Token

Provides a Linode Token resource. This can be used to create, modify, and delete Linode API Personal Access Tokens. Personal Access Tokens proxy user credentials for Linode API access. This is necessary for tools, to interact with Linode services on a user’s behalf.

It is common for the provider itself to be configured with broadly scoped Personal Access Tokens. Provisioning scripts or tools configured within a Linode Instance should follow the principle of least privilege to afford only the required roles for tools to perform their necessary tasks. The linode.Token resource allows for the management of Personal Access Tokens with scopes mirroring or narrowing the scope of the parent token.

For more information, see the Linode APIv4 docs.

Attributes

This resource exports the following attributes:

token - The token used to access the API.
created - The date this Token was created.

Example Usage

using Pulumi;
using Linode = Pulumi.Linode;

class MyStack : Stack
{
    public MyStack()
    {
        var fooToken = new Linode.Token("fooToken", new Linode.TokenArgs
        {
            Expiry = "2100-01-02T03:04:05Z",
            Label = "token",
            Scopes = "linodes:read_only",
        });
        var fooInstance = new Linode.Instance("fooInstance", new Linode.InstanceArgs
        {
        });
    }

}

package main

import (
    "github.com/pulumi/pulumi-linode/sdk/v2/go/linode"
    "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)

func main() {
    pulumi.Run(func(ctx *pulumi.Context) error {
        _, err := linode.NewToken(ctx, "fooToken", &linode.TokenArgs{
            Expiry: pulumi.String("2100-01-02T03:04:05Z"),
            Label:  pulumi.String("token"),
            Scopes: pulumi.String("linodes:read_only"),
        })
        if err != nil {
            return err
        }
        _, err = linode.NewInstance(ctx, "fooInstance", nil)
        if err != nil {
            return err
        }
        return nil
    })
}

import pulumi
import pulumi_linode as linode

foo_token = linode.Token("fooToken",
    expiry="2100-01-02T03:04:05Z",
    label="token",
    scopes="linodes:read_only")
foo_instance = linode.Instance("fooInstance")

import * as pulumi from "@pulumi/pulumi";
import * as linode from "@pulumi/linode";

const fooToken = new linode.Token("foo", {
    expiry: "2100-01-02T03:04:05Z",
    label: "token",
    scopes: "linodes:read_only",
});
const fooInstance = new linode.Instance("foo", {});

Create a Token Resource

new Token(name: string, args: TokenArgs, opts?: CustomResourceOptions);

def Token(resource_name: str, opts: Optional[ResourceOptions] = None, expiry: Optional[str] = None, label: Optional[str] = None, scopes: Optional[str] = None)

func NewToken(ctx *Context, name string, args TokenArgs, opts ...ResourceOption) (*Token, error)

public Token(string name, TokenArgs args, CustomResourceOptions? opts = null)

name string: The unique name of the resource.
args TokenArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
opts ResourceOptions: A bag of options that control this resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args TokenArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args TokenArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

Token Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Programming Model docs.

Inputs

The Token resource accepts the following input properties:

Scopes string: The scopes this token was created with. These define what parts of the Account the token can be used to access. Many command-line tools, such as the Linode CLI, require tokens with access to *. Tokens with more restrictive scopes are generally more secure.
Expiry string: When this token will expire. Personal Access Tokens cannot be renewed, so after this time the token will be completely unusable and a new token will need to be generated. Tokens may be created with ‘null’ as their expiry and will never expire unless revoked.
Label string: A label for the Token.

Scopes string: The scopes this token was created with. These define what parts of the Account the token can be used to access. Many command-line tools, such as the Linode CLI, require tokens with access to *. Tokens with more restrictive scopes are generally more secure.
Expiry string: When this token will expire. Personal Access Tokens cannot be renewed, so after this time the token will be completely unusable and a new token will need to be generated. Tokens may be created with ‘null’ as their expiry and will never expire unless revoked.
Label string: A label for the Token.

scopes string: The scopes this token was created with. These define what parts of the Account the token can be used to access. Many command-line tools, such as the Linode CLI, require tokens with access to *. Tokens with more restrictive scopes are generally more secure.
expiry string: When this token will expire. Personal Access Tokens cannot be renewed, so after this time the token will be completely unusable and a new token will need to be generated. Tokens may be created with ‘null’ as their expiry and will never expire unless revoked.
label string: A label for the Token.

scopes str: The scopes this token was created with. These define what parts of the Account the token can be used to access. Many command-line tools, such as the Linode CLI, require tokens with access to *. Tokens with more restrictive scopes are generally more secure.
expiry str: When this token will expire. Personal Access Tokens cannot be renewed, so after this time the token will be completely unusable and a new token will need to be generated. Tokens may be created with ‘null’ as their expiry and will never expire unless revoked.
label str: A label for the Token.

Outputs

All input properties are implicitly available as output properties. Additionally, the Token resource produces the following output properties:

Created string: The date and time this token was created.
Id string: The provider-assigned unique ID for this managed resource.
TokenName string: The token used to access the API.

Created string: The date and time this token was created.
Id string: The provider-assigned unique ID for this managed resource.
Token string: The token used to access the API.

created string: The date and time this token was created.
id string: The provider-assigned unique ID for this managed resource.
token string: The token used to access the API.

created str: The date and time this token was created.
id str: The provider-assigned unique ID for this managed resource.
token str: The token used to access the API.

Look up an Existing Token Resource

Get an existing Token resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: TokenState, opts?: CustomResourceOptions): Token

@staticmethod
def get(resource_name: str, id: str, opts: Optional[ResourceOptions] = None, created: Optional[str] = None, expiry: Optional[str] = None, label: Optional[str] = None, scopes: Optional[str] = None, token: Optional[str] = None) -> Token

func GetToken(ctx *Context, name string, id IDInput, state *TokenState, opts ...ResourceOption) (*Token, error)

public static Token Get(string name, Input<string> id, TokenState? state, CustomResourceOptions? opts = null)

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

Created string: The date and time this token was created.
Expiry string: When this token will expire. Personal Access Tokens cannot be renewed, so after this time the token will be completely unusable and a new token will need to be generated. Tokens may be created with ‘null’ as their expiry and will never expire unless revoked.
Label string: A label for the Token.
Scopes string: The scopes this token was created with. These define what parts of the Account the token can be used to access. Many command-line tools, such as the Linode CLI, require tokens with access to *. Tokens with more restrictive scopes are generally more secure.
TokenName string: The token used to access the API.

Created string: The date and time this token was created.
Expiry string: When this token will expire. Personal Access Tokens cannot be renewed, so after this time the token will be completely unusable and a new token will need to be generated. Tokens may be created with ‘null’ as their expiry and will never expire unless revoked.
Label string: A label for the Token.
Scopes string: The scopes this token was created with. These define what parts of the Account the token can be used to access. Many command-line tools, such as the Linode CLI, require tokens with access to *. Tokens with more restrictive scopes are generally more secure.
Token string: The token used to access the API.

created string: The date and time this token was created.
expiry string: When this token will expire. Personal Access Tokens cannot be renewed, so after this time the token will be completely unusable and a new token will need to be generated. Tokens may be created with ‘null’ as their expiry and will never expire unless revoked.
label string: A label for the Token.
scopes string: The scopes this token was created with. These define what parts of the Account the token can be used to access. Many command-line tools, such as the Linode CLI, require tokens with access to *. Tokens with more restrictive scopes are generally more secure.
token string: The token used to access the API.

created str: The date and time this token was created.
expiry str: When this token will expire. Personal Access Tokens cannot be renewed, so after this time the token will be completely unusable and a new token will need to be generated. Tokens may be created with ‘null’ as their expiry and will never expire unless revoked.
label str: A label for the Token.
scopes str: The scopes this token was created with. These define what parts of the Account the token can be used to access. Many command-line tools, such as the Linode CLI, require tokens with access to *. Tokens with more restrictive scopes are generally more secure.
token str: The token used to access the API.

Import

Linodes Tokens can be imported using the Linode Token id, e.g.

The secret token will not be imported.

 $ pulumi import linode:index/token:Token mytoken 1234567

Package Details

Repository: https://github.com/pulumi/pulumi-linode
License: Apache-2.0
Notes: This Pulumi package is based on the linode Terraform Provider.

The Pulumi Platform

Get Started

Migrate to Pulumi

Solutions for All Teams and Engineers

Any Code

Any Cloud