awsauthbackendrole

package
v13.6.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 16, 2025 License: MPL-2.0 Imports: 7 Imported by: 0

README

vault_aws_auth_backend_role

Refer to the Terraform Registry for docs: vault_aws_auth_backend_role.

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func AwsAuthBackendRole_GenerateConfigForImport

func AwsAuthBackendRole_GenerateConfigForImport(scope constructs.Construct, importToId *string, importFromId *string, provider cdktf.TerraformProvider) cdktf.ImportableResource

Generates CDKTF code for importing a AwsAuthBackendRole resource upon running "cdktf plan <stack-name>".

func AwsAuthBackendRole_IsConstruct

func AwsAuthBackendRole_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Use this method instead of `instanceof` to properly detect `Construct` instances, even when the construct library is symlinked.

Explanation: in JavaScript, multiple copies of the `constructs` library on disk are seen as independent, completely different libraries. As a consequence, the class `Construct` in each copy of the `constructs` library is seen as a different class, and an instance of one class will not test as `instanceof` the other class. `npm install` will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the `constructs` library can be accidentally installed, and `instanceof` will behave unpredictably. It is safest to avoid using `instanceof`, and using this type-testing method instead.

Returns: true if `x` is an object created from a class which extends `Construct`.

func AwsAuthBackendRole_IsTerraformElement

func AwsAuthBackendRole_IsTerraformElement(x interface{}) *bool

Experimental.

func AwsAuthBackendRole_IsTerraformResource

func AwsAuthBackendRole_IsTerraformResource(x interface{}) *bool

Experimental.

func AwsAuthBackendRole_TfResourceType

func AwsAuthBackendRole_TfResourceType() *string

func NewAwsAuthBackendRole_Override

func NewAwsAuthBackendRole_Override(a AwsAuthBackendRole, scope constructs.Construct, id *string, config *AwsAuthBackendRoleConfig)

Create a new {@link https://registry.terraform.io/providers/hashicorp/vault/4.6.0/docs/resources/aws_auth_backend_role vault_aws_auth_backend_role} Resource.

Types

type AwsAuthBackendRole

type AwsAuthBackendRole interface {
	cdktf.TerraformResource
	AllowInstanceMigration() interface{}
	SetAllowInstanceMigration(val interface{})
	AllowInstanceMigrationInput() interface{}
	AuthType() *string
	SetAuthType(val *string)
	AuthTypeInput() *string
	Backend() *string
	SetBackend(val *string)
	BackendInput() *string
	BoundAccountIds() *[]*string
	SetBoundAccountIds(val *[]*string)
	BoundAccountIdsInput() *[]*string
	BoundAmiIds() *[]*string
	SetBoundAmiIds(val *[]*string)
	BoundAmiIdsInput() *[]*string
	BoundEc2InstanceIds() *[]*string
	SetBoundEc2InstanceIds(val *[]*string)
	BoundEc2InstanceIdsInput() *[]*string
	BoundIamInstanceProfileArns() *[]*string
	SetBoundIamInstanceProfileArns(val *[]*string)
	BoundIamInstanceProfileArnsInput() *[]*string
	BoundIamPrincipalArns() *[]*string
	SetBoundIamPrincipalArns(val *[]*string)
	BoundIamPrincipalArnsInput() *[]*string
	BoundIamRoleArns() *[]*string
	SetBoundIamRoleArns(val *[]*string)
	BoundIamRoleArnsInput() *[]*string
	BoundRegions() *[]*string
	SetBoundRegions(val *[]*string)
	BoundRegionsInput() *[]*string
	BoundSubnetIds() *[]*string
	SetBoundSubnetIds(val *[]*string)
	BoundSubnetIdsInput() *[]*string
	BoundVpcIds() *[]*string
	SetBoundVpcIds(val *[]*string)
	BoundVpcIdsInput() *[]*string
	// Experimental.
	CdktfStack() cdktf.TerraformStack
	// Experimental.
	Connection() interface{}
	// Experimental.
	SetConnection(val interface{})
	// Experimental.
	ConstructNodeMetadata() *map[string]interface{}
	// Experimental.
	Count() interface{}
	// Experimental.
	SetCount(val interface{})
	// Experimental.
	DependsOn() *[]*string
	// Experimental.
	SetDependsOn(val *[]*string)
	DisallowReauthentication() interface{}
	SetDisallowReauthentication(val interface{})
	DisallowReauthenticationInput() interface{}
	// Experimental.
	ForEach() cdktf.ITerraformIterator
	// Experimental.
	SetForEach(val cdktf.ITerraformIterator)
	// Experimental.
	Fqn() *string
	// Experimental.
	FriendlyUniqueId() *string
	Id() *string
	SetId(val *string)
	IdInput() *string
	InferredAwsRegion() *string
	SetInferredAwsRegion(val *string)
	InferredAwsRegionInput() *string
	InferredEntityType() *string
	SetInferredEntityType(val *string)
	InferredEntityTypeInput() *string
	// Experimental.
	Lifecycle() *cdktf.TerraformResourceLifecycle
	// Experimental.
	SetLifecycle(val *cdktf.TerraformResourceLifecycle)
	Namespace() *string
	SetNamespace(val *string)
	NamespaceInput() *string
	// The tree node.
	Node() constructs.Node
	// Experimental.
	Provider() cdktf.TerraformProvider
	// Experimental.
	SetProvider(val cdktf.TerraformProvider)
	// Experimental.
	Provisioners() *[]interface{}
	// Experimental.
	SetProvisioners(val *[]interface{})
	// Experimental.
	RawOverrides() interface{}
	ResolveAwsUniqueIds() interface{}
	SetResolveAwsUniqueIds(val interface{})
	ResolveAwsUniqueIdsInput() interface{}
	Role() *string
	SetRole(val *string)
	RoleId() *string
	RoleInput() *string
	RoleTag() *string
	SetRoleTag(val *string)
	RoleTagInput() *string
	// Experimental.
	TerraformGeneratorMetadata() *cdktf.TerraformProviderGeneratorMetadata
	// Experimental.
	TerraformMetaArguments() *map[string]interface{}
	// Experimental.
	TerraformResourceType() *string
	TokenBoundCidrs() *[]*string
	SetTokenBoundCidrs(val *[]*string)
	TokenBoundCidrsInput() *[]*string
	TokenExplicitMaxTtl() *float64
	SetTokenExplicitMaxTtl(val *float64)
	TokenExplicitMaxTtlInput() *float64
	TokenMaxTtl() *float64
	SetTokenMaxTtl(val *float64)
	TokenMaxTtlInput() *float64
	TokenNoDefaultPolicy() interface{}
	SetTokenNoDefaultPolicy(val interface{})
	TokenNoDefaultPolicyInput() interface{}
	TokenNumUses() *float64
	SetTokenNumUses(val *float64)
	TokenNumUsesInput() *float64
	TokenPeriod() *float64
	SetTokenPeriod(val *float64)
	TokenPeriodInput() *float64
	TokenPolicies() *[]*string
	SetTokenPolicies(val *[]*string)
	TokenPoliciesInput() *[]*string
	TokenTtl() *float64
	SetTokenTtl(val *float64)
	TokenTtlInput() *float64
	TokenType() *string
	SetTokenType(val *string)
	TokenTypeInput() *string
	// Adds a user defined moveTarget string to this resource to be later used in .moveTo(moveTarget) to resolve the location of the move.
	// Experimental.
	AddMoveTarget(moveTarget *string)
	// Experimental.
	AddOverride(path *string, value interface{})
	// Experimental.
	GetAnyMapAttribute(terraformAttribute *string) *map[string]interface{}
	// Experimental.
	GetBooleanAttribute(terraformAttribute *string) cdktf.IResolvable
	// Experimental.
	GetBooleanMapAttribute(terraformAttribute *string) *map[string]*bool
	// Experimental.
	GetListAttribute(terraformAttribute *string) *[]*string
	// Experimental.
	GetNumberAttribute(terraformAttribute *string) *float64
	// Experimental.
	GetNumberListAttribute(terraformAttribute *string) *[]*float64
	// Experimental.
	GetNumberMapAttribute(terraformAttribute *string) *map[string]*float64
	// Experimental.
	GetStringAttribute(terraformAttribute *string) *string
	// Experimental.
	GetStringMapAttribute(terraformAttribute *string) *map[string]*string
	// Experimental.
	HasResourceMove() interface{}
	// Experimental.
	ImportFrom(id *string, provider cdktf.TerraformProvider)
	// Experimental.
	InterpolationForAttribute(terraformAttribute *string) cdktf.IResolvable
	// Move the resource corresponding to "id" to this resource.
	//
	// Note that the resource being moved from must be marked as moved using it's instance function.
	// Experimental.
	MoveFromId(id *string)
	// Moves this resource to the target resource given by moveTarget.
	// Experimental.
	MoveTo(moveTarget *string, index interface{})
	// Moves this resource to the resource corresponding to "id".
	// Experimental.
	MoveToId(id *string)
	// Overrides the auto-generated logical ID with a specific ID.
	// Experimental.
	OverrideLogicalId(newLogicalId *string)
	ResetAllowInstanceMigration()
	ResetAuthType()
	ResetBackend()
	ResetBoundAccountIds()
	ResetBoundAmiIds()
	ResetBoundEc2InstanceIds()
	ResetBoundIamInstanceProfileArns()
	ResetBoundIamPrincipalArns()
	ResetBoundIamRoleArns()
	ResetBoundRegions()
	ResetBoundSubnetIds()
	ResetBoundVpcIds()
	ResetDisallowReauthentication()
	ResetId()
	ResetInferredAwsRegion()
	ResetInferredEntityType()
	ResetNamespace()
	// Resets a previously passed logical Id to use the auto-generated logical id again.
	// Experimental.
	ResetOverrideLogicalId()
	ResetResolveAwsUniqueIds()
	ResetRoleTag()
	ResetTokenBoundCidrs()
	ResetTokenExplicitMaxTtl()
	ResetTokenMaxTtl()
	ResetTokenNoDefaultPolicy()
	ResetTokenNumUses()
	ResetTokenPeriod()
	ResetTokenPolicies()
	ResetTokenTtl()
	ResetTokenType()
	SynthesizeAttributes() *map[string]interface{}
	SynthesizeHclAttributes() *map[string]interface{}
	// Experimental.
	ToHclTerraform() interface{}
	// Experimental.
	ToMetadata() interface{}
	// Returns a string representation of this construct.
	ToString() *string
	// Adds this resource to the terraform JSON output.
	// Experimental.
	ToTerraform() interface{}
}

Represents a {@link https://registry.terraform.io/providers/hashicorp/vault/4.6.0/docs/resources/aws_auth_backend_role vault_aws_auth_backend_role}.

func NewAwsAuthBackendRole

func NewAwsAuthBackendRole(scope constructs.Construct, id *string, config *AwsAuthBackendRoleConfig) AwsAuthBackendRole

Create a new {@link https://registry.terraform.io/providers/hashicorp/vault/4.6.0/docs/resources/aws_auth_backend_role vault_aws_auth_backend_role} Resource.

type AwsAuthBackendRoleConfig

type AwsAuthBackendRoleConfig struct {
	// Experimental.
	Connection interface{} `field:"optional" json:"connection" yaml:"connection"`
	// Experimental.
	Count interface{} `field:"optional" json:"count" yaml:"count"`
	// Experimental.
	DependsOn *[]cdktf.ITerraformDependable `field:"optional" json:"dependsOn" yaml:"dependsOn"`
	// Experimental.
	ForEach cdktf.ITerraformIterator `field:"optional" json:"forEach" yaml:"forEach"`
	// Experimental.
	Lifecycle *cdktf.TerraformResourceLifecycle `field:"optional" json:"lifecycle" yaml:"lifecycle"`
	// Experimental.
	Provider cdktf.TerraformProvider `field:"optional" json:"provider" yaml:"provider"`
	// Experimental.
	Provisioners *[]interface{} `field:"optional" json:"provisioners" yaml:"provisioners"`
	// Name of the role.
	//
	// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.6.0/docs/resources/aws_auth_backend_role#role AwsAuthBackendRole#role}
	Role *string `field:"required" json:"role" yaml:"role"`
	// When true, allows migration of the underlying instance where the client resides. Use with caution.
	//
	// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.6.0/docs/resources/aws_auth_backend_role#allow_instance_migration AwsAuthBackendRole#allow_instance_migration}
	AllowInstanceMigration interface{} `field:"optional" json:"allowInstanceMigration" yaml:"allowInstanceMigration"`
	// The auth type permitted for this role.
	//
	// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.6.0/docs/resources/aws_auth_backend_role#auth_type AwsAuthBackendRole#auth_type}
	AuthType *string `field:"optional" json:"authType" yaml:"authType"`
	// Unique name of the auth backend to configure.
	//
	// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.6.0/docs/resources/aws_auth_backend_role#backend AwsAuthBackendRole#backend}
	Backend *string `field:"optional" json:"backend" yaml:"backend"`
	// Only EC2 instances with this account ID in their identity document will be permitted to log in.
	//
	// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.6.0/docs/resources/aws_auth_backend_role#bound_account_ids AwsAuthBackendRole#bound_account_ids}
	BoundAccountIds *[]*string `field:"optional" json:"boundAccountIds" yaml:"boundAccountIds"`
	// Only EC2 instances using this AMI ID will be permitted to log in.
	//
	// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.6.0/docs/resources/aws_auth_backend_role#bound_ami_ids AwsAuthBackendRole#bound_ami_ids}
	BoundAmiIds *[]*string `field:"optional" json:"boundAmiIds" yaml:"boundAmiIds"`
	// Only EC2 instances that match this instance ID will be permitted to log in.
	//
	// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.6.0/docs/resources/aws_auth_backend_role#bound_ec2_instance_ids AwsAuthBackendRole#bound_ec2_instance_ids}
	BoundEc2InstanceIds *[]*string `field:"optional" json:"boundEc2InstanceIds" yaml:"boundEc2InstanceIds"`
	// Only EC2 instances associated with an IAM instance profile ARN that matches this value will be permitted to log in.
	//
	// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.6.0/docs/resources/aws_auth_backend_role#bound_iam_instance_profile_arns AwsAuthBackendRole#bound_iam_instance_profile_arns}
	BoundIamInstanceProfileArns *[]*string `field:"optional" json:"boundIamInstanceProfileArns" yaml:"boundIamInstanceProfileArns"`
	// The IAM principal that must be authenticated using the iam auth method.
	//
	// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.6.0/docs/resources/aws_auth_backend_role#bound_iam_principal_arns AwsAuthBackendRole#bound_iam_principal_arns}
	BoundIamPrincipalArns *[]*string `field:"optional" json:"boundIamPrincipalArns" yaml:"boundIamPrincipalArns"`
	// Only EC2 instances that match this IAM role ARN will be permitted to log in.
	//
	// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.6.0/docs/resources/aws_auth_backend_role#bound_iam_role_arns AwsAuthBackendRole#bound_iam_role_arns}
	BoundIamRoleArns *[]*string `field:"optional" json:"boundIamRoleArns" yaml:"boundIamRoleArns"`
	// Only EC2 instances in this region will be permitted to log in.
	//
	// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.6.0/docs/resources/aws_auth_backend_role#bound_regions AwsAuthBackendRole#bound_regions}
	BoundRegions *[]*string `field:"optional" json:"boundRegions" yaml:"boundRegions"`
	// Only EC2 instances associated with this subnet ID will be permitted to log in.
	//
	// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.6.0/docs/resources/aws_auth_backend_role#bound_subnet_ids AwsAuthBackendRole#bound_subnet_ids}
	BoundSubnetIds *[]*string `field:"optional" json:"boundSubnetIds" yaml:"boundSubnetIds"`
	// Only EC2 instances associated with this VPC ID will be permitted to log in.
	//
	// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.6.0/docs/resources/aws_auth_backend_role#bound_vpc_ids AwsAuthBackendRole#bound_vpc_ids}
	BoundVpcIds *[]*string `field:"optional" json:"boundVpcIds" yaml:"boundVpcIds"`
	// When true, only allows a single token to be granted per instance ID.
	//
	// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.6.0/docs/resources/aws_auth_backend_role#disallow_reauthentication AwsAuthBackendRole#disallow_reauthentication}
	DisallowReauthentication interface{} `field:"optional" json:"disallowReauthentication" yaml:"disallowReauthentication"`
	// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.6.0/docs/resources/aws_auth_backend_role#id AwsAuthBackendRole#id}.
	//
	// Please be aware that the id field is automatically added to all resources in Terraform providers using a Terraform provider SDK version below 2.
	// If you experience problems setting this value it might not be settable. Please take a look at the provider documentation to ensure it should be settable.
	Id *string `field:"optional" json:"id" yaml:"id"`
	// The region to search for the inferred entities in.
	//
	// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.6.0/docs/resources/aws_auth_backend_role#inferred_aws_region AwsAuthBackendRole#inferred_aws_region}
	InferredAwsRegion *string `field:"optional" json:"inferredAwsRegion" yaml:"inferredAwsRegion"`
	// The type of inferencing Vault should do.
	//
	// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.6.0/docs/resources/aws_auth_backend_role#inferred_entity_type AwsAuthBackendRole#inferred_entity_type}
	InferredEntityType *string `field:"optional" json:"inferredEntityType" yaml:"inferredEntityType"`
	// Target namespace. (requires Enterprise).
	//
	// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.6.0/docs/resources/aws_auth_backend_role#namespace AwsAuthBackendRole#namespace}
	Namespace *string `field:"optional" json:"namespace" yaml:"namespace"`
	// Whether or not Vault should resolve the bound_iam_principal_arn to an AWS Unique ID.
	//
	// When true, deleting a principal and recreating it with the same name won't automatically grant the new principal the same roles in Vault that the old principal had.
	//
	// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.6.0/docs/resources/aws_auth_backend_role#resolve_aws_unique_ids AwsAuthBackendRole#resolve_aws_unique_ids}
	ResolveAwsUniqueIds interface{} `field:"optional" json:"resolveAwsUniqueIds" yaml:"resolveAwsUniqueIds"`
	// The key of the tag on EC2 instance to use for role tags.
	//
	// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.6.0/docs/resources/aws_auth_backend_role#role_tag AwsAuthBackendRole#role_tag}
	RoleTag *string `field:"optional" json:"roleTag" yaml:"roleTag"`
	// Specifies the blocks of IP addresses which are allowed to use the generated token.
	//
	// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.6.0/docs/resources/aws_auth_backend_role#token_bound_cidrs AwsAuthBackendRole#token_bound_cidrs}
	TokenBoundCidrs *[]*string `field:"optional" json:"tokenBoundCidrs" yaml:"tokenBoundCidrs"`
	// Generated Token's Explicit Maximum TTL in seconds.
	//
	// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.6.0/docs/resources/aws_auth_backend_role#token_explicit_max_ttl AwsAuthBackendRole#token_explicit_max_ttl}
	TokenExplicitMaxTtl *float64 `field:"optional" json:"tokenExplicitMaxTtl" yaml:"tokenExplicitMaxTtl"`
	// The maximum lifetime of the generated token.
	//
	// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.6.0/docs/resources/aws_auth_backend_role#token_max_ttl AwsAuthBackendRole#token_max_ttl}
	TokenMaxTtl *float64 `field:"optional" json:"tokenMaxTtl" yaml:"tokenMaxTtl"`
	// If true, the 'default' policy will not automatically be added to generated tokens.
	//
	// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.6.0/docs/resources/aws_auth_backend_role#token_no_default_policy AwsAuthBackendRole#token_no_default_policy}
	TokenNoDefaultPolicy interface{} `field:"optional" json:"tokenNoDefaultPolicy" yaml:"tokenNoDefaultPolicy"`
	// The maximum number of times a token may be used, a value of zero means unlimited.
	//
	// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.6.0/docs/resources/aws_auth_backend_role#token_num_uses AwsAuthBackendRole#token_num_uses}
	TokenNumUses *float64 `field:"optional" json:"tokenNumUses" yaml:"tokenNumUses"`
	// Generated Token's Period.
	//
	// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.6.0/docs/resources/aws_auth_backend_role#token_period AwsAuthBackendRole#token_period}
	TokenPeriod *float64 `field:"optional" json:"tokenPeriod" yaml:"tokenPeriod"`
	// Generated Token's Policies.
	//
	// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.6.0/docs/resources/aws_auth_backend_role#token_policies AwsAuthBackendRole#token_policies}
	TokenPolicies *[]*string `field:"optional" json:"tokenPolicies" yaml:"tokenPolicies"`
	// The initial ttl of the token to generate in seconds.
	//
	// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.6.0/docs/resources/aws_auth_backend_role#token_ttl AwsAuthBackendRole#token_ttl}
	TokenTtl *float64 `field:"optional" json:"tokenTtl" yaml:"tokenTtl"`
	// The type of token to generate, service or batch.
	//
	// Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.6.0/docs/resources/aws_auth_backend_role#token_type AwsAuthBackendRole#token_type}
	TokenType *string `field:"optional" json:"tokenType" yaml:"tokenType"`
}

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL