description.
resetBoundAmiIds	No description.
resetBoundEc2InstanceIds	No description.
resetBoundIamInstanceProfileArns	No description.
resetBoundIamPrincipalArns	No description.
resetBoundIamRoleArns	No description.
resetBoundRegions	No description.
resetBoundSubnetIds	No description.
resetBoundVpcIds	No description.
resetDisallowReauthentication	No description.
resetId	No description.
resetInferredAwsRegion	No description.
resetInferredEntityType	No description.
resetNamespace	No description.
resetResolveAwsUniqueIds	No description.
resetRoleTag	No description.
resetTokenBoundCidrs	No description.
resetTokenExplicitMaxTtl	No description.
resetTokenMaxTtl	No description.
resetTokenNoDefaultPolicy	No description.
resetTokenNumUses	No description.
resetTokenPeriod	No description.
resetTokenPolicies	No description.
resetTokenTtl	No description.
resetTokenType	No description.

---

toString

public java.lang.String toString()

Returns a string representation of this construct.

addOverride

public void addOverride(java.lang.String path, java.lang.Object value)

path^Required

• Type: java.lang.String

---

value^Required

• Type: java.lang.Object

---

overrideLogicalId

public void overrideLogicalId(java.lang.String newLogicalId)

Overrides the auto-generated logical ID with a specific ID.

newLogicalId^Required

• Type: java.lang.String

The new logical ID to use for this stack element.

---

resetOverrideLogicalId

public void resetOverrideLogicalId()

Resets a previously passed logical Id to use the auto-generated logical id again.

toHclTerraform

public java.lang.Object toHclTerraform()

toMetadata

public java.lang.Object toMetadata()

toTerraform

public java.lang.Object toTerraform()

Adds this resource to the terraform JSON output.

addMoveTarget

public void addMoveTarget(java.lang.String moveTarget)

Adds a user defined moveTarget string to this resource to be later used in .moveTo(moveTarget) to resolve the location of the move.

moveTarget^Required

• Type: java.lang.String

The string move target that will correspond to this resource.

---

getAnyMapAttribute

public java.util.Map<java.lang.String, java.lang.Object> getAnyMapAttribute(java.lang.String terraformAttribute)

terraformAttribute^Required

• Type: java.lang.String

---

getBooleanAttribute

public IResolvable getBooleanAttribute(java.lang.String terraformAttribute)

terraformAttribute^Required

• Type: java.lang.String

---

getBooleanMapAttribute

public java.util.Map<java.lang.String, java.lang.Boolean> getBooleanMapAttribute(java.lang.String terraformAttribute)

terraformAttribute^Required

• Type: java.lang.String

---

getListAttribute

public java.util.List<java.lang.String> getListAttribute(java.lang.String terraformAttribute)

terraformAttribute^Required

• Type: java.lang.String

---

getNumberAttribute

public java.lang.Number getNumberAttribute(java.lang.String terraformAttribute)

terraformAttribute^Required

• Type: java.lang.String

---

getNumberListAttribute

public java.util.List<java.lang.Number> getNumberListAttribute(java.lang.String terraformAttribute)

terraformAttribute^Required

• Type: java.lang.String

---

getNumberMapAttribute

public java.util.Map<java.lang.String, java.lang.Number> getNumberMapAttribute(java.lang.String terraformAttribute)

terraformAttribute^Required

• Type: java.lang.String

---

getStringAttribute

public java.lang.String getStringAttribute(java.lang.String terraformAttribute)

terraformAttribute^Required

• Type: java.lang.String

---

getStringMapAttribute

public java.util.Map<java.lang.String, java.lang.String> getStringMapAttribute(java.lang.String terraformAttribute)

terraformAttribute^Required

• Type: java.lang.String

---

hasResourceMove

public TerraformResourceMoveByTarget OR TerraformResourceMoveById hasResourceMove()

importFrom

public void importFrom(java.lang.String id)
public void importFrom(java.lang.String id, TerraformProvider provider)

id^Required

• Type: java.lang.String

---

provider^Optional

• Type: com.hashicorp.cdktf.TerraformProvider

---

interpolationForAttribute

public IResolvable interpolationForAttribute(java.lang.String terraformAttribute)

terraformAttribute^Required

• Type: java.lang.String

---

moveFromId

public void moveFromId(java.lang.String id)

Move the resource corresponding to "id" to this resource.

Note that the resource being moved from must be marked as moved using it's instance function.

id^Required

• Type: java.lang.String

Full id of resource being moved from, e.g. "aws_s3_bucket.example".

---

moveTo

public void moveTo(java.lang.String moveTarget)
public void moveTo(java.lang.String moveTarget, java.lang.String OR java.lang.Number index)

Moves this resource to the target resource given by moveTarget.

moveTarget^Required

• Type: java.lang.String

The previously set user defined string set by .addMoveTarget() corresponding to the resource to move to.

---

index^Optional

• Type: java.lang.String OR java.lang.Number

Optional The index corresponding to the key the resource is to appear in the foreach of a resource to move to.

---

moveToId

public void moveToId(java.lang.String id)

Moves this resource to the resource corresponding to "id".

id^Required

• Type: java.lang.String

Full id of resource to move to, e.g. "aws_s3_bucket.example".

---

resetAllowInstanceMigration

public void resetAllowInstanceMigration()

resetAuthType

public void resetAuthType()

resetBackend

public void resetBackend()

resetBoundAccountIds

public void resetBoundAccountIds()

resetBoundAmiIds

public void resetBoundAmiIds()

resetBoundEc2InstanceIds

public void resetBoundEc2InstanceIds()

resetBoundIamInstanceProfileArns

public void resetBoundIamInstanceProfileArns()

resetBoundIamPrincipalArns

public void resetBoundIamPrincipalArns()

resetBoundIamRoleArns

public void resetBoundIamRoleArns()

resetBoundRegions

public void resetBoundRegions()

resetBoundSubnetIds

public void resetBoundSubnetIds()

resetBoundVpcIds

public void resetBoundVpcIds()

resetDisallowReauthentication

public void resetDisallowReauthentication()

resetId

public void resetId()

resetInferredAwsRegion

public void resetInferredAwsRegion()

resetInferredEntityType

public void resetInferredEntityType()

resetNamespace

public void resetNamespace()

resetResolveAwsUniqueIds

public void resetResolveAwsUniqueIds()

resetRoleTag

public void resetRoleTag()

resetTokenBoundCidrs

public void resetTokenBoundCidrs()

resetTokenExplicitMaxTtl

public void resetTokenExplicitMaxTtl()

resetTokenMaxTtl

public void resetTokenMaxTtl()

resetTokenNoDefaultPolicy

public void resetTokenNoDefaultPolicy()

resetTokenNumUses

public void resetTokenNumUses()

resetTokenPeriod

public void resetTokenPeriod()

resetTokenPolicies

public void resetTokenPolicies()

resetTokenTtl

public void resetTokenTtl()

resetTokenType

public void resetTokenType()

Static Functions

Name	Description
isConstruct	Checks if x is a construct.
isTerraformElement	No description.
isTerraformResource	No description.
generateConfigForImport	Generates CDKTF code for importing a AwsAuthBackendRole resource upon running "cdktf plan ".

---

isConstruct

import com.hashicorp.cdktf.providers.vault.aws_auth_backend_role.AwsAuthBackendRole;

AwsAuthBackendRole.isConstruct(java.lang.Object x)

Checks if x is a construct.

Use this method instead of instanceof to properly detect Construct instances, even when the construct library is symlinked.

Explanation: in JavaScript, multiple copies of the constructs library on disk are seen as independent, completely different libraries. As a consequence, the class Construct in each copy of the constructs library is seen as a different class, and an instance of one class will not test as instanceof the other class. npm install will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the constructs library can be accidentally installed, and instanceof will behave unpredictably. It is safest to avoid using instanceof, and using this type-testing method instead.

x^Required

• Type: java.lang.Object

Any object.

---

isTerraformElement

import com.hashicorp.cdktf.providers.vault.aws_auth_backend_role.AwsAuthBackendRole;

AwsAuthBackendRole.isTerraformElement(java.lang.Object x)

x^Required

• Type: java.lang.Object

---

isTerraformResource

import com.hashicorp.cdktf.providers.vault.aws_auth_backend_role.AwsAuthBackendRole;

AwsAuthBackendRole.isTerraformResource(java.lang.Object x)

x^Required

• Type: java.lang.Object

---

generateConfigForImport

import com.hashicorp.cdktf.providers.vault.aws_auth_backend_role.AwsAuthBackendRole;

AwsAuthBackendRole.generateConfigForImport(Construct scope, java.lang.String importToId, java.lang.String importFromId),AwsAuthBackendRole.generateConfigForImport(Construct scope, java.lang.String importToId, java.lang.String importFromId, TerraformProvider provider)

Generates CDKTF code for importing a AwsAuthBackendRole resource upon running "cdktf plan ".

scope^Required

• Type: software.constructs.Construct

The scope in which to define this construct.

---

importToId^Required

• Type: java.lang.String

The construct id used in the generated config for the AwsAuthBackendRole to import.

---

importFromId^Required

• Type: java.lang.String

The id of the existing AwsAuthBackendRole that should be imported.

Refer to the {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#import import section} in the documentation of this resource for the id to use

---

provider^Optional

• Type: com.hashicorp.cdktf.TerraformProvider

? Optional instance of the provider where the AwsAuthBackendRole to import is found.

---

Properties

Name	Type	Description
node	software.constructs.Node	The tree node.
cdktfStack	com.hashicorp.cdktf.TerraformStack	No description.
fqn	java.lang.String	No description.
friendlyUniqueId	java.lang.String	No description.
terraformMetaArguments	java.util.Map<java.lang.String, java.lang.Object>	No description.
terraformResourceType	java.lang.String	No description.
terraformGeneratorMetadata	com.hashicorp.cdktf.TerraformProviderGeneratorMetadata	No description.
connection	com.hashicorp.cdktf.SSHProvisionerConnection OR com.hashicorp.cdktf.WinrmProvisionerConnection	No description.
count	java.lang.Number OR com.hashicorp.cdktf.TerraformCount	No description.
dependsOn	java.util.List<java.lang.String>	No description.
forEach	com.hashicorp.cdktf.ITerraformIterator	No description.
lifecycle	com.hashicorp.cdktf.TerraformResourceLifecycle	No description.
provider	com.hashicorp.cdktf.TerraformProvider	No description.
provisioners	java.util.List<com.hashicorp.cdktf.FileProvisioner OR com.hashicorp.cdktf.LocalExecProvisioner OR com.hashicorp.cdktf.RemoteExecProvisioner>	No description.
roleId	java.lang.String	No description.
allowInstanceMigrationInput	java.lang.Boolean OR com.hashicorp.cdktf.IResolvable	No description.
authTypeInput	java.lang.String	No description.
backendInput	java.lang.String	No description.
boundAccountIdsInput	java.util.List<java.lang.String>	No description.
boundAmiIdsInput	java.util.List<java.lang.String>	No description.
boundEc2InstanceIdsInput	java.util.List<java.lang.String>	No description.
boundIamInstanceProfileArnsInput	java.util.List<java.lang.String>	No description.
boundIamPrincipalArnsInput	java.util.List<java.lang.String>	No description.
boundIamRoleArnsInput	java.util.List<java.lang.String>	No description.
boundRegionsInput	java.util.List<java.lang.String>	No description.
boundSubnetIdsInput	java.util.List<java.lang.String>	No description.
boundVpcIdsInput	java.util.List<java.lang.String>	No description.
disallowReauthenticationInput	java.lang.Boolean OR com.hashicorp.cdktf.IResolvable	No description.
idInput	java.lang.String	No description.
inferredAwsRegionInput	java.lang.String	No description.
inferredEntityTypeInput	java.lang.String	No description.
namespaceInput	java.lang.String	No description.
resolveAwsUniqueIdsInput	java.lang.Boolean OR com.hashicorp.cdktf.IResolvable	No description.
roleInput	java.lang.String	No description.
roleTagInput	java.lang.String	No description.
tokenBoundCidrsInput	java.util.List<java.lang.String>	No description.
tokenExplicitMaxTtlInput	java.lang.Number	No description.
tokenMaxTtlInput	java.lang.Number	No description.
tokenNoDefaultPolicyInput	java.lang.Boolean OR com.hashicorp.cdktf.IResolvable	No description.
tokenNumUsesInput	java.lang.Number	No description.
tokenPeriodInput	java.lang.Number	No description.
tokenPoliciesInput	java.util.List<java.lang.String>	No description.
tokenTtlInput	java.lang.Number	No description.
tokenTypeInput	java.lang.String	No description.
allowInstanceMigration	java.lang.Boolean OR com.hashicorp.cdktf.IResolvable	No description.
authType	java.lang.String	No description.
backend	java.lang.String	No description.
boundAccountIds	java.util.List<java.lang.String>	No description.
boundAmiIds	java.util.List<java.lang.String>	No description.
boundEc2InstanceIds	java.util.List<java.lang.String>	No description.
boundIamInstanceProfileArns	java.util.List<java.lang.String>	No description.
boundIamPrincipalArns	java.util.List<java.lang.String>	No description.
boundIamRoleArns	java.util.List<java.lang.String>	No description.
boundRegions	java.util.List<java.lang.String>	No description.
boundSubnetIds	java.util.List<java.lang.String>	No description.
boundVpcIds	java.util.List<java.lang.String>	No description.
disallowReauthentication	java.lang.Boolean OR com.hashicorp.cdktf.IResolvable	No description.
id	java.lang.String	No description.
inferredAwsRegion	java.lang.String	No description.
inferredEntityType	java.lang.String	No description.
namespace	java.lang.String	No description.
resolveAwsUniqueIds	java.lang.Boolean OR com.hashicorp.cdktf.IResolvable	No description.
role	java.lang.String	No description.
roleTag	java.lang.String	No description.
tokenBoundCidrs	java.util.List<java.lang.String>	No description.
tokenExplicitMaxTtl	java.lang.Number	No description.
tokenMaxTtl	java.lang.Number	No description.
tokenNoDefaultPolicy	java.lang.Boolean OR com.hashicorp.cdktf.IResolvable	No description.
tokenNumUses	java.lang.Number	No description.
tokenPeriod	java.lang.Number	No description.
tokenPolicies	java.util.List<java.lang.String>	No description.
tokenTtl	java.lang.Number	No description.
tokenType	java.lang.String	No description.

---

node^Required

public Node getNode();

• Type: software.constructs.Node

The tree node.

---

cdktfStack^Required

public TerraformStack getCdktfStack();

• Type: com.hashicorp.cdktf.TerraformStack

---

fqn^Required

public java.lang.String getFqn();

• Type: java.lang.String

---

friendlyUniqueId^Required

public java.lang.String getFriendlyUniqueId();

• Type: java.lang.String

---

terraformMetaArguments^Required

public java.util.Map<java.lang.String, java.lang.Object> getTerraformMetaArguments();

• Type: java.util.Map<java.lang.String, java.lang.Object>

---

terraformResourceType^Required

public java.lang.String getTerraformResourceType();

• Type: java.lang.String

---

terraformGeneratorMetadata^Optional

public TerraformProviderGeneratorMetadata getTerraformGeneratorMetadata();

• Type: com.hashicorp.cdktf.TerraformProviderGeneratorMetadata

---

connection^Optional

public java.lang.Object getConnection();

• Type: com.hashicorp.cdktf.SSHProvisionerConnection OR com.hashicorp.cdktf.WinrmProvisionerConnection

---

count^Optional

public java.lang.Object getCount();

• Type: java.lang.Number OR com.hashicorp.cdktf.TerraformCount

---

dependsOn^Optional

public java.util.List<java.lang.String> getDependsOn();

• Type: java.util.List<java.lang.String>

---

forEach^Optional

public ITerraformIterator getForEach();

• Type: com.hashicorp.cdktf.ITerraformIterator

---

lifecycle^Optional

public TerraformResourceLifecycle getLifecycle();

• Type: com.hashicorp.cdktf.TerraformResourceLifecycle

---

provider^Optional

public TerraformProvider getProvider();

• Type: com.hashicorp.cdktf.TerraformProvider

---

provisioners^Optional

public java.lang.Object getProvisioners();

• Type: java.util.List<com.hashicorp.cdktf.FileProvisioner OR com.hashicorp.cdktf.LocalExecProvisioner OR com.hashicorp.cdktf.RemoteExecProvisioner>

---

roleId^Required

public java.lang.String getRoleId();

• Type: java.lang.String

---

allowInstanceMigrationInput^Optional

public java.lang.Object getAllowInstanceMigrationInput();

• Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

---

authTypeInput^Optional

public java.lang.String getAuthTypeInput();

• Type: java.lang.String

---

backendInput^Optional

public java.lang.String getBackendInput();

• Type: java.lang.String

---

boundAccountIdsInput^Optional

public java.util.List<java.lang.String> getBoundAccountIdsInput();

• Type: java.util.List<java.lang.String>

---

boundAmiIdsInput^Optional

public java.util.List<java.lang.String> getBoundAmiIdsInput();

• Type: java.util.List<java.lang.String>

---

boundEc2InstanceIdsInput^Optional

public java.util.List<java.lang.String> getBoundEc2InstanceIdsInput();

• Type: java.util.List<java.lang.String>

---

boundIamInstanceProfileArnsInput^Optional

public java.util.List<java.lang.String> getBoundIamInstanceProfileArnsInput();

• Type: java.util.List<java.lang.String>

---

boundIamPrincipalArnsInput^Optional

public java.util.List<java.lang.String> getBoundIamPrincipalArnsInput();

• Type: java.util.List<java.lang.String>

---

boundIamRoleArnsInput^Optional

public java.util.List<java.lang.String> getBoundIamRoleArnsInput();

• Type: java.util.List<java.lang.String>

---

boundRegionsInput^Optional

public java.util.List<java.lang.String> getBoundRegionsInput();

• Type: java.util.List<java.lang.String>

---

boundSubnetIdsInput^Optional

public java.util.List<java.lang.String> getBoundSubnetIdsInput();

• Type: java.util.List<java.lang.String>

---

boundVpcIdsInput^Optional

public java.util.List<java.lang.String> getBoundVpcIdsInput();

• Type: java.util.List<java.lang.String>

---

disallowReauthenticationInput^Optional

public java.lang.Object getDisallowReauthenticationInput();

• Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

---

idInput^Optional

public java.lang.String getIdInput();

• Type: java.lang.String

---

inferredAwsRegionInput^Optional

public java.lang.String getInferredAwsRegionInput();

• Type: java.lang.String

---

inferredEntityTypeInput^Optional

public java.lang.String getInferredEntityTypeInput();

• Type: java.lang.String

---

namespaceInput^Optional

public java.lang.String getNamespaceInput();

• Type: java.lang.String

---

resolveAwsUniqueIdsInput^Optional

public java.lang.Object getResolveAwsUniqueIdsInput();

• Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

---

roleInput^Optional

public java.lang.String getRoleInput();

• Type: java.lang.String

---

roleTagInput^Optional

public java.lang.String getRoleTagInput();

• Type: java.lang.String

---

tokenBoundCidrsInput^Optional

public java.util.List<java.lang.String> getTokenBoundCidrsInput();

• Type: java.util.List<java.lang.String>

---

tokenExplicitMaxTtlInput^Optional

public java.lang.Number getTokenExplicitMaxTtlInput();

• Type: java.lang.Number

---

tokenMaxTtlInput^Optional

public java.lang.Number getTokenMaxTtlInput();

• Type: java.lang.Number

---

tokenNoDefaultPolicyInput^Optional

public java.lang.Object getTokenNoDefaultPolicyInput();

• Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

---

tokenNumUsesInput^Optional

public java.lang.Number getTokenNumUsesInput();

• Type: java.lang.Number

---

tokenPeriodInput^Optional

public java.lang.Number getTokenPeriodInput();

• Type: java.lang.Number

---

tokenPoliciesInput^Optional

public java.util.List<java.lang.String> getTokenPoliciesInput();

• Type: java.util.List<java.lang.String>

---

tokenTtlInput^Optional

public java.lang.Number getTokenTtlInput();

• Type: java.lang.Number

---

tokenTypeInput^Optional

public java.lang.String getTokenTypeInput();

• Type: java.lang.String

---

allowInstanceMigration^Required

public java.lang.Object getAllowInstanceMigration();

• Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

---

authType^Required

public java.lang.String getAuthType();

• Type: java.lang.String

---

backend^Required

public java.lang.String getBackend();

• Type: java.lang.String

---

boundAccountIds^Required

public java.util.List<java.lang.String> getBoundAccountIds();

• Type: java.util.List<java.lang.String>

---

boundAmiIds^Required

public java.util.List<java.lang.String> getBoundAmiIds();

• Type: java.util.List<java.lang.String>

---

boundEc2InstanceIds^Required

public java.util.List<java.lang.String> getBoundEc2InstanceIds();

• Type: java.util.List<java.lang.String>

---

boundIamInstanceProfileArns^Required

public java.util.List<java.lang.String> getBoundIamInstanceProfileArns();

• Type: java.util.List<java.lang.String>

---

boundIamPrincipalArns^Required

public java.util.List<java.lang.String> getBoundIamPrincipalArns();

• Type: java.util.List<java.lang.String>

---

boundIamRoleArns^Required

public java.util.List<java.lang.String> getBoundIamRoleArns();

• Type: java.util.List<java.lang.String>

---

boundRegions^Required

public java.util.List<java.lang.String> getBoundRegions();

• Type: java.util.List<java.lang.String>

---

boundSubnetIds^Required

public java.util.List<java.lang.String> getBoundSubnetIds();

• Type: java.util.List<java.lang.String>

---

boundVpcIds^Required

public java.util.List<java.lang.String> getBoundVpcIds();

• Type: java.util.List<java.lang.String>

---

disallowReauthentication^Required

public java.lang.Object getDisallowReauthentication();

• Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

---

id^Required

public java.lang.String getId();

• Type: java.lang.String

---

inferredAwsRegion^Required

public java.lang.String getInferredAwsRegion();

• Type: java.lang.String

---

inferredEntityType^Required

public java.lang.String getInferredEntityType();

• Type: java.lang.String

---

namespace^Required

public java.lang.String getNamespace();

• Type: java.lang.String

---

resolveAwsUniqueIds^Required

public java.lang.Object getResolveAwsUniqueIds();

• Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

---

role^Required

public java.lang.String getRole();

• Type: java.lang.String

---

roleTag^Required

public java.lang.String getRoleTag();

• Type: java.lang.String

---

tokenBoundCidrs^Required

public java.util.List<java.lang.String> getTokenBoundCidrs();

• Type: java.util.List<java.lang.String>

---

tokenExplicitMaxTtl^Required

public java.lang.Number getTokenExplicitMaxTtl();

• Type: java.lang.Number

---

tokenMaxTtl^Required

public java.lang.Number getTokenMaxTtl();

• Type: java.lang.Number

---

tokenNoDefaultPolicy^Required

public java.lang.Object getTokenNoDefaultPolicy();

• Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

---

tokenNumUses^Required

public java.lang.Number getTokenNumUses();

• Type: java.lang.Number

---

tokenPeriod^Required

public java.lang.Number getTokenPeriod();

• Type: java.lang.Number

---

tokenPolicies^Required

public java.util.List<java.lang.String> getTokenPolicies();

• Type: java.util.List<java.lang.String>

---

tokenTtl^Required

public java.lang.Number getTokenTtl();

• Type: java.lang.Number

---

tokenType^Required

public java.lang.String getTokenType();

• Type: java.lang.String

---

Constants

Name	Type	Description
tfResourceType	java.lang.String	No description.

---

tfResourceType^Required

public java.lang.String getTfResourceType();

• Type: java.lang.String

---

Structs

AwsAuthBackendRoleConfig

Initializer

import com.hashicorp.cdktf.providers.vault.aws_auth_backend_role.AwsAuthBackendRoleConfig;

AwsAuthBackendRoleConfig.builder()
//  .connection(SSHProvisionerConnection)
//  .connection(WinrmProvisionerConnection)
//  .count(java.lang.Number)
//  .count(TerraformCount)
//  .dependsOn(java.util.List<ITerraformDependable>)
//  .forEach(ITerraformIterator)
//  .lifecycle(TerraformResourceLifecycle)
//  .provider(TerraformProvider)
//  .provisioners(java.util.List<FileProvisioner)
//  .provisioners(LocalExecProvisioner)
//  .provisioners(RemoteExecProvisioner>)
    .role(java.lang.String)
//  .allowInstanceMigration(java.lang.Boolean)
//  .allowInstanceMigration(IResolvable)
//  .authType(java.lang.String)
//  .backend(java.lang.String)
//  .boundAccountIds(java.util.List<java.lang.String>)
//  .boundAmiIds(java.util.List<java.lang.String>)
//  .boundEc2InstanceIds(java.util.List<java.lang.String>)
//  .boundIamInstanceProfileArns(java.util.List<java.lang.String>)
//  .boundIamPrincipalArns(java.util.List<java.lang.String>)
//  .boundIamRoleArns(java.util.List<java.lang.String>)
//  .boundRegions(java.util.List<java.lang.String>)
//  .boundSubnetIds(java.util.List<java.lang.String>)
//  .boundVpcIds(java.util.List<java.lang.String>)
//  .disallowReauthentication(java.lang.Boolean)
//  .disallowReauthentication(IResolvable)
//  .id(java.lang.String)
//  .inferredAwsRegion(java.lang.String)
//  .inferredEntityType(java.lang.String)
//  .namespace(java.lang.String)
//  .resolveAwsUniqueIds(java.lang.Boolean)
//  .resolveAwsUniqueIds(IResolvable)
//  .roleTag(java.lang.String)
//  .tokenBoundCidrs(java.util.List<java.lang.String>)
//  .tokenExplicitMaxTtl(java.lang.Number)
//  .tokenMaxTtl(java.lang.Number)
//  .tokenNoDefaultPolicy(java.lang.Boolean)
//  .tokenNoDefaultPolicy(IResolvable)
//  .tokenNumUses(java.lang.Number)
//  .tokenPeriod(java.lang.Number)
//  .tokenPolicies(java.util.List<java.lang.String>)
//  .tokenTtl(java.lang.Number)
//  .tokenType(java.lang.String)
    .build();

Properties

Name	Type	Description
connection	com.hashicorp.cdktf.SSHProvisionerConnection OR com.hashicorp.cdktf.WinrmProvisionerConnection	No description.
count	java.lang.Number OR com.hashicorp.cdktf.TerraformCount	No description.
dependsOn	java.util.List<com.hashicorp.cdktf.ITerraformDependable>	No description.
forEach	com.hashicorp.cdktf.ITerraformIterator	No description.
lifecycle	com.hashicorp.cdktf.TerraformResourceLifecycle	No description.
provider	com.hashicorp.cdktf.TerraformProvider	No description.
provisioners	java.util.List<com.hashicorp.cdktf.FileProvisioner OR com.hashicorp.cdktf.LocalExecProvisioner OR com.hashicorp.cdktf.RemoteExecProvisioner>	No description.
role	java.lang.String	Name of the role.
allowInstanceMigration	java.lang.Boolean OR com.hashicorp.cdktf.IResolvable	When true, allows migration of the underlying instance where the client resides. Use with caution.
authType	java.lang.String	The auth type permitted for this role.
backend	java.lang.String	Unique name of the auth backend to configure.
boundAccountIds	java.util.List<java.lang.String>	Only EC2 instances with this account ID in their identity document will be permitted to log in.
boundAmiIds	java.util.List<java.lang.String>	Only EC2 instances using this AMI ID will be permitted to log in.
boundEc2InstanceIds	java.util.List<java.lang.String>	Only EC2 instances that match this instance ID will be permitted to log in.
boundIamInstanceProfileArns	java.util.List<java.lang.String>	Only EC2 instances associated with an IAM instance profile ARN that matches this value will be permitted to log in.
boundIamPrincipalArns	java.util.List<java.lang.String>	The IAM principal that must be authenticated using the iam auth method.
boundIamRoleArns	java.util.List<java.lang.String>	Only EC2 instances that match this IAM role ARN will be permitted to log in.
boundRegions	java.util.List<java.lang.String>	Only EC2 instances in this region will be permitted to log in.
boundSubnetIds	java.util.List<java.lang.String>	Only EC2 instances associated with this subnet ID will be permitted to log in.
boundVpcIds	java.util.List<java.lang.String>	Only EC2 instances associated with this VPC ID will be permitted to log in.
disallowReauthentication	java.lang.Boolean OR com.hashicorp.cdktf.IResolvable	When true, only allows a single token to be granted per instance ID.
id	java.lang.String	Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#id AwsAuthBackendRole#id}.
inferredAwsRegion	java.lang.String	The region to search for the inferred entities in.
inferredEntityType	java.lang.String	The type of inferencing Vault should do.
namespace	java.lang.String	Target namespace. (requires Enterprise).
resolveAwsUniqueIds	java.lang.Boolean OR com.hashicorp.cdktf.IResolvable	Whether or not Vault should resolve the bound_iam_principal_arn to an AWS Unique ID.
roleTag	java.lang.String	The key of the tag on EC2 instance to use for role tags.
tokenBoundCidrs	java.util.List<java.lang.String>	Specifies the blocks of IP addresses which are allowed to use the generated token.
tokenExplicitMaxTtl	java.lang.Number	Generated Token's Explicit Maximum TTL in seconds.
tokenMaxTtl	java.lang.Number	The maximum lifetime of the generated token.
tokenNoDefaultPolicy	java.lang.Boolean OR com.hashicorp.cdktf.IResolvable	If true, the 'default' policy will not automatically be added to generated tokens.
tokenNumUses	java.lang.Number	The maximum number of times a token may be used, a value of zero means unlimited.
tokenPeriod	java.lang.Number	Generated Token's Period.
tokenPolicies	java.util.List<java.lang.String>	Generated Token's Policies.
tokenTtl	java.lang.Number	The initial ttl of the token to generate in seconds.
tokenType	java.lang.String	The type of token to generate, service or batch.

---

connection^Optional

public java.lang.Object getConnection();

• Type: com.hashicorp.cdktf.SSHProvisionerConnection OR com.hashicorp.cdktf.WinrmProvisionerConnection

---

count^Optional

public java.lang.Object getCount();

• Type: java.lang.Number OR com.hashicorp.cdktf.TerraformCount

---

dependsOn^Optional

public java.util.List<ITerraformDependable> getDependsOn();

• Type: java.util.List<com.hashicorp.cdktf.ITerraformDependable>

---

forEach^Optional

public ITerraformIterator getForEach();

• Type: com.hashicorp.cdktf.ITerraformIterator

---

lifecycle^Optional

public TerraformResourceLifecycle getLifecycle();

• Type: com.hashicorp.cdktf.TerraformResourceLifecycle

---

provider^Optional

public TerraformProvider getProvider();

• Type: com.hashicorp.cdktf.TerraformProvider

---

provisioners^Optional

public java.lang.Object getProvisioners();

• Type: java.util.List<com.hashicorp.cdktf.FileProvisioner OR com.hashicorp.cdktf.LocalExecProvisioner OR com.hashicorp.cdktf.RemoteExecProvisioner>

---

role^Required

public java.lang.String getRole();

• Type: java.lang.String

Name of the role.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#role AwsAuthBackendRole#role}

---

allowInstanceMigration^Optional

public java.lang.Object getAllowInstanceMigration();

• Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

When true, allows migration of the underlying instance where the client resides. Use with caution.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#allow_instance_migration AwsAuthBackendRole#allow_instance_migration}

---

authType^Optional

public java.lang.String getAuthType();

• Type: java.lang.String

The auth type permitted for this role.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#auth_type AwsAuthBackendRole#auth_type}

---

backend^Optional

public java.lang.String getBackend();

• Type: java.lang.String

Unique name of the auth backend to configure.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#backend AwsAuthBackendRole#backend}

---

boundAccountIds^Optional

public java.util.List<java.lang.String> getBoundAccountIds();

• Type: java.util.List<java.lang.String>

Only EC2 instances with this account ID in their identity document will be permitted to log in.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#bound_account_ids AwsAuthBackendRole#bound_account_ids}

---

boundAmiIds^Optional

public java.util.List<java.lang.String> getBoundAmiIds();

• Type: java.util.List<java.lang.String>

Only EC2 instances using this AMI ID will be permitted to log in.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#bound_ami_ids AwsAuthBackendRole#bound_ami_ids}

---

boundEc2InstanceIds^Optional

public java.util.List<java.lang.String> getBoundEc2InstanceIds();

• Type: java.util.List<java.lang.String>

Only EC2 instances that match this instance ID will be permitted to log in.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#bound_ec2_instance_ids AwsAuthBackendRole#bound_ec2_instance_ids}

---

boundIamInstanceProfileArns^Optional

public java.util.List<java.lang.String> getBoundIamInstanceProfileArns();

• Type: java.util.List<java.lang.String>

Only EC2 instances associated with an IAM instance profile ARN that matches this value will be permitted to log in.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#bound_iam_instance_profile_arns AwsAuthBackendRole#bound_iam_instance_profile_arns}

---

boundIamPrincipalArns^Optional

public java.util.List<java.lang.String> getBoundIamPrincipalArns();

• Type: java.util.List<java.lang.String>

The IAM principal that must be authenticated using the iam auth method.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#bound_iam_principal_arns AwsAuthBackendRole#bound_iam_principal_arns}

---

boundIamRoleArns^Optional

public java.util.List<java.lang.String> getBoundIamRoleArns();

• Type: java.util.List<java.lang.String>

Only EC2 instances that match this IAM role ARN will be permitted to log in.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#bound_iam_role_arns AwsAuthBackendRole#bound_iam_role_arns}

---

boundRegions^Optional

public java.util.List<java.lang.String> getBoundRegions();

• Type: java.util.List<java.lang.String>

Only EC2 instances in this region will be permitted to log in.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#bound_regions AwsAuthBackendRole#bound_regions}

---

boundSubnetIds^Optional

public java.util.List<java.lang.String> getBoundSubnetIds();

• Type: java.util.List<java.lang.String>

Only EC2 instances associated with this subnet ID will be permitted to log in.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#bound_subnet_ids AwsAuthBackendRole#bound_subnet_ids}

---

boundVpcIds^Optional

public java.util.List<java.lang.String> getBoundVpcIds();

• Type: java.util.List<java.lang.String>

Only EC2 instances associated with this VPC ID will be permitted to log in.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#bound_vpc_ids AwsAuthBackendRole#bound_vpc_ids}

---

disallowReauthentication^Optional

public java.lang.Object getDisallowReauthentication();

• Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

When true, only allows a single token to be granted per instance ID.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#disallow_reauthentication AwsAuthBackendRole#disallow_reauthentication}

---

id^Optional

public java.lang.String getId();

• Type: java.lang.String

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#id AwsAuthBackendRole#id}.

Please be aware that the id field is automatically added to all resources in Terraform providers using a Terraform provider SDK version below 2. If you experience problems setting this value it might not be settable. Please take a look at the provider documentation to ensure it should be settable.

---

inferredAwsRegion^Optional

public java.lang.String getInferredAwsRegion();

• Type: java.lang.String

The region to search for the inferred entities in.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#inferred_aws_region AwsAuthBackendRole#inferred_aws_region}

---

inferredEntityType^Optional

public java.lang.String getInferredEntityType();

• Type: java.lang.String

The type of inferencing Vault should do.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#inferred_entity_type AwsAuthBackendRole#inferred_entity_type}

---

namespace^Optional

public java.lang.String getNamespace();

• Type: java.lang.String

Target namespace. (requires Enterprise).

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#namespace AwsAuthBackendRole#namespace}

---

resolveAwsUniqueIds^Optional

public java.lang.Object getResolveAwsUniqueIds();

• Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

Whether or not Vault should resolve the bound_iam_principal_arn to an AWS Unique ID.

When true, deleting a principal and recreating it with the same name won't automatically grant the new principal the same roles in Vault that the old principal had.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#resolve_aws_unique_ids AwsAuthBackendRole#resolve_aws_unique_ids}

---

roleTag^Optional

public java.lang.String getRoleTag();

• Type: java.lang.String

The key of the tag on EC2 instance to use for role tags.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#role_tag AwsAuthBackendRole#role_tag}

---

tokenBoundCidrs^Optional

public java.util.List<java.lang.String> getTokenBoundCidrs();

• Type: java.util.List<java.lang.String>

Specifies the blocks of IP addresses which are allowed to use the generated token.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#token_bound_cidrs AwsAuthBackendRole#token_bound_cidrs}

---

tokenExplicitMaxTtl^Optional

public java.lang.Number getTokenExplicitMaxTtl();

• Type: java.lang.Number

Generated Token's Explicit Maximum TTL in seconds.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#token_explicit_max_ttl AwsAuthBackendRole#token_explicit_max_ttl}

---

tokenMaxTtl^Optional

public java.lang.Number getTokenMaxTtl();

• Type: java.lang.Number

The maximum lifetime of the generated token.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#token_max_ttl AwsAuthBackendRole#token_max_ttl}

---

tokenNoDefaultPolicy^Optional

public java.lang.Object getTokenNoDefaultPolicy();

• Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

If true, the 'default' policy will not automatically be added to generated tokens.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#token_no_default_policy AwsAuthBackendRole#token_no_default_policy}

---

tokenNumUses^Optional

public java.lang.Number getTokenNumUses();

• Type: java.lang.Number

The maximum number of times a token may be used, a value of zero means unlimited.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#token_num_uses AwsAuthBackendRole#token_num_uses}

---

tokenPeriod^Optional

public java.lang.Number getTokenPeriod();

• Type: java.lang.Number

Generated Token's Period.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#token_period AwsAuthBackendRole#token_period}

---

tokenPolicies^Optional

public java.util.List<java.lang.String> getTokenPolicies();

• Type: java.util.List<java.lang.String>

Generated Token's Policies.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#token_policies AwsAuthBackendRole#token_policies}

---

tokenTtl^Optional

public java.lang.Number getTokenTtl();

• Type: java.lang.Number

The initial ttl of the token to generate in seconds.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#token_ttl AwsAuthBackendRole#token_ttl}

---

tokenType^Optional

public java.lang.String getTokenType();

• Type: java.lang.String

The type of token to generate, service or batch.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#token_type AwsAuthBackendRole#token_type}

---