README
¶
vault_aws_auth_backend_role
Refer to the Terraform Registry for docs: vault_aws_auth_backend_role.
Documentation
¶
Index ¶
- func AwsAuthBackendRole_GenerateConfigForImport(scope constructs.Construct, importToId *string, importFromId *string, ...) cdktf.ImportableResource
- func AwsAuthBackendRole_IsConstruct(x interface{}) *bool
- func AwsAuthBackendRole_IsTerraformElement(x interface{}) *bool
- func AwsAuthBackendRole_IsTerraformResource(x interface{}) *bool
- func AwsAuthBackendRole_TfResourceType() *string
- func NewAwsAuthBackendRole_Override(a AwsAuthBackendRole, scope constructs.Construct, id *string, ...)
- type AwsAuthBackendRole
- type AwsAuthBackendRoleConfig
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func AwsAuthBackendRole_GenerateConfigForImport ¶
func AwsAuthBackendRole_GenerateConfigForImport(scope constructs.Construct, importToId *string, importFromId *string, provider cdktf.TerraformProvider) cdktf.ImportableResource
Generates CDKTF code for importing a AwsAuthBackendRole resource upon running "cdktf plan <stack-name>".
func AwsAuthBackendRole_IsConstruct ¶
func AwsAuthBackendRole_IsConstruct(x interface{}) *bool
Checks if `x` is a construct.
Use this method instead of `instanceof` to properly detect `Construct` instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the `constructs` library on disk are seen as independent, completely different libraries. As a consequence, the class `Construct` in each copy of the `constructs` library is seen as a different class, and an instance of one class will not test as `instanceof` the other class. `npm install` will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the `constructs` library can be accidentally installed, and `instanceof` will behave unpredictably. It is safest to avoid using `instanceof`, and using this type-testing method instead.
Returns: true if `x` is an object created from a class which extends `Construct`.
func AwsAuthBackendRole_IsTerraformElement ¶
func AwsAuthBackendRole_IsTerraformElement(x interface{}) *bool
Experimental.
func AwsAuthBackendRole_IsTerraformResource ¶
func AwsAuthBackendRole_IsTerraformResource(x interface{}) *bool
Experimental.
func AwsAuthBackendRole_TfResourceType ¶
func AwsAuthBackendRole_TfResourceType() *string
func NewAwsAuthBackendRole_Override ¶
func NewAwsAuthBackendRole_Override(a AwsAuthBackendRole, scope constructs.Construct, id *string, config *AwsAuthBackendRoleConfig)
Create a new {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/aws_auth_backend_role vault_aws_auth_backend_role} Resource.
Types ¶
type AwsAuthBackendRole ¶
type AwsAuthBackendRole interface {
cdktf.TerraformResource
AllowInstanceMigration() interface{}
SetAllowInstanceMigration(val interface{})
AllowInstanceMigrationInput() interface{}
AuthType() *string
SetAuthType(val *string)
AuthTypeInput() *string
Backend() *string
SetBackend(val *string)
BackendInput() *string
BoundAccountIds() *[]*string
SetBoundAccountIds(val *[]*string)
BoundAccountIdsInput() *[]*string
BoundAmiIds() *[]*string
SetBoundAmiIds(val *[]*string)
BoundAmiIdsInput() *[]*string
BoundEc2InstanceIds() *[]*string
SetBoundEc2InstanceIds(val *[]*string)
BoundEc2InstanceIdsInput() *[]*string
BoundIamInstanceProfileArns() *[]*string
SetBoundIamInstanceProfileArns(val *[]*string)
BoundIamInstanceProfileArnsInput() *[]*string
BoundIamPrincipalArns() *[]*string
SetBoundIamPrincipalArns(val *[]*string)
BoundIamPrincipalArnsInput() *[]*string
BoundIamRoleArns() *[]*string
SetBoundIamRoleArns(val *[]*string)
BoundIamRoleArnsInput() *[]*string
BoundRegions() *[]*string
SetBoundRegions(val *[]*string)
BoundRegionsInput() *[]*string
BoundSubnetIds() *[]*string
SetBoundSubnetIds(val *[]*string)
BoundSubnetIdsInput() *[]*string
BoundVpcIds() *[]*string
SetBoundVpcIds(val *[]*string)
BoundVpcIdsInput() *[]*string
// Experimental.
CdktfStack() cdktf.TerraformStack
// Experimental.
Connection() interface{}
// Experimental.
SetConnection(val interface{})
// Experimental.
ConstructNodeMetadata() *map[string]interface{}
// Experimental.
Count() interface{}
// Experimental.
SetCount(val interface{})
// Experimental.
DependsOn() *[]*string
// Experimental.
SetDependsOn(val *[]*string)
DisallowReauthentication() interface{}
SetDisallowReauthentication(val interface{})
DisallowReauthenticationInput() interface{}
// Experimental.
ForEach() cdktf.ITerraformIterator
// Experimental.
SetForEach(val cdktf.ITerraformIterator)
// Experimental.
Fqn() *string
// Experimental.
FriendlyUniqueId() *string
Id() *string
SetId(val *string)
IdInput() *string
InferredAwsRegion() *string
SetInferredAwsRegion(val *string)
InferredAwsRegionInput() *string
InferredEntityType() *string
SetInferredEntityType(val *string)
InferredEntityTypeInput() *string
// Experimental.
Lifecycle() *cdktf.TerraformResourceLifecycle
// Experimental.
SetLifecycle(val *cdktf.TerraformResourceLifecycle)
Namespace() *string
SetNamespace(val *string)
NamespaceInput() *string
// The tree node.
Node() constructs.Node
// Experimental.
Provider() cdktf.TerraformProvider
// Experimental.
SetProvider(val cdktf.TerraformProvider)
// Experimental.
Provisioners() *[]interface{}
// Experimental.
SetProvisioners(val *[]interface{})
// Experimental.
RawOverrides() interface{}
ResolveAwsUniqueIds() interface{}
SetResolveAwsUniqueIds(val interface{})
ResolveAwsUniqueIdsInput() interface{}
Role() *string
SetRole(val *string)
RoleId() *string
RoleInput() *string
RoleTag() *string
SetRoleTag(val *string)
RoleTagInput() *string
// Experimental.
TerraformGeneratorMetadata() *cdktf.TerraformProviderGeneratorMetadata
// Experimental.
TerraformMetaArguments() *map[string]interface{}
// Experimental.
TerraformResourceType() *string
TokenBoundCidrs() *[]*string
SetTokenBoundCidrs(val *[]*string)
TokenBoundCidrsInput() *[]*string
TokenExplicitMaxTtl() *float64
SetTokenExplicitMaxTtl(val *float64)
TokenExplicitMaxTtlInput() *float64
TokenMaxTtl() *float64
SetTokenMaxTtl(val *float64)
TokenMaxTtlInput() *float64
TokenNoDefaultPolicy() interface{}
SetTokenNoDefaultPolicy(val interface{})
TokenNoDefaultPolicyInput() interface{}
TokenNumUses() *float64
SetTokenNumUses(val *float64)
TokenNumUsesInput() *float64
TokenPeriod() *float64
SetTokenPeriod(val *float64)
TokenPeriodInput() *float64
TokenPolicies() *[]*string
SetTokenPolicies(val *[]*string)
TokenPoliciesInput() *[]*string
TokenTtl() *float64
SetTokenTtl(val *float64)
TokenTtlInput() *float64
TokenType() *string
SetTokenType(val *string)
TokenTypeInput() *string
// Adds a user defined moveTarget string to this resource to be later used in .moveTo(moveTarget) to resolve the location of the move.
// Experimental.
AddMoveTarget(moveTarget *string)
// Experimental.
AddOverride(path *string, value interface{})
// Experimental.
GetAnyMapAttribute(terraformAttribute *string) *map[string]interface{}
// Experimental.
GetBooleanAttribute(terraformAttribute *string) cdktf.IResolvable
// Experimental.
GetBooleanMapAttribute(terraformAttribute *string) *map[string]*bool
// Experimental.
GetListAttribute(terraformAttribute *string) *[]*string
// Experimental.
GetNumberAttribute(terraformAttribute *string) *float64
// Experimental.
GetNumberListAttribute(terraformAttribute *string) *[]*float64
// Experimental.
GetNumberMapAttribute(terraformAttribute *string) *map[string]*float64
// Experimental.
GetStringAttribute(terraformAttribute *string) *string
// Experimental.
GetStringMapAttribute(terraformAttribute *string) *map[string]*string
// Experimental.
HasResourceMove() interface{}
// Experimental.
ImportFrom(id *string, provider cdktf.TerraformProvider)
// Experimental.
InterpolationForAttribute(terraformAttribute *string) cdktf.IResolvable
// Move the resource corresponding to "id" to this resource.
//
// Note that the resource being moved from must be marked as moved using it's instance function.
// Experimental.
MoveFromId(id *string)
// Moves this resource to the target resource given by moveTarget.
// Experimental.
MoveTo(moveTarget *string, index interface{})
// Moves this resource to the resource corresponding to "id".
// Experimental.
MoveToId(id *string)
// Overrides the auto-generated logical ID with a specific ID.
// Experimental.
OverrideLogicalId(newLogicalId *string)
ResetAllowInstanceMigration()
ResetAuthType()
ResetBackend()
ResetBoundAccountIds()
ResetBoundAmiIds()
ResetBoundEc2InstanceIds()
ResetBoundIamInstanceProfileArns()
ResetBoundIamPrincipalArns()
ResetBoundIamRoleArns()
ResetBoundRegions()
ResetBoundSubnetIds()
ResetBoundVpcIds()
ResetDisallowReauthentication()
ResetId()
ResetInferredAwsRegion()
ResetInferredEntityType()
ResetNamespace()
// Resets a previously passed logical Id to use the auto-generated logical id again.
// Experimental.
ResetOverrideLogicalId()
ResetResolveAwsUniqueIds()
ResetRoleTag()
ResetTokenBoundCidrs()
ResetTokenExplicitMaxTtl()
ResetTokenMaxTtl()
ResetTokenNoDefaultPolicy()
ResetTokenNumUses()
ResetTokenPeriod()
ResetTokenPolicies()
ResetTokenTtl()
ResetTokenType()
SynthesizeAttributes() *map[string]interface{}
SynthesizeHclAttributes() *map[string]interface{}
// Experimental.
ToHclTerraform() interface{}
// Experimental.
ToMetadata() interface{}
// Returns a string representation of this construct.
ToString() *string
// Adds this resource to the terraform JSON output.
// Experimental.
ToTerraform() interface{}
}
Represents a {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/aws_auth_backend_role vault_aws_auth_backend_role}.
func NewAwsAuthBackendRole ¶
func NewAwsAuthBackendRole(scope constructs.Construct, id *string, config *AwsAuthBackendRoleConfig) AwsAuthBackendRole
Create a new {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/aws_auth_backend_role vault_aws_auth_backend_role} Resource.
type AwsAuthBackendRoleConfig ¶
type AwsAuthBackendRoleConfig struct {
// Experimental.
Connection interface{} `field:"optional" json:"connection" yaml:"connection"`
// Experimental.
Count interface{} `field:"optional" json:"count" yaml:"count"`
// Experimental.
DependsOn *[]cdktf.ITerraformDependable `field:"optional" json:"dependsOn" yaml:"dependsOn"`
// Experimental.
ForEach cdktf.ITerraformIterator `field:"optional" json:"forEach" yaml:"forEach"`
// Experimental.
Lifecycle *cdktf.TerraformResourceLifecycle `field:"optional" json:"lifecycle" yaml:"lifecycle"`
// Experimental.
Provider cdktf.TerraformProvider `field:"optional" json:"provider" yaml:"provider"`
// Experimental.
Provisioners *[]interface{} `field:"optional" json:"provisioners" yaml:"provisioners"`
// Name of the role.
//
// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/aws_auth_backend_role#role AwsAuthBackendRole#role}
Role *string `field:"required" json:"role" yaml:"role"`
// When true, allows migration of the underlying instance where the client resides. Use with caution.
//
// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/aws_auth_backend_role#allow_instance_migration AwsAuthBackendRole#allow_instance_migration}
AllowInstanceMigration interface{} `field:"optional" json:"allowInstanceMigration" yaml:"allowInstanceMigration"`
// The auth type permitted for this role.
//
// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/aws_auth_backend_role#auth_type AwsAuthBackendRole#auth_type}
AuthType *string `field:"optional" json:"authType" yaml:"authType"`
// Unique name of the auth backend to configure.
//
// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/aws_auth_backend_role#backend AwsAuthBackendRole#backend}
Backend *string `field:"optional" json:"backend" yaml:"backend"`
// Only EC2 instances with this account ID in their identity document will be permitted to log in.
//
// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/aws_auth_backend_role#bound_account_ids AwsAuthBackendRole#bound_account_ids}
BoundAccountIds *[]*string `field:"optional" json:"boundAccountIds" yaml:"boundAccountIds"`
// Only EC2 instances using this AMI ID will be permitted to log in.
//
// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/aws_auth_backend_role#bound_ami_ids AwsAuthBackendRole#bound_ami_ids}
BoundAmiIds *[]*string `field:"optional" json:"boundAmiIds" yaml:"boundAmiIds"`
// Only EC2 instances that match this instance ID will be permitted to log in.
//
// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/aws_auth_backend_role#bound_ec2_instance_ids AwsAuthBackendRole#bound_ec2_instance_ids}
BoundEc2InstanceIds *[]*string `field:"optional" json:"boundEc2InstanceIds" yaml:"boundEc2InstanceIds"`
// Only EC2 instances associated with an IAM instance profile ARN that matches this value will be permitted to log in.
//
// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/aws_auth_backend_role#bound_iam_instance_profile_arns AwsAuthBackendRole#bound_iam_instance_profile_arns}
BoundIamInstanceProfileArns *[]*string `field:"optional" json:"boundIamInstanceProfileArns" yaml:"boundIamInstanceProfileArns"`
// The IAM principal that must be authenticated using the iam auth method.
//
// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/aws_auth_backend_role#bound_iam_principal_arns AwsAuthBackendRole#bound_iam_principal_arns}
BoundIamPrincipalArns *[]*string `field:"optional" json:"boundIamPrincipalArns" yaml:"boundIamPrincipalArns"`
// Only EC2 instances that match this IAM role ARN will be permitted to log in.
//
// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/aws_auth_backend_role#bound_iam_role_arns AwsAuthBackendRole#bound_iam_role_arns}
BoundIamRoleArns *[]*string `field:"optional" json:"boundIamRoleArns" yaml:"boundIamRoleArns"`
// Only EC2 instances in this region will be permitted to log in.
//
// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/aws_auth_backend_role#bound_regions AwsAuthBackendRole#bound_regions}
BoundRegions *[]*string `field:"optional" json:"boundRegions" yaml:"boundRegions"`
// Only EC2 instances associated with this subnet ID will be permitted to log in.
//
// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/aws_auth_backend_role#bound_subnet_ids AwsAuthBackendRole#bound_subnet_ids}
BoundSubnetIds *[]*string `field:"optional" json:"boundSubnetIds" yaml:"boundSubnetIds"`
// Only EC2 instances associated with this VPC ID will be permitted to log in.
//
// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/aws_auth_backend_role#bound_vpc_ids AwsAuthBackendRole#bound_vpc_ids}
BoundVpcIds *[]*string `field:"optional" json:"boundVpcIds" yaml:"boundVpcIds"`
// When true, only allows a single token to be granted per instance ID.
//
// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/aws_auth_backend_role#disallow_reauthentication AwsAuthBackendRole#disallow_reauthentication}
DisallowReauthentication interface{} `field:"optional" json:"disallowReauthentication" yaml:"disallowReauthentication"`
// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/aws_auth_backend_role#id AwsAuthBackendRole#id}.
//
// Please be aware that the id field is automatically added to all resources in Terraform providers using a Terraform provider SDK version below 2.
// If you experience problems setting this value it might not be settable. Please take a look at the provider documentation to ensure it should be settable.
Id *string `field:"optional" json:"id" yaml:"id"`
// The region to search for the inferred entities in.
//
// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/aws_auth_backend_role#inferred_aws_region AwsAuthBackendRole#inferred_aws_region}
InferredAwsRegion *string `field:"optional" json:"inferredAwsRegion" yaml:"inferredAwsRegion"`
// The type of inferencing Vault should do.
//
// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/aws_auth_backend_role#inferred_entity_type AwsAuthBackendRole#inferred_entity_type}
InferredEntityType *string `field:"optional" json:"inferredEntityType" yaml:"inferredEntityType"`
// Target namespace. (requires Enterprise).
//
// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/aws_auth_backend_role#namespace AwsAuthBackendRole#namespace}
Namespace *string `field:"optional" json:"namespace" yaml:"namespace"`
// Whether or not Vault should resolve the bound_iam_principal_arn to an AWS Unique ID.
//
// When true, deleting a principal and recreating it with the same name won't automatically grant the new principal the same roles in Vault that the old principal had.
//
// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/aws_auth_backend_role#resolve_aws_unique_ids AwsAuthBackendRole#resolve_aws_unique_ids}
ResolveAwsUniqueIds interface{} `field:"optional" json:"resolveAwsUniqueIds" yaml:"resolveAwsUniqueIds"`
// The key of the tag on EC2 instance to use for role tags.
//
// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/aws_auth_backend_role#role_tag AwsAuthBackendRole#role_tag}
RoleTag *string `field:"optional" json:"roleTag" yaml:"roleTag"`
// Specifies the blocks of IP addresses which are allowed to use the generated token.
//
// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/aws_auth_backend_role#token_bound_cidrs AwsAuthBackendRole#token_bound_cidrs}
TokenBoundCidrs *[]*string `field:"optional" json:"tokenBoundCidrs" yaml:"tokenBoundCidrs"`
// Generated Token's Explicit Maximum TTL in seconds.
//
// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/aws_auth_backend_role#token_explicit_max_ttl AwsAuthBackendRole#token_explicit_max_ttl}
TokenExplicitMaxTtl *float64 `field:"optional" json:"tokenExplicitMaxTtl" yaml:"tokenExplicitMaxTtl"`
// The maximum lifetime of the generated token.
//
// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/aws_auth_backend_role#token_max_ttl AwsAuthBackendRole#token_max_ttl}
TokenMaxTtl *float64 `field:"optional" json:"tokenMaxTtl" yaml:"tokenMaxTtl"`
// If true, the 'default' policy will not automatically be added to generated tokens.
//
// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/aws_auth_backend_role#token_no_default_policy AwsAuthBackendRole#token_no_default_policy}
TokenNoDefaultPolicy interface{} `field:"optional" json:"tokenNoDefaultPolicy" yaml:"tokenNoDefaultPolicy"`
// The maximum number of times a token may be used, a value of zero means unlimited.
//
// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/aws_auth_backend_role#token_num_uses AwsAuthBackendRole#token_num_uses}
TokenNumUses *float64 `field:"optional" json:"tokenNumUses" yaml:"tokenNumUses"`
// Generated Token's Period.
//
// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/aws_auth_backend_role#token_period AwsAuthBackendRole#token_period}
TokenPeriod *float64 `field:"optional" json:"tokenPeriod" yaml:"tokenPeriod"`
// Generated Token's Policies.
//
// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/aws_auth_backend_role#token_policies AwsAuthBackendRole#token_policies}
TokenPolicies *[]*string `field:"optional" json:"tokenPolicies" yaml:"tokenPolicies"`
// The initial ttl of the token to generate in seconds.
//
// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/aws_auth_backend_role#token_ttl AwsAuthBackendRole#token_ttl}
TokenTtl *float64 `field:"optional" json:"tokenTtl" yaml:"tokenTtl"`
// The type of token to generate, service or batch.
//
// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/aws_auth_backend_role#token_type AwsAuthBackendRole#token_type}
TokenType *string `field:"optional" json:"tokenType" yaml:"tokenType"`
}
Source Files
¶
Directories
Click to show internal directories.
Click to hide internal directories.