Get started with Pulumi in a free one hour introductory workshop. Register Now

Token

Provides a Linode Token resource. This can be used to create, modify, and delete Linode API Personal Access Tokens. Personal Access Tokens proxy user credentials for Linode API access. This is necessary for tools, to interact with Linode services on a user’s behalf.

It is common for the provider itself to be configured with broadly scoped Personal Access Tokens. Provisioning scripts or tools configured within a Linode Instance should follow the principle of least privilege to afford only the required roles for tools to perform their necessary tasks. The linode.Token resource allows for the management of Personal Access Tokens with scopes mirroring or narrowing the scope of the parent token.

For more information, see the Linode APIv4 docs.

Attributes

This resource exports the following attributes:

  • token - The token used to access the API.

  • created - The date this Token was created.

Example Usage

using Pulumi;
using Linode = Pulumi.Linode;

class MyStack : Stack
{
    public MyStack()
    {
        var fooToken = new Linode.Token("fooToken", new Linode.TokenArgs
        {
            Expiry = "2100-01-02T03:04:05Z",
            Label = "token",
            Scopes = "linodes:read_only",
        });
        var fooInstance = new Linode.Instance("fooInstance", new Linode.InstanceArgs
        {
        });
    }

}
package main

import (
    "github.com/pulumi/pulumi-linode/sdk/v2/go/linode"
    "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)

func main() {
    pulumi.Run(func(ctx *pulumi.Context) error {
        _, err := linode.NewToken(ctx, "fooToken", &linode.TokenArgs{
            Expiry: pulumi.String("2100-01-02T03:04:05Z"),
            Label:  pulumi.String("token"),
            Scopes: pulumi.String("linodes:read_only"),
        })
        if err != nil {
            return err
        }
        _, err = linode.NewInstance(ctx, "fooInstance", nil)
        if err != nil {
            return err
        }
        return nil
    })
}
import pulumi
import pulumi_linode as linode

foo_token = linode.Token("fooToken",
    expiry="2100-01-02T03:04:05Z",
    label="token",
    scopes="linodes:read_only")
foo_instance = linode.Instance("fooInstance")
import * as pulumi from "@pulumi/pulumi";
import * as linode from "@pulumi/linode";

const fooToken = new linode.Token("foo", {
    expiry: "2100-01-02T03:04:05Z",
    label: "token",
    scopes: "linodes:read_only",
});
const fooInstance = new linode.Instance("foo", {});

Create a Token Resource

new Token(name: string, args: TokenArgs, opts?: CustomResourceOptions);
def Token(resource_name: str, opts: Optional[ResourceOptions] = None, expiry: Optional[str] = None, label: Optional[str] = None, scopes: Optional[str] = None)
func NewToken(ctx *Context, name string, args TokenArgs, opts ...ResourceOption) (*Token, error)
public Token(string name, TokenArgs args, CustomResourceOptions? opts = null)
name string
The unique name of the resource.
args TokenArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
opts ResourceOptions
A bag of options that control this resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args TokenArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args TokenArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.

Token Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Programming Model docs.

Inputs

The Token resource accepts the following input properties:

Scopes string

The scopes this token was created with. These define what parts of the Account the token can be used to access. Many command-line tools, such as the Linode CLI, require tokens with access to *. Tokens with more restrictive scopes are generally more secure.

Expiry string

When this token will expire. Personal Access Tokens cannot be renewed, so after this time the token will be completely unusable and a new token will need to be generated. Tokens may be created with ‘null’ as their expiry and will never expire unless revoked.

Label string

A label for the Token.

Scopes string

The scopes this token was created with. These define what parts of the Account the token can be used to access. Many command-line tools, such as the Linode CLI, require tokens with access to *. Tokens with more restrictive scopes are generally more secure.

Expiry string

When this token will expire. Personal Access Tokens cannot be renewed, so after this time the token will be completely unusable and a new token will need to be generated. Tokens may be created with ‘null’ as their expiry and will never expire unless revoked.

Label string

A label for the Token.

scopes string

The scopes this token was created with. These define what parts of the Account the token can be used to access. Many command-line tools, such as the Linode CLI, require tokens with access to *. Tokens with more restrictive scopes are generally more secure.

expiry string

When this token will expire. Personal Access Tokens cannot be renewed, so after this time the token will be completely unusable and a new token will need to be generated. Tokens may be created with ‘null’ as their expiry and will never expire unless revoked.

label string

A label for the Token.

scopes str

The scopes this token was created with. These define what parts of the Account the token can be used to access. Many command-line tools, such as the Linode CLI, require tokens with access to *. Tokens with more restrictive scopes are generally more secure.

expiry str

When this token will expire. Personal Access Tokens cannot be renewed, so after this time the token will be completely unusable and a new token will need to be generated. Tokens may be created with ‘null’ as their expiry and will never expire unless revoked.

label str

A label for the Token.

Outputs

All input properties are implicitly available as output properties. Additionally, the Token resource produces the following output properties:

Created string

The date and time this token was created.

Id string
The provider-assigned unique ID for this managed resource.
TokenName string

The token used to access the API.

Created string

The date and time this token was created.

Id string
The provider-assigned unique ID for this managed resource.
Token string

The token used to access the API.

created string

The date and time this token was created.

id string
The provider-assigned unique ID for this managed resource.
token string

The token used to access the API.

created str

The date and time this token was created.

id str
The provider-assigned unique ID for this managed resource.
token str

The token used to access the API.

Look up an Existing Token Resource

Get an existing Token resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: TokenState, opts?: CustomResourceOptions): Token
@staticmethod
def get(resource_name: str, id: str, opts: Optional[ResourceOptions] = None, created: Optional[str] = None, expiry: Optional[str] = None, label: Optional[str] = None, scopes: Optional[str] = None, token: Optional[str] = None) -> Token
func GetToken(ctx *Context, name string, id IDInput, state *TokenState, opts ...ResourceOption) (*Token, error)
public static Token Get(string name, Input<string> id, TokenState? state, CustomResourceOptions? opts = null)
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.

The following state arguments are supported:

Created string

The date and time this token was created.

Expiry string

When this token will expire. Personal Access Tokens cannot be renewed, so after this time the token will be completely unusable and a new token will need to be generated. Tokens may be created with ‘null’ as their expiry and will never expire unless revoked.

Label string

A label for the Token.

Scopes string

The scopes this token was created with. These define what parts of the Account the token can be used to access. Many command-line tools, such as the Linode CLI, require tokens with access to *. Tokens with more restrictive scopes are generally more secure.

TokenName string

The token used to access the API.

Created string

The date and time this token was created.

Expiry string

When this token will expire. Personal Access Tokens cannot be renewed, so after this time the token will be completely unusable and a new token will need to be generated. Tokens may be created with ‘null’ as their expiry and will never expire unless revoked.

Label string

A label for the Token.

Scopes string

The scopes this token was created with. These define what parts of the Account the token can be used to access. Many command-line tools, such as the Linode CLI, require tokens with access to *. Tokens with more restrictive scopes are generally more secure.

Token string

The token used to access the API.

created string

The date and time this token was created.

expiry string

When this token will expire. Personal Access Tokens cannot be renewed, so after this time the token will be completely unusable and a new token will need to be generated. Tokens may be created with ‘null’ as their expiry and will never expire unless revoked.

label string

A label for the Token.

scopes string

The scopes this token was created with. These define what parts of the Account the token can be used to access. Many command-line tools, such as the Linode CLI, require tokens with access to *. Tokens with more restrictive scopes are generally more secure.

token string

The token used to access the API.

created str

The date and time this token was created.

expiry str

When this token will expire. Personal Access Tokens cannot be renewed, so after this time the token will be completely unusable and a new token will need to be generated. Tokens may be created with ‘null’ as their expiry and will never expire unless revoked.

label str

A label for the Token.

scopes str

The scopes this token was created with. These define what parts of the Account the token can be used to access. Many command-line tools, such as the Linode CLI, require tokens with access to *. Tokens with more restrictive scopes are generally more secure.

token str

The token used to access the API.

Import

Linodes Tokens can be imported using the Linode Token id, e.g.

The secret token will not be imported.

 $ pulumi import linode:index/token:Token mytoken 1234567

Package Details

Repository
https://github.com/pulumi/pulumi-linode
License
Apache-2.0
Notes
This Pulumi package is based on the linode Terraform Provider.