README
¶
vault_aws_secret_backend_role
Refer to the Terraform Registry for docs: vault_aws_secret_backend_role.
Documentation
¶
Index ¶
- func AwsSecretBackendRole_GenerateConfigForImport(scope constructs.Construct, importToId *string, importFromId *string, ...) cdktf.ImportableResource
- func AwsSecretBackendRole_IsConstruct(x interface{}) *bool
- func AwsSecretBackendRole_IsTerraformElement(x interface{}) *bool
- func AwsSecretBackendRole_IsTerraformResource(x interface{}) *bool
- func AwsSecretBackendRole_TfResourceType() *string
- func NewAwsSecretBackendRole_Override(a AwsSecretBackendRole, scope constructs.Construct, id *string, ...)
- type AwsSecretBackendRole
- type AwsSecretBackendRoleConfig
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func AwsSecretBackendRole_GenerateConfigForImport ¶
func AwsSecretBackendRole_GenerateConfigForImport(scope constructs.Construct, importToId *string, importFromId *string, provider cdktf.TerraformProvider) cdktf.ImportableResource
Generates CDKTF code for importing a AwsSecretBackendRole resource upon running "cdktf plan <stack-name>".
func AwsSecretBackendRole_IsConstruct ¶
func AwsSecretBackendRole_IsConstruct(x interface{}) *bool
Checks if `x` is a construct.
Use this method instead of `instanceof` to properly detect `Construct` instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the `constructs` library on disk are seen as independent, completely different libraries. As a consequence, the class `Construct` in each copy of the `constructs` library is seen as a different class, and an instance of one class will not test as `instanceof` the other class. `npm install` will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the `constructs` library can be accidentally installed, and `instanceof` will behave unpredictably. It is safest to avoid using `instanceof`, and using this type-testing method instead.
Returns: true if `x` is an object created from a class which extends `Construct`.
func AwsSecretBackendRole_IsTerraformElement ¶
func AwsSecretBackendRole_IsTerraformElement(x interface{}) *bool
Experimental.
func AwsSecretBackendRole_IsTerraformResource ¶
func AwsSecretBackendRole_IsTerraformResource(x interface{}) *bool
Experimental.
func AwsSecretBackendRole_TfResourceType ¶
func AwsSecretBackendRole_TfResourceType() *string
func NewAwsSecretBackendRole_Override ¶
func NewAwsSecretBackendRole_Override(a AwsSecretBackendRole, scope constructs.Construct, id *string, config *AwsSecretBackendRoleConfig)
Create a new {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/aws_secret_backend_role vault_aws_secret_backend_role} Resource.
Types ¶
type AwsSecretBackendRole ¶
type AwsSecretBackendRole interface {
cdktf.TerraformResource
Backend() *string
SetBackend(val *string)
BackendInput() *string
// Experimental.
CdktfStack() cdktf.TerraformStack
// Experimental.
Connection() interface{}
// Experimental.
SetConnection(val interface{})
// Experimental.
ConstructNodeMetadata() *map[string]interface{}
// Experimental.
Count() interface{}
// Experimental.
SetCount(val interface{})
CredentialType() *string
SetCredentialType(val *string)
CredentialTypeInput() *string
DefaultStsTtl() *float64
SetDefaultStsTtl(val *float64)
DefaultStsTtlInput() *float64
// Experimental.
DependsOn() *[]*string
// Experimental.
SetDependsOn(val *[]*string)
ExternalId() *string
SetExternalId(val *string)
ExternalIdInput() *string
// Experimental.
ForEach() cdktf.ITerraformIterator
// Experimental.
SetForEach(val cdktf.ITerraformIterator)
// Experimental.
Fqn() *string
// Experimental.
FriendlyUniqueId() *string
IamGroups() *[]*string
SetIamGroups(val *[]*string)
IamGroupsInput() *[]*string
IamTags() *map[string]*string
SetIamTags(val *map[string]*string)
IamTagsInput() *map[string]*string
Id() *string
SetId(val *string)
IdInput() *string
// Experimental.
Lifecycle() *cdktf.TerraformResourceLifecycle
// Experimental.
SetLifecycle(val *cdktf.TerraformResourceLifecycle)
MaxStsTtl() *float64
SetMaxStsTtl(val *float64)
MaxStsTtlInput() *float64
Name() *string
SetName(val *string)
NameInput() *string
Namespace() *string
SetNamespace(val *string)
NamespaceInput() *string
// The tree node.
Node() constructs.Node
PermissionsBoundaryArn() *string
SetPermissionsBoundaryArn(val *string)
PermissionsBoundaryArnInput() *string
PolicyArns() *[]*string
SetPolicyArns(val *[]*string)
PolicyArnsInput() *[]*string
PolicyDocument() *string
SetPolicyDocument(val *string)
PolicyDocumentInput() *string
// Experimental.
Provider() cdktf.TerraformProvider
// Experimental.
SetProvider(val cdktf.TerraformProvider)
// Experimental.
Provisioners() *[]interface{}
// Experimental.
SetProvisioners(val *[]interface{})
// Experimental.
RawOverrides() interface{}
RoleArns() *[]*string
SetRoleArns(val *[]*string)
RoleArnsInput() *[]*string
SessionTags() *map[string]*string
SetSessionTags(val *map[string]*string)
SessionTagsInput() *map[string]*string
// Experimental.
TerraformGeneratorMetadata() *cdktf.TerraformProviderGeneratorMetadata
// Experimental.
TerraformMetaArguments() *map[string]interface{}
// Experimental.
TerraformResourceType() *string
UserPath() *string
SetUserPath(val *string)
UserPathInput() *string
// Adds a user defined moveTarget string to this resource to be later used in .moveTo(moveTarget) to resolve the location of the move.
// Experimental.
AddMoveTarget(moveTarget *string)
// Experimental.
AddOverride(path *string, value interface{})
// Experimental.
GetAnyMapAttribute(terraformAttribute *string) *map[string]interface{}
// Experimental.
GetBooleanAttribute(terraformAttribute *string) cdktf.IResolvable
// Experimental.
GetBooleanMapAttribute(terraformAttribute *string) *map[string]*bool
// Experimental.
GetListAttribute(terraformAttribute *string) *[]*string
// Experimental.
GetNumberAttribute(terraformAttribute *string) *float64
// Experimental.
GetNumberListAttribute(terraformAttribute *string) *[]*float64
// Experimental.
GetNumberMapAttribute(terraformAttribute *string) *map[string]*float64
// Experimental.
GetStringAttribute(terraformAttribute *string) *string
// Experimental.
GetStringMapAttribute(terraformAttribute *string) *map[string]*string
// Experimental.
HasResourceMove() interface{}
// Experimental.
ImportFrom(id *string, provider cdktf.TerraformProvider)
// Experimental.
InterpolationForAttribute(terraformAttribute *string) cdktf.IResolvable
// Move the resource corresponding to "id" to this resource.
//
// Note that the resource being moved from must be marked as moved using it's instance function.
// Experimental.
MoveFromId(id *string)
// Moves this resource to the target resource given by moveTarget.
// Experimental.
MoveTo(moveTarget *string, index interface{})
// Moves this resource to the resource corresponding to "id".
// Experimental.
MoveToId(id *string)
// Overrides the auto-generated logical ID with a specific ID.
// Experimental.
OverrideLogicalId(newLogicalId *string)
ResetDefaultStsTtl()
ResetExternalId()
ResetIamGroups()
ResetIamTags()
ResetId()
ResetMaxStsTtl()
ResetNamespace()
// Resets a previously passed logical Id to use the auto-generated logical id again.
// Experimental.
ResetOverrideLogicalId()
ResetPermissionsBoundaryArn()
ResetPolicyArns()
ResetPolicyDocument()
ResetRoleArns()
ResetSessionTags()
ResetUserPath()
SynthesizeAttributes() *map[string]interface{}
SynthesizeHclAttributes() *map[string]interface{}
// Experimental.
ToHclTerraform() interface{}
// Experimental.
ToMetadata() interface{}
// Returns a string representation of this construct.
ToString() *string
// Adds this resource to the terraform JSON output.
// Experimental.
ToTerraform() interface{}
}
Represents a {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/aws_secret_backend_role vault_aws_secret_backend_role}.
func NewAwsSecretBackendRole ¶
func NewAwsSecretBackendRole(scope constructs.Construct, id *string, config *AwsSecretBackendRoleConfig) AwsSecretBackendRole
Create a new {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/aws_secret_backend_role vault_aws_secret_backend_role} Resource.
type AwsSecretBackendRoleConfig ¶
type AwsSecretBackendRoleConfig struct {
// Experimental.
Connection interface{} `field:"optional" json:"connection" yaml:"connection"`
// Experimental.
Count interface{} `field:"optional" json:"count" yaml:"count"`
// Experimental.
DependsOn *[]cdktf.ITerraformDependable `field:"optional" json:"dependsOn" yaml:"dependsOn"`
// Experimental.
ForEach cdktf.ITerraformIterator `field:"optional" json:"forEach" yaml:"forEach"`
// Experimental.
Lifecycle *cdktf.TerraformResourceLifecycle `field:"optional" json:"lifecycle" yaml:"lifecycle"`
// Experimental.
Provider cdktf.TerraformProvider `field:"optional" json:"provider" yaml:"provider"`
// Experimental.
Provisioners *[]interface{} `field:"optional" json:"provisioners" yaml:"provisioners"`
// The path of the AWS Secret Backend the role belongs to.
//
// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/aws_secret_backend_role#backend AwsSecretBackendRole#backend}
Backend *string `field:"required" json:"backend" yaml:"backend"`
// Role credential type.
//
// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/aws_secret_backend_role#credential_type AwsSecretBackendRole#credential_type}
CredentialType *string `field:"required" json:"credentialType" yaml:"credentialType"`
// Unique name for the role.
//
// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/aws_secret_backend_role#name AwsSecretBackendRole#name}
Name *string `field:"required" json:"name" yaml:"name"`
// The default TTL in seconds for STS credentials.
//
// When a TTL is not specified when STS credentials are requested, and a default TTL is specified on the role, then this default TTL will be used. Valid only when credential_type is one of assumed_role or federation_token.
//
// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/aws_secret_backend_role#default_sts_ttl AwsSecretBackendRole#default_sts_ttl}
DefaultStsTtl *float64 `field:"optional" json:"defaultStsTtl" yaml:"defaultStsTtl"`
// External ID to set for assume role creds.
//
// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/aws_secret_backend_role#external_id AwsSecretBackendRole#external_id}
ExternalId *string `field:"optional" json:"externalId" yaml:"externalId"`
// A list of IAM group names.
//
// IAM users generated against this vault role will be added to these IAM Groups. For a credential type of assumed_role or federation_token, the policies sent to the corresponding AWS call (sts:AssumeRole or sts:GetFederation) will be the policies from each group in iam_groups combined with the policy_document and policy_arns parameters.
//
// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/aws_secret_backend_role#iam_groups AwsSecretBackendRole#iam_groups}
IamGroups *[]*string `field:"optional" json:"iamGroups" yaml:"iamGroups"`
// A map of strings representing key/value pairs used as tags for any IAM user created by this role.
//
// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/aws_secret_backend_role#iam_tags AwsSecretBackendRole#iam_tags}
IamTags *map[string]*string `field:"optional" json:"iamTags" yaml:"iamTags"`
// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/aws_secret_backend_role#id AwsSecretBackendRole#id}.
//
// Please be aware that the id field is automatically added to all resources in Terraform providers using a Terraform provider SDK version below 2.
// If you experience problems setting this value it might not be settable. Please take a look at the provider documentation to ensure it should be settable.
Id *string `field:"optional" json:"id" yaml:"id"`
// The max allowed TTL in seconds for STS credentials (credentials TTL are capped to max_sts_ttl).
//
// Valid only when credential_type is one of assumed_role or federation_token.
//
// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/aws_secret_backend_role#max_sts_ttl AwsSecretBackendRole#max_sts_ttl}
MaxStsTtl *float64 `field:"optional" json:"maxStsTtl" yaml:"maxStsTtl"`
// Target namespace. (requires Enterprise).
//
// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/aws_secret_backend_role#namespace AwsSecretBackendRole#namespace}
Namespace *string `field:"optional" json:"namespace" yaml:"namespace"`
// The ARN of the AWS Permissions Boundary to attach to IAM users created in the role.
//
// Valid only when credential_type is iam_user. If not specified, then no permissions boundary policy will be attached.
//
// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/aws_secret_backend_role#permissions_boundary_arn AwsSecretBackendRole#permissions_boundary_arn}
PermissionsBoundaryArn *string `field:"optional" json:"permissionsBoundaryArn" yaml:"permissionsBoundaryArn"`
// ARN for an existing IAM policy the role should use.
//
// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/aws_secret_backend_role#policy_arns AwsSecretBackendRole#policy_arns}
PolicyArns *[]*string `field:"optional" json:"policyArns" yaml:"policyArns"`
// IAM policy the role should use in JSON format.
//
// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/aws_secret_backend_role#policy_document AwsSecretBackendRole#policy_document}
PolicyDocument *string `field:"optional" json:"policyDocument" yaml:"policyDocument"`
// ARNs of AWS roles allowed to be assumed. Only valid when credential_type is 'assumed_role'.
//
// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/aws_secret_backend_role#role_arns AwsSecretBackendRole#role_arns}
RoleArns *[]*string `field:"optional" json:"roleArns" yaml:"roleArns"`
// Session tags to be set for assume role creds created.
//
// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/aws_secret_backend_role#session_tags AwsSecretBackendRole#session_tags}
SessionTags *map[string]*string `field:"optional" json:"sessionTags" yaml:"sessionTags"`
// The path for the user name. Valid only when credential_type is iam_user. Default is /.
//
// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/aws_secret_backend_role#user_path AwsSecretBackendRole#user_path}
UserPath *string `field:"optional" json:"userPath" yaml:"userPath"`
}
Source Files
¶
Directories
Click to show internal directories.
Click to hide internal directories.