Represents a {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role vault_aws_auth_backend_role}.
from cdktf_cdktf_provider_vault import aws_auth_backend_role
awsAuthBackendRole.AwsAuthBackendRole(
scope: Construct,
id: str,
connection: typing.Union[SSHProvisionerConnection, WinrmProvisionerConnection] = None,
count: typing.Union[typing.Union[int, float], TerraformCount] = None,
depends_on: typing.List[ITerraformDependable] = None,
for_each: ITerraformIterator = None,
lifecycle: TerraformResourceLifecycle = None,
provider: TerraformProvider = None,
provisioners: typing.List[typing.Union[FileProvisioner, LocalExecProvisioner, RemoteExecProvisioner]] = None,
role: str,
allow_instance_migration: typing.Union[bool, IResolvable] = None,
auth_type: str = None,
backend: str = None,
bound_account_ids: typing.List[str] = None,
bound_ami_ids: typing.List[str] = None,
bound_ec2_instance_ids: typing.List[str] = None,
bound_iam_instance_profile_arns: typing.List[str] = None,
bound_iam_principal_arns: typing.List[str] = None,
bound_iam_role_arns: typing.List[str] = None,
bound_regions: typing.List[str] = None,
bound_subnet_ids: typing.List[str] = None,
bound_vpc_ids: typing.List[str] = None,
disallow_reauthentication: typing.Union[bool, IResolvable] = None,
id: str = None,
inferred_aws_region: str = None,
inferred_entity_type: str = None,
namespace: str = None,
resolve_aws_unique_ids: typing.Union[bool, IResolvable] = None,
role_tag: str = None,
token_bound_cidrs: typing.List[str] = None,
token_explicit_max_ttl: typing.Union[int, float] = None,
token_max_ttl: typing.Union[int, float] = None,
token_no_default_policy: typing.Union[bool, IResolvable] = None,
token_num_uses: typing.Union[int, float] = None,
token_period: typing.Union[int, float] = None,
token_policies: typing.List[str] = None,
token_ttl: typing.Union[int, float] = None,
token_type: str = None
)
Name | Type | Description |
---|---|---|
scope |
constructs.Construct |
The scope in which to define this construct. |
id |
str |
The scoped construct ID. |
connection |
typing.Union[cdktf.SSHProvisionerConnection, cdktf.WinrmProvisionerConnection] |
No description. |
count |
typing.Union[typing.Union[int, float], cdktf.TerraformCount] |
No description. |
depends_on |
typing.List[cdktf.ITerraformDependable] |
No description. |
for_each |
cdktf.ITerraformIterator |
No description. |
lifecycle |
cdktf.TerraformResourceLifecycle |
No description. |
provider |
cdktf.TerraformProvider |
No description. |
provisioners |
typing.List[typing.Union[cdktf.FileProvisioner, cdktf.LocalExecProvisioner, cdktf.RemoteExecProvisioner]] |
No description. |
role |
str |
Name of the role. |
allow_instance_migration |
typing.Union[bool, cdktf.IResolvable] |
When true, allows migration of the underlying instance where the client resides. Use with caution. |
auth_type |
str |
The auth type permitted for this role. |
backend |
str |
Unique name of the auth backend to configure. |
bound_account_ids |
typing.List[str] |
Only EC2 instances with this account ID in their identity document will be permitted to log in. |
bound_ami_ids |
typing.List[str] |
Only EC2 instances using this AMI ID will be permitted to log in. |
bound_ec2_instance_ids |
typing.List[str] |
Only EC2 instances that match this instance ID will be permitted to log in. |
bound_iam_instance_profile_arns |
typing.List[str] |
Only EC2 instances associated with an IAM instance profile ARN that matches this value will be permitted to log in. |
bound_iam_principal_arns |
typing.List[str] |
The IAM principal that must be authenticated using the iam auth method. |
bound_iam_role_arns |
typing.List[str] |
Only EC2 instances that match this IAM role ARN will be permitted to log in. |
bound_regions |
typing.List[str] |
Only EC2 instances in this region will be permitted to log in. |
bound_subnet_ids |
typing.List[str] |
Only EC2 instances associated with this subnet ID will be permitted to log in. |
bound_vpc_ids |
typing.List[str] |
Only EC2 instances associated with this VPC ID will be permitted to log in. |
disallow_reauthentication |
typing.Union[bool, cdktf.IResolvable] |
When true, only allows a single token to be granted per instance ID. |
id |
str |
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#id AwsAuthBackendRole#id}. |
inferred_aws_region |
str |
The region to search for the inferred entities in. |
inferred_entity_type |
str |
The type of inferencing Vault should do. |
namespace |
str |
Target namespace. (requires Enterprise). |
resolve_aws_unique_ids |
typing.Union[bool, cdktf.IResolvable] |
Whether or not Vault should resolve the bound_iam_principal_arn to an AWS Unique ID. |
role_tag |
str |
The key of the tag on EC2 instance to use for role tags. |
token_bound_cidrs |
typing.List[str] |
Specifies the blocks of IP addresses which are allowed to use the generated token. |
token_explicit_max_ttl |
typing.Union[int, float] |
Generated Token's Explicit Maximum TTL in seconds. |
token_max_ttl |
typing.Union[int, float] |
The maximum lifetime of the generated token. |
token_no_default_policy |
typing.Union[bool, cdktf.IResolvable] |
If true, the 'default' policy will not automatically be added to generated tokens. |
token_num_uses |
typing.Union[int, float] |
The maximum number of times a token may be used, a value of zero means unlimited. |
token_period |
typing.Union[int, float] |
Generated Token's Period. |
token_policies |
typing.List[str] |
Generated Token's Policies. |
token_ttl |
typing.Union[int, float] |
The initial ttl of the token to generate in seconds. |
token_type |
str |
The type of token to generate, service or batch. |
- Type: constructs.Construct
The scope in which to define this construct.
- Type: str
The scoped construct ID.
Must be unique amongst siblings in the same scope
- Type: typing.Union[cdktf.SSHProvisionerConnection, cdktf.WinrmProvisionerConnection]
- Type: typing.Union[typing.Union[int, float], cdktf.TerraformCount]
- Type: typing.List[cdktf.ITerraformDependable]
- Type: cdktf.ITerraformIterator
- Type: cdktf.TerraformResourceLifecycle
- Type: cdktf.TerraformProvider
- Type: typing.List[typing.Union[cdktf.FileProvisioner, cdktf.LocalExecProvisioner, cdktf.RemoteExecProvisioner]]
- Type: str
Name of the role.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#role AwsAuthBackendRole#role}
- Type: typing.Union[bool, cdktf.IResolvable]
When true, allows migration of the underlying instance where the client resides. Use with caution.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#allow_instance_migration AwsAuthBackendRole#allow_instance_migration}
- Type: str
The auth type permitted for this role.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#auth_type AwsAuthBackendRole#auth_type}
- Type: str
Unique name of the auth backend to configure.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#backend AwsAuthBackendRole#backend}
- Type: typing.List[str]
Only EC2 instances with this account ID in their identity document will be permitted to log in.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#bound_account_ids AwsAuthBackendRole#bound_account_ids}
- Type: typing.List[str]
Only EC2 instances using this AMI ID will be permitted to log in.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#bound_ami_ids AwsAuthBackendRole#bound_ami_ids}
- Type: typing.List[str]
Only EC2 instances that match this instance ID will be permitted to log in.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#bound_ec2_instance_ids AwsAuthBackendRole#bound_ec2_instance_ids}
- Type: typing.List[str]
Only EC2 instances associated with an IAM instance profile ARN that matches this value will be permitted to log in.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#bound_iam_instance_profile_arns AwsAuthBackendRole#bound_iam_instance_profile_arns}
- Type: typing.List[str]
The IAM principal that must be authenticated using the iam auth method.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#bound_iam_principal_arns AwsAuthBackendRole#bound_iam_principal_arns}
- Type: typing.List[str]
Only EC2 instances that match this IAM role ARN will be permitted to log in.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#bound_iam_role_arns AwsAuthBackendRole#bound_iam_role_arns}
- Type: typing.List[str]
Only EC2 instances in this region will be permitted to log in.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#bound_regions AwsAuthBackendRole#bound_regions}
- Type: typing.List[str]
Only EC2 instances associated with this subnet ID will be permitted to log in.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#bound_subnet_ids AwsAuthBackendRole#bound_subnet_ids}
- Type: typing.List[str]
Only EC2 instances associated with this VPC ID will be permitted to log in.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#bound_vpc_ids AwsAuthBackendRole#bound_vpc_ids}
- Type: typing.Union[bool, cdktf.IResolvable]
When true, only allows a single token to be granted per instance ID.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#disallow_reauthentication AwsAuthBackendRole#disallow_reauthentication}
- Type: str
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#id AwsAuthBackendRole#id}.
Please be aware that the id field is automatically added to all resources in Terraform providers using a Terraform provider SDK version below 2. If you experience problems setting this value it might not be settable. Please take a look at the provider documentation to ensure it should be settable.
- Type: str
The region to search for the inferred entities in.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#inferred_aws_region AwsAuthBackendRole#inferred_aws_region}
- Type: str
The type of inferencing Vault should do.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#inferred_entity_type AwsAuthBackendRole#inferred_entity_type}
- Type: str
Target namespace. (requires Enterprise).
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#namespace AwsAuthBackendRole#namespace}
- Type: typing.Union[bool, cdktf.IResolvable]
Whether or not Vault should resolve the bound_iam_principal_arn to an AWS Unique ID.
When true, deleting a principal and recreating it with the same name won't automatically grant the new principal the same roles in Vault that the old principal had.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#resolve_aws_unique_ids AwsAuthBackendRole#resolve_aws_unique_ids}
- Type: str
The key of the tag on EC2 instance to use for role tags.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#role_tag AwsAuthBackendRole#role_tag}
- Type: typing.List[str]
Specifies the blocks of IP addresses which are allowed to use the generated token.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#token_bound_cidrs AwsAuthBackendRole#token_bound_cidrs}
- Type: typing.Union[int, float]
Generated Token's Explicit Maximum TTL in seconds.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#token_explicit_max_ttl AwsAuthBackendRole#token_explicit_max_ttl}
- Type: typing.Union[int, float]
The maximum lifetime of the generated token.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#token_max_ttl AwsAuthBackendRole#token_max_ttl}
- Type: typing.Union[bool, cdktf.IResolvable]
If true, the 'default' policy will not automatically be added to generated tokens.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#token_no_default_policy AwsAuthBackendRole#token_no_default_policy}
- Type: typing.Union[int, float]
The maximum number of times a token may be used, a value of zero means unlimited.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#token_num_uses AwsAuthBackendRole#token_num_uses}
- Type: typing.Union[int, float]
Generated Token's Period.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#token_period AwsAuthBackendRole#token_period}
- Type: typing.List[str]
Generated Token's Policies.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#token_policies AwsAuthBackendRole#token_policies}
- Type: typing.Union[int, float]
The initial ttl of the token to generate in seconds.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#token_ttl AwsAuthBackendRole#token_ttl}
- Type: str
The type of token to generate, service or batch.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#token_type AwsAuthBackendRole#token_type}
Name | Description |
---|---|
to_string |
Returns a string representation of this construct. |
add_override |
No description. |
override_logical_id |
Overrides the auto-generated logical ID with a specific ID. |
reset_override_logical_id |
Resets a previously passed logical Id to use the auto-generated logical id again. |
to_hcl_terraform |
No description. |
to_metadata |
No description. |
to_terraform |
Adds this resource to the terraform JSON output. |
add_move_target |
Adds a user defined moveTarget string to this resource to be later used in .moveTo(moveTarget) to resolve the location of the move. |
get_any_map_attribute |
No description. |
get_boolean_attribute |
No description. |
get_boolean_map_attribute |
No description. |
get_list_attribute |
No description. |
get_number_attribute |
No description. |
get_number_list_attribute |
No description. |
get_number_map_attribute |
No description. |
get_string_attribute |
No description. |
get_string_map_attribute |
No description. |
has_resource_move |
No description. |
import_from |
No description. |
interpolation_for_attribute |
No description. |
move_from_id |
Move the resource corresponding to "id" to this resource. |
move_to |
Moves this resource to the target resource given by moveTarget. |
move_to_id |
Moves this resource to the resource corresponding to "id". |
reset_allow_instance_migration |
No description. |
reset_auth_type |
No description. |
reset_backend |
No description. |
reset_bound_account_ids |
No description. |
reset_bound_ami_ids |
No description. |
reset_bound_ec2_instance_ids |
No description. |
reset_bound_iam_instance_profile_arns |
No description. |
reset_bound_iam_principal_arns |
No description. |
reset_bound_iam_role_arns |
No description. |
reset_bound_regions |
No description. |
reset_bound_subnet_ids |
No description. |
reset_bound_vpc_ids |
No description. |
reset_disallow_reauthentication |
No description. |
reset_id |
No description. |
reset_inferred_aws_region |
No description. |
reset_inferred_entity_type |
No description. |
reset_namespace |
No description. |
reset_resolve_aws_unique_ids |
No description. |
reset_role_tag |
No description. |
reset_token_bound_cidrs |
No description. |
reset_token_explicit_max_ttl |
No description. |
reset_token_max_ttl |
No description. |
reset_token_no_default_policy |
No description. |
reset_token_num_uses |
No description. |
reset_token_period |
No description. |
reset_token_policies |
No description. |
reset_token_ttl |
No description. |
reset_token_type |
No description. |
def to_string() -> str
Returns a string representation of this construct.
def add_override(
path: str,
value: typing.Any
) -> None
- Type: str
- Type: typing.Any
def override_logical_id(
new_logical_id: str
) -> None
Overrides the auto-generated logical ID with a specific ID.
- Type: str
The new logical ID to use for this stack element.
def reset_override_logical_id() -> None
Resets a previously passed logical Id to use the auto-generated logical id again.
def to_hcl_terraform() -> typing.Any
def to_metadata() -> typing.Any
def to_terraform() -> typing.Any
Adds this resource to the terraform JSON output.
def add_move_target(
move_target: str
) -> None
Adds a user defined moveTarget string to this resource to be later used in .moveTo(moveTarget) to resolve the location of the move.
- Type: str
The string move target that will correspond to this resource.
def get_any_map_attribute(
terraform_attribute: str
) -> typing.Mapping[typing.Any]
- Type: str
def get_boolean_attribute(
terraform_attribute: str
) -> IResolvable
- Type: str
def get_boolean_map_attribute(
terraform_attribute: str
) -> typing.Mapping[bool]
- Type: str
def get_list_attribute(
terraform_attribute: str
) -> typing.List[str]
- Type: str
def get_number_attribute(
terraform_attribute: str
) -> typing.Union[int, float]
- Type: str
def get_number_list_attribute(
terraform_attribute: str
) -> typing.List[typing.Union[int, float]]
- Type: str
def get_number_map_attribute(
terraform_attribute: str
) -> typing.Mapping[typing.Union[int, float]]
- Type: str
def get_string_attribute(
terraform_attribute: str
) -> str
- Type: str
def get_string_map_attribute(
terraform_attribute: str
) -> typing.Mapping[str]
- Type: str
def has_resource_move() -> typing.Union[TerraformResourceMoveByTarget, TerraformResourceMoveById]
def import_from(
id: str,
provider: TerraformProvider = None
) -> None
- Type: str
- Type: cdktf.TerraformProvider
def interpolation_for_attribute(
terraform_attribute: str
) -> IResolvable
- Type: str
def move_from_id(
id: str
) -> None
Move the resource corresponding to "id" to this resource.
Note that the resource being moved from must be marked as moved using it's instance function.
- Type: str
Full id of resource being moved from, e.g. "aws_s3_bucket.example".
def move_to(
move_target: str,
index: typing.Union[str, typing.Union[int, float]] = None
) -> None
Moves this resource to the target resource given by moveTarget.
- Type: str
The previously set user defined string set by .addMoveTarget() corresponding to the resource to move to.
- Type: typing.Union[str, typing.Union[int, float]]
Optional The index corresponding to the key the resource is to appear in the foreach of a resource to move to.
def move_to_id(
id: str
) -> None
Moves this resource to the resource corresponding to "id".
- Type: str
Full id of resource to move to, e.g. "aws_s3_bucket.example".
def reset_allow_instance_migration() -> None
def reset_auth_type() -> None
def reset_backend() -> None
def reset_bound_account_ids() -> None
def reset_bound_ami_ids() -> None
def reset_bound_ec2_instance_ids() -> None
def reset_bound_iam_instance_profile_arns() -> None
def reset_bound_iam_principal_arns() -> None
def reset_bound_iam_role_arns() -> None
def reset_bound_regions() -> None
def reset_bound_subnet_ids() -> None
def reset_bound_vpc_ids() -> None
def reset_disallow_reauthentication() -> None
def reset_id() -> None
def reset_inferred_aws_region() -> None
def reset_inferred_entity_type() -> None
def reset_namespace() -> None
def reset_resolve_aws_unique_ids() -> None
def reset_role_tag() -> None
def reset_token_bound_cidrs() -> None
def reset_token_explicit_max_ttl() -> None
def reset_token_max_ttl() -> None
def reset_token_no_default_policy() -> None
def reset_token_num_uses() -> None
def reset_token_period() -> None
def reset_token_policies() -> None
def reset_token_ttl() -> None
def reset_token_type() -> None
Name | Description |
---|---|
is_construct |
Checks if x is a construct. |
is_terraform_element |
No description. |
is_terraform_resource |
No description. |
generate_config_for_import |
Generates CDKTF code for importing a AwsAuthBackendRole resource upon running "cdktf plan ". |
from cdktf_cdktf_provider_vault import aws_auth_backend_role
awsAuthBackendRole.AwsAuthBackendRole.is_construct(
x: typing.Any
)
Checks if x
is a construct.
Use this method instead of instanceof
to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs
library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct
in each copy of the constructs
library
is seen as a different class, and an instance of one class will not test as
instanceof
the other class. npm install
will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof
will behave
unpredictably. It is safest to avoid using instanceof
, and using
this type-testing method instead.
- Type: typing.Any
Any object.
from cdktf_cdktf_provider_vault import aws_auth_backend_role
awsAuthBackendRole.AwsAuthBackendRole.is_terraform_element(
x: typing.Any
)
- Type: typing.Any
from cdktf_cdktf_provider_vault import aws_auth_backend_role
awsAuthBackendRole.AwsAuthBackendRole.is_terraform_resource(
x: typing.Any
)
- Type: typing.Any
from cdktf_cdktf_provider_vault import aws_auth_backend_role
awsAuthBackendRole.AwsAuthBackendRole.generate_config_for_import(
scope: Construct,
import_to_id: str,
import_from_id: str,
provider: TerraformProvider = None
)
Generates CDKTF code for importing a AwsAuthBackendRole resource upon running "cdktf plan ".
- Type: constructs.Construct
The scope in which to define this construct.
- Type: str
The construct id used in the generated config for the AwsAuthBackendRole to import.
- Type: str
The id of the existing AwsAuthBackendRole that should be imported.
Refer to the {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#import import section} in the documentation of this resource for the id to use
- Type: cdktf.TerraformProvider
? Optional instance of the provider where the AwsAuthBackendRole to import is found.
Name | Type | Description |
---|---|---|
node |
constructs.Node |
The tree node. |
cdktf_stack |
cdktf.TerraformStack |
No description. |
fqn |
str |
No description. |
friendly_unique_id |
str |
No description. |
terraform_meta_arguments |
typing.Mapping[typing.Any] |
No description. |
terraform_resource_type |
str |
No description. |
terraform_generator_metadata |
cdktf.TerraformProviderGeneratorMetadata |
No description. |
connection |
typing.Union[cdktf.SSHProvisionerConnection, cdktf.WinrmProvisionerConnection] |
No description. |
count |
typing.Union[typing.Union[int, float], cdktf.TerraformCount] |
No description. |
depends_on |
typing.List[str] |
No description. |
for_each |
cdktf.ITerraformIterator |
No description. |
lifecycle |
cdktf.TerraformResourceLifecycle |
No description. |
provider |
cdktf.TerraformProvider |
No description. |
provisioners |
typing.List[typing.Union[cdktf.FileProvisioner, cdktf.LocalExecProvisioner, cdktf.RemoteExecProvisioner]] |
No description. |
role_id |
str |
No description. |
allow_instance_migration_input |
typing.Union[bool, cdktf.IResolvable] |
No description. |
auth_type_input |
str |
No description. |
backend_input |
str |
No description. |
bound_account_ids_input |
typing.List[str] |
No description. |
bound_ami_ids_input |
typing.List[str] |
No description. |
bound_ec2_instance_ids_input |
typing.List[str] |
No description. |
bound_iam_instance_profile_arns_input |
typing.List[str] |
No description. |
bound_iam_principal_arns_input |
typing.List[str] |
No description. |
bound_iam_role_arns_input |
typing.List[str] |
No description. |
bound_regions_input |
typing.List[str] |
No description. |
bound_subnet_ids_input |
typing.List[str] |
No description. |
bound_vpc_ids_input |
typing.List[str] |
No description. |
disallow_reauthentication_input |
typing.Union[bool, cdktf.IResolvable] |
No description. |
id_input |
str |
No description. |
inferred_aws_region_input |
str |
No description. |
inferred_entity_type_input |
str |
No description. |
namespace_input |
str |
No description. |
resolve_aws_unique_ids_input |
typing.Union[bool, cdktf.IResolvable] |
No description. |
role_input |
str |
No description. |
role_tag_input |
str |
No description. |
token_bound_cidrs_input |
typing.List[str] |
No description. |
token_explicit_max_ttl_input |
typing.Union[int, float] |
No description. |
token_max_ttl_input |
typing.Union[int, float] |
No description. |
token_no_default_policy_input |
typing.Union[bool, cdktf.IResolvable] |
No description. |
token_num_uses_input |
typing.Union[int, float] |
No description. |
token_period_input |
typing.Union[int, float] |
No description. |
token_policies_input |
typing.List[str] |
No description. |
token_ttl_input |
typing.Union[int, float] |
No description. |
token_type_input |
str |
No description. |
allow_instance_migration |
typing.Union[bool, cdktf.IResolvable] |
No description. |
auth_type |
str |
No description. |
backend |
str |
No description. |
bound_account_ids |
typing.List[str] |
No description. |
bound_ami_ids |
typing.List[str] |
No description. |
bound_ec2_instance_ids |
typing.List[str] |
No description. |
bound_iam_instance_profile_arns |
typing.List[str] |
No description. |
bound_iam_principal_arns |
typing.List[str] |
No description. |
bound_iam_role_arns |
typing.List[str] |
No description. |
bound_regions |
typing.List[str] |
No description. |
bound_subnet_ids |
typing.List[str] |
No description. |
bound_vpc_ids |
typing.List[str] |
No description. |
disallow_reauthentication |
typing.Union[bool, cdktf.IResolvable] |
No description. |
id |
str |
No description. |
inferred_aws_region |
str |
No description. |
inferred_entity_type |
str |
No description. |
namespace |
str |
No description. |
resolve_aws_unique_ids |
typing.Union[bool, cdktf.IResolvable] |
No description. |
role |
str |
No description. |
role_tag |
str |
No description. |
token_bound_cidrs |
typing.List[str] |
No description. |
token_explicit_max_ttl |
typing.Union[int, float] |
No description. |
token_max_ttl |
typing.Union[int, float] |
No description. |
token_no_default_policy |
typing.Union[bool, cdktf.IResolvable] |
No description. |
token_num_uses |
typing.Union[int, float] |
No description. |
token_period |
typing.Union[int, float] |
No description. |
token_policies |
typing.List[str] |
No description. |
token_ttl |
typing.Union[int, float] |
No description. |
token_type |
str |
No description. |
node: Node
- Type: constructs.Node
The tree node.
cdktf_stack: TerraformStack
- Type: cdktf.TerraformStack
fqn: str
- Type: str
friendly_unique_id: str
- Type: str
terraform_meta_arguments: typing.Mapping[typing.Any]
- Type: typing.Mapping[typing.Any]
terraform_resource_type: str
- Type: str
terraform_generator_metadata: TerraformProviderGeneratorMetadata
- Type: cdktf.TerraformProviderGeneratorMetadata
connection: typing.Union[SSHProvisionerConnection, WinrmProvisionerConnection]
- Type: typing.Union[cdktf.SSHProvisionerConnection, cdktf.WinrmProvisionerConnection]
count: typing.Union[typing.Union[int, float], TerraformCount]
- Type: typing.Union[typing.Union[int, float], cdktf.TerraformCount]
depends_on: typing.List[str]
- Type: typing.List[str]
for_each: ITerraformIterator
- Type: cdktf.ITerraformIterator
lifecycle: TerraformResourceLifecycle
- Type: cdktf.TerraformResourceLifecycle
provider: TerraformProvider
- Type: cdktf.TerraformProvider
provisioners: typing.List[typing.Union[FileProvisioner, LocalExecProvisioner, RemoteExecProvisioner]]
- Type: typing.List[typing.Union[cdktf.FileProvisioner, cdktf.LocalExecProvisioner, cdktf.RemoteExecProvisioner]]
role_id: str
- Type: str
allow_instance_migration_input: typing.Union[bool, IResolvable]
- Type: typing.Union[bool, cdktf.IResolvable]
auth_type_input: str
- Type: str
backend_input: str
- Type: str
bound_account_ids_input: typing.List[str]
- Type: typing.List[str]
bound_ami_ids_input: typing.List[str]
- Type: typing.List[str]
bound_ec2_instance_ids_input: typing.List[str]
- Type: typing.List[str]
bound_iam_instance_profile_arns_input: typing.List[str]
- Type: typing.List[str]
bound_iam_principal_arns_input: typing.List[str]
- Type: typing.List[str]
bound_iam_role_arns_input: typing.List[str]
- Type: typing.List[str]
bound_regions_input: typing.List[str]
- Type: typing.List[str]
bound_subnet_ids_input: typing.List[str]
- Type: typing.List[str]
bound_vpc_ids_input: typing.List[str]
- Type: typing.List[str]
disallow_reauthentication_input: typing.Union[bool, IResolvable]
- Type: typing.Union[bool, cdktf.IResolvable]
id_input: str
- Type: str
inferred_aws_region_input: str
- Type: str
inferred_entity_type_input: str
- Type: str
namespace_input: str
- Type: str
resolve_aws_unique_ids_input: typing.Union[bool, IResolvable]
- Type: typing.Union[bool, cdktf.IResolvable]
role_input: str
- Type: str
role_tag_input: str
- Type: str
token_bound_cidrs_input: typing.List[str]
- Type: typing.List[str]
token_explicit_max_ttl_input: typing.Union[int, float]
- Type: typing.Union[int, float]
token_max_ttl_input: typing.Union[int, float]
- Type: typing.Union[int, float]
token_no_default_policy_input: typing.Union[bool, IResolvable]
- Type: typing.Union[bool, cdktf.IResolvable]
token_num_uses_input: typing.Union[int, float]
- Type: typing.Union[int, float]
token_period_input: typing.Union[int, float]
- Type: typing.Union[int, float]
token_policies_input: typing.List[str]
- Type: typing.List[str]
token_ttl_input: typing.Union[int, float]
- Type: typing.Union[int, float]
token_type_input: str
- Type: str
allow_instance_migration: typing.Union[bool, IResolvable]
- Type: typing.Union[bool, cdktf.IResolvable]
auth_type: str
- Type: str
backend: str
- Type: str
bound_account_ids: typing.List[str]
- Type: typing.List[str]
bound_ami_ids: typing.List[str]
- Type: typing.List[str]
bound_ec2_instance_ids: typing.List[str]
- Type: typing.List[str]
bound_iam_instance_profile_arns: typing.List[str]
- Type: typing.List[str]
bound_iam_principal_arns: typing.List[str]
- Type: typing.List[str]
bound_iam_role_arns: typing.List[str]
- Type: typing.List[str]
bound_regions: typing.List[str]
- Type: typing.List[str]
bound_subnet_ids: typing.List[str]
- Type: typing.List[str]
bound_vpc_ids: typing.List[str]
- Type: typing.List[str]
disallow_reauthentication: typing.Union[bool, IResolvable]
- Type: typing.Union[bool, cdktf.IResolvable]
id: str
- Type: str
inferred_aws_region: str
- Type: str
inferred_entity_type: str
- Type: str
namespace: str
- Type: str
resolve_aws_unique_ids: typing.Union[bool, IResolvable]
- Type: typing.Union[bool, cdktf.IResolvable]
role: str
- Type: str
role_tag: str
- Type: str
token_bound_cidrs: typing.List[str]
- Type: typing.List[str]
token_explicit_max_ttl: typing.Union[int, float]
- Type: typing.Union[int, float]
token_max_ttl: typing.Union[int, float]
- Type: typing.Union[int, float]
token_no_default_policy: typing.Union[bool, IResolvable]
- Type: typing.Union[bool, cdktf.IResolvable]
token_num_uses: typing.Union[int, float]
- Type: typing.Union[int, float]
token_period: typing.Union[int, float]
- Type: typing.Union[int, float]
token_policies: typing.List[str]
- Type: typing.List[str]
token_ttl: typing.Union[int, float]
- Type: typing.Union[int, float]
token_type: str
- Type: str
Name | Type | Description |
---|---|---|
tfResourceType |
str |
No description. |
tfResourceType: str
- Type: str
from cdktf_cdktf_provider_vault import aws_auth_backend_role
awsAuthBackendRole.AwsAuthBackendRoleConfig(
connection: typing.Union[SSHProvisionerConnection, WinrmProvisionerConnection] = None,
count: typing.Union[typing.Union[int, float], TerraformCount] = None,
depends_on: typing.List[ITerraformDependable] = None,
for_each: ITerraformIterator = None,
lifecycle: TerraformResourceLifecycle = None,
provider: TerraformProvider = None,
provisioners: typing.List[typing.Union[FileProvisioner, LocalExecProvisioner, RemoteExecProvisioner]] = None,
role: str,
allow_instance_migration: typing.Union[bool, IResolvable] = None,
auth_type: str = None,
backend: str = None,
bound_account_ids: typing.List[str] = None,
bound_ami_ids: typing.List[str] = None,
bound_ec2_instance_ids: typing.List[str] = None,
bound_iam_instance_profile_arns: typing.List[str] = None,
bound_iam_principal_arns: typing.List[str] = None,
bound_iam_role_arns: typing.List[str] = None,
bound_regions: typing.List[str] = None,
bound_subnet_ids: typing.List[str] = None,
bound_vpc_ids: typing.List[str] = None,
disallow_reauthentication: typing.Union[bool, IResolvable] = None,
id: str = None,
inferred_aws_region: str = None,
inferred_entity_type: str = None,
namespace: str = None,
resolve_aws_unique_ids: typing.Union[bool, IResolvable] = None,
role_tag: str = None,
token_bound_cidrs: typing.List[str] = None,
token_explicit_max_ttl: typing.Union[int, float] = None,
token_max_ttl: typing.Union[int, float] = None,
token_no_default_policy: typing.Union[bool, IResolvable] = None,
token_num_uses: typing.Union[int, float] = None,
token_period: typing.Union[int, float] = None,
token_policies: typing.List[str] = None,
token_ttl: typing.Union[int, float] = None,
token_type: str = None
)
Name | Type | Description |
---|---|---|
connection |
typing.Union[cdktf.SSHProvisionerConnection, cdktf.WinrmProvisionerConnection] |
No description. |
count |
typing.Union[typing.Union[int, float], cdktf.TerraformCount] |
No description. |
depends_on |
typing.List[cdktf.ITerraformDependable] |
No description. |
for_each |
cdktf.ITerraformIterator |
No description. |
lifecycle |
cdktf.TerraformResourceLifecycle |
No description. |
provider |
cdktf.TerraformProvider |
No description. |
provisioners |
typing.List[typing.Union[cdktf.FileProvisioner, cdktf.LocalExecProvisioner, cdktf.RemoteExecProvisioner]] |
No description. |
role |
str |
Name of the role. |
allow_instance_migration |
typing.Union[bool, cdktf.IResolvable] |
When true, allows migration of the underlying instance where the client resides. Use with caution. |
auth_type |
str |
The auth type permitted for this role. |
backend |
str |
Unique name of the auth backend to configure. |
bound_account_ids |
typing.List[str] |
Only EC2 instances with this account ID in their identity document will be permitted to log in. |
bound_ami_ids |
typing.List[str] |
Only EC2 instances using this AMI ID will be permitted to log in. |
bound_ec2_instance_ids |
typing.List[str] |
Only EC2 instances that match this instance ID will be permitted to log in. |
bound_iam_instance_profile_arns |
typing.List[str] |
Only EC2 instances associated with an IAM instance profile ARN that matches this value will be permitted to log in. |
bound_iam_principal_arns |
typing.List[str] |
The IAM principal that must be authenticated using the iam auth method. |
bound_iam_role_arns |
typing.List[str] |
Only EC2 instances that match this IAM role ARN will be permitted to log in. |
bound_regions |
typing.List[str] |
Only EC2 instances in this region will be permitted to log in. |
bound_subnet_ids |
typing.List[str] |
Only EC2 instances associated with this subnet ID will be permitted to log in. |
bound_vpc_ids |
typing.List[str] |
Only EC2 instances associated with this VPC ID will be permitted to log in. |
disallow_reauthentication |
typing.Union[bool, cdktf.IResolvable] |
When true, only allows a single token to be granted per instance ID. |
id |
str |
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#id AwsAuthBackendRole#id}. |
inferred_aws_region |
str |
The region to search for the inferred entities in. |
inferred_entity_type |
str |
The type of inferencing Vault should do. |
namespace |
str |
Target namespace. (requires Enterprise). |
resolve_aws_unique_ids |
typing.Union[bool, cdktf.IResolvable] |
Whether or not Vault should resolve the bound_iam_principal_arn to an AWS Unique ID. |
role_tag |
str |
The key of the tag on EC2 instance to use for role tags. |
token_bound_cidrs |
typing.List[str] |
Specifies the blocks of IP addresses which are allowed to use the generated token. |
token_explicit_max_ttl |
typing.Union[int, float] |
Generated Token's Explicit Maximum TTL in seconds. |
token_max_ttl |
typing.Union[int, float] |
The maximum lifetime of the generated token. |
token_no_default_policy |
typing.Union[bool, cdktf.IResolvable] |
If true, the 'default' policy will not automatically be added to generated tokens. |
token_num_uses |
typing.Union[int, float] |
The maximum number of times a token may be used, a value of zero means unlimited. |
token_period |
typing.Union[int, float] |
Generated Token's Period. |
token_policies |
typing.List[str] |
Generated Token's Policies. |
token_ttl |
typing.Union[int, float] |
The initial ttl of the token to generate in seconds. |
token_type |
str |
The type of token to generate, service or batch. |
connection: typing.Union[SSHProvisionerConnection, WinrmProvisionerConnection]
- Type: typing.Union[cdktf.SSHProvisionerConnection, cdktf.WinrmProvisionerConnection]
count: typing.Union[typing.Union[int, float], TerraformCount]
- Type: typing.Union[typing.Union[int, float], cdktf.TerraformCount]
depends_on: typing.List[ITerraformDependable]
- Type: typing.List[cdktf.ITerraformDependable]
for_each: ITerraformIterator
- Type: cdktf.ITerraformIterator
lifecycle: TerraformResourceLifecycle
- Type: cdktf.TerraformResourceLifecycle
provider: TerraformProvider
- Type: cdktf.TerraformProvider
provisioners: typing.List[typing.Union[FileProvisioner, LocalExecProvisioner, RemoteExecProvisioner]]
- Type: typing.List[typing.Union[cdktf.FileProvisioner, cdktf.LocalExecProvisioner, cdktf.RemoteExecProvisioner]]
role: str
- Type: str
Name of the role.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#role AwsAuthBackendRole#role}
allow_instance_migration: typing.Union[bool, IResolvable]
- Type: typing.Union[bool, cdktf.IResolvable]
When true, allows migration of the underlying instance where the client resides. Use with caution.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#allow_instance_migration AwsAuthBackendRole#allow_instance_migration}
auth_type: str
- Type: str
The auth type permitted for this role.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#auth_type AwsAuthBackendRole#auth_type}
backend: str
- Type: str
Unique name of the auth backend to configure.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#backend AwsAuthBackendRole#backend}
bound_account_ids: typing.List[str]
- Type: typing.List[str]
Only EC2 instances with this account ID in their identity document will be permitted to log in.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#bound_account_ids AwsAuthBackendRole#bound_account_ids}
bound_ami_ids: typing.List[str]
- Type: typing.List[str]
Only EC2 instances using this AMI ID will be permitted to log in.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#bound_ami_ids AwsAuthBackendRole#bound_ami_ids}
bound_ec2_instance_ids: typing.List[str]
- Type: typing.List[str]
Only EC2 instances that match this instance ID will be permitted to log in.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#bound_ec2_instance_ids AwsAuthBackendRole#bound_ec2_instance_ids}
bound_iam_instance_profile_arns: typing.List[str]
- Type: typing.List[str]
Only EC2 instances associated with an IAM instance profile ARN that matches this value will be permitted to log in.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#bound_iam_instance_profile_arns AwsAuthBackendRole#bound_iam_instance_profile_arns}
bound_iam_principal_arns: typing.List[str]
- Type: typing.List[str]
The IAM principal that must be authenticated using the iam auth method.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#bound_iam_principal_arns AwsAuthBackendRole#bound_iam_principal_arns}
bound_iam_role_arns: typing.List[str]
- Type: typing.List[str]
Only EC2 instances that match this IAM role ARN will be permitted to log in.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#bound_iam_role_arns AwsAuthBackendRole#bound_iam_role_arns}
bound_regions: typing.List[str]
- Type: typing.List[str]
Only EC2 instances in this region will be permitted to log in.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#bound_regions AwsAuthBackendRole#bound_regions}
bound_subnet_ids: typing.List[str]
- Type: typing.List[str]
Only EC2 instances associated with this subnet ID will be permitted to log in.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#bound_subnet_ids AwsAuthBackendRole#bound_subnet_ids}
bound_vpc_ids: typing.List[str]
- Type: typing.List[str]
Only EC2 instances associated with this VPC ID will be permitted to log in.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#bound_vpc_ids AwsAuthBackendRole#bound_vpc_ids}
disallow_reauthentication: typing.Union[bool, IResolvable]
- Type: typing.Union[bool, cdktf.IResolvable]
When true, only allows a single token to be granted per instance ID.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#disallow_reauthentication AwsAuthBackendRole#disallow_reauthentication}
id: str
- Type: str
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#id AwsAuthBackendRole#id}.
Please be aware that the id field is automatically added to all resources in Terraform providers using a Terraform provider SDK version below 2. If you experience problems setting this value it might not be settable. Please take a look at the provider documentation to ensure it should be settable.
inferred_aws_region: str
- Type: str
The region to search for the inferred entities in.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#inferred_aws_region AwsAuthBackendRole#inferred_aws_region}
inferred_entity_type: str
- Type: str
The type of inferencing Vault should do.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#inferred_entity_type AwsAuthBackendRole#inferred_entity_type}
namespace: str
- Type: str
Target namespace. (requires Enterprise).
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#namespace AwsAuthBackendRole#namespace}
resolve_aws_unique_ids: typing.Union[bool, IResolvable]
- Type: typing.Union[bool, cdktf.IResolvable]
Whether or not Vault should resolve the bound_iam_principal_arn to an AWS Unique ID.
When true, deleting a principal and recreating it with the same name won't automatically grant the new principal the same roles in Vault that the old principal had.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#resolve_aws_unique_ids AwsAuthBackendRole#resolve_aws_unique_ids}
role_tag: str
- Type: str
The key of the tag on EC2 instance to use for role tags.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#role_tag AwsAuthBackendRole#role_tag}
token_bound_cidrs: typing.List[str]
- Type: typing.List[str]
Specifies the blocks of IP addresses which are allowed to use the generated token.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#token_bound_cidrs AwsAuthBackendRole#token_bound_cidrs}
token_explicit_max_ttl: typing.Union[int, float]
- Type: typing.Union[int, float]
Generated Token's Explicit Maximum TTL in seconds.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#token_explicit_max_ttl AwsAuthBackendRole#token_explicit_max_ttl}
token_max_ttl: typing.Union[int, float]
- Type: typing.Union[int, float]
The maximum lifetime of the generated token.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#token_max_ttl AwsAuthBackendRole#token_max_ttl}
token_no_default_policy: typing.Union[bool, IResolvable]
- Type: typing.Union[bool, cdktf.IResolvable]
If true, the 'default' policy will not automatically be added to generated tokens.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#token_no_default_policy AwsAuthBackendRole#token_no_default_policy}
token_num_uses: typing.Union[int, float]
- Type: typing.Union[int, float]
The maximum number of times a token may be used, a value of zero means unlimited.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#token_num_uses AwsAuthBackendRole#token_num_uses}
token_period: typing.Union[int, float]
- Type: typing.Union[int, float]
Generated Token's Period.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#token_period AwsAuthBackendRole#token_period}
token_policies: typing.List[str]
- Type: typing.List[str]
Generated Token's Policies.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#token_policies AwsAuthBackendRole#token_policies}
token_ttl: typing.Union[int, float]
- Type: typing.Union[int, float]
The initial ttl of the token to generate in seconds.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#token_ttl AwsAuthBackendRole#token_ttl}
token_type: str
- Type: str
The type of token to generate, service or batch.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/aws_auth_backend_role#token_type AwsAuthBackendRole#token_type}