AuthBackendRoleTag

Reads role tag information from an AWS auth backend in Vault.

Example Usage

Coming soon!

Coming soon!

Coming soon!

import * as pulumi from "@pulumi/pulumi";
import * as vault from "@pulumi/vault";

const aws = new vault.AuthBackend("aws", {
    path: `%s`,
    type: "aws",
});
const role = new vault.aws.AuthBackendRole("role", {
    backend: aws.path,
    role: `%s`,
    authType: "ec2",
    boundAccountId: "123456789012",
    policies: [
        "dev",
        "prod",
        "qa",
        "test",
    ],
    roleTag: "VaultRoleTag",
});
const test = new vault.aws.AuthBackendRoleTag("test", {
    backend: aws.path,
    role: role.role,
    policies: [
        "prod",
        "dev",
        "test",
    ],
    maxTtl: "1h",
    instanceId: "i-1234567",
});

Create a AuthBackendRoleTag Resource

new AuthBackendRoleTag(name: string, args: AuthBackendRoleTagArgs, opts?: CustomResourceOptions);
@overload
def AuthBackendRoleTag(resource_name: str,
                       opts: Optional[ResourceOptions] = None,
                       allow_instance_migration: Optional[bool] = None,
                       backend: Optional[str] = None,
                       disallow_reauthentication: Optional[bool] = None,
                       instance_id: Optional[str] = None,
                       max_ttl: Optional[str] = None,
                       policies: Optional[Sequence[str]] = None,
                       role: Optional[str] = None)
@overload
def AuthBackendRoleTag(resource_name: str,
                       args: AuthBackendRoleTagArgs,
                       opts: Optional[ResourceOptions] = None)
func NewAuthBackendRoleTag(ctx *Context, name string, args AuthBackendRoleTagArgs, opts ...ResourceOption) (*AuthBackendRoleTag, error)
public AuthBackendRoleTag(string name, AuthBackendRoleTagArgs args, CustomResourceOptions? opts = null)
name string
The unique name of the resource.
args AuthBackendRoleTagArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
args AuthBackendRoleTagArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args AuthBackendRoleTagArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args AuthBackendRoleTagArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.

AuthBackendRoleTag Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The AuthBackendRoleTag resource accepts the following input properties:

Role string
The name of the AWS auth backend role to read role tags from, with no leading or trailing /s.
AllowInstanceMigration bool
If set, allows migration of the underlying instances where the client resides. Use with caution.
Backend string
The path to the AWS auth backend to read role tags from, with no leading or trailing /s. Defaults to “aws”.
DisallowReauthentication bool
If set, only allows a single token to be granted per instance ID.
InstanceId string
Instance ID for which this tag is intended for. If set, the created tag can only be used by the instance with the given ID.
MaxTtl string
The maximum TTL of the tokens issued using this role.
Policies List<string>
The policies to be associated with the tag. Must be a subset of the policies associated with the role.
Role string
The name of the AWS auth backend role to read role tags from, with no leading or trailing /s.
AllowInstanceMigration bool
If set, allows migration of the underlying instances where the client resides. Use with caution.
Backend string
The path to the AWS auth backend to read role tags from, with no leading or trailing /s. Defaults to “aws”.
DisallowReauthentication bool
If set, only allows a single token to be granted per instance ID.
InstanceId string
Instance ID for which this tag is intended for. If set, the created tag can only be used by the instance with the given ID.
MaxTtl string
The maximum TTL of the tokens issued using this role.
Policies []string
The policies to be associated with the tag. Must be a subset of the policies associated with the role.
role string
The name of the AWS auth backend role to read role tags from, with no leading or trailing /s.
allowInstanceMigration boolean
If set, allows migration of the underlying instances where the client resides. Use with caution.
backend string
The path to the AWS auth backend to read role tags from, with no leading or trailing /s. Defaults to “aws”.
disallowReauthentication boolean
If set, only allows a single token to be granted per instance ID.
instanceId string
Instance ID for which this tag is intended for. If set, the created tag can only be used by the instance with the given ID.
maxTtl string
The maximum TTL of the tokens issued using this role.
policies string[]
The policies to be associated with the tag. Must be a subset of the policies associated with the role.
role str
The name of the AWS auth backend role to read role tags from, with no leading or trailing /s.
allow_instance_migration bool
If set, allows migration of the underlying instances where the client resides. Use with caution.
backend str
The path to the AWS auth backend to read role tags from, with no leading or trailing /s. Defaults to “aws”.
disallow_reauthentication bool
If set, only allows a single token to be granted per instance ID.
instance_id str
Instance ID for which this tag is intended for. If set, the created tag can only be used by the instance with the given ID.
max_ttl str
The maximum TTL of the tokens issued using this role.
policies Sequence[str]
The policies to be associated with the tag. Must be a subset of the policies associated with the role.

Outputs

All input properties are implicitly available as output properties. Additionally, the AuthBackendRoleTag resource produces the following output properties:

Id string
The provider-assigned unique ID for this managed resource.
TagKey string
The key of the role tag.
TagValue string
The value to set the role key.
Id string
The provider-assigned unique ID for this managed resource.
TagKey string
The key of the role tag.
TagValue string
The value to set the role key.
id string
The provider-assigned unique ID for this managed resource.
tagKey string
The key of the role tag.
tagValue string
The value to set the role key.
id str
The provider-assigned unique ID for this managed resource.
tag_key str
The key of the role tag.
tag_value str
The value to set the role key.

Look up an Existing AuthBackendRoleTag Resource

Get an existing AuthBackendRoleTag resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: AuthBackendRoleTagState, opts?: CustomResourceOptions): AuthBackendRoleTag
@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        allow_instance_migration: Optional[bool] = None,
        backend: Optional[str] = None,
        disallow_reauthentication: Optional[bool] = None,
        instance_id: Optional[str] = None,
        max_ttl: Optional[str] = None,
        policies: Optional[Sequence[str]] = None,
        role: Optional[str] = None,
        tag_key: Optional[str] = None,
        tag_value: Optional[str] = None) -> AuthBackendRoleTag
func GetAuthBackendRoleTag(ctx *Context, name string, id IDInput, state *AuthBackendRoleTagState, opts ...ResourceOption) (*AuthBackendRoleTag, error)
public static AuthBackendRoleTag Get(string name, Input<string> id, AuthBackendRoleTagState? state, CustomResourceOptions? opts = null)
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.

The following state arguments are supported:

AllowInstanceMigration bool
If set, allows migration of the underlying instances where the client resides. Use with caution.
Backend string
The path to the AWS auth backend to read role tags from, with no leading or trailing /s. Defaults to “aws”.
DisallowReauthentication bool
If set, only allows a single token to be granted per instance ID.
InstanceId string
Instance ID for which this tag is intended for. If set, the created tag can only be used by the instance with the given ID.
MaxTtl string
The maximum TTL of the tokens issued using this role.
Policies List<string>
The policies to be associated with the tag. Must be a subset of the policies associated with the role.
Role string
The name of the AWS auth backend role to read role tags from, with no leading or trailing /s.
TagKey string
The key of the role tag.
TagValue string
The value to set the role key.
AllowInstanceMigration bool
If set, allows migration of the underlying instances where the client resides. Use with caution.
Backend string
The path to the AWS auth backend to read role tags from, with no leading or trailing /s. Defaults to “aws”.
DisallowReauthentication bool
If set, only allows a single token to be granted per instance ID.
InstanceId string
Instance ID for which this tag is intended for. If set, the created tag can only be used by the instance with the given ID.
MaxTtl string
The maximum TTL of the tokens issued using this role.
Policies []string
The policies to be associated with the tag. Must be a subset of the policies associated with the role.
Role string
The name of the AWS auth backend role to read role tags from, with no leading or trailing /s.
TagKey string
The key of the role tag.
TagValue string
The value to set the role key.
allowInstanceMigration boolean
If set, allows migration of the underlying instances where the client resides. Use with caution.
backend string
The path to the AWS auth backend to read role tags from, with no leading or trailing /s. Defaults to “aws”.
disallowReauthentication boolean
If set, only allows a single token to be granted per instance ID.
instanceId string
Instance ID for which this tag is intended for. If set, the created tag can only be used by the instance with the given ID.
maxTtl string
The maximum TTL of the tokens issued using this role.
policies string[]
The policies to be associated with the tag. Must be a subset of the policies associated with the role.
role string
The name of the AWS auth backend role to read role tags from, with no leading or trailing /s.
tagKey string
The key of the role tag.
tagValue string
The value to set the role key.
allow_instance_migration bool
If set, allows migration of the underlying instances where the client resides. Use with caution.
backend str
The path to the AWS auth backend to read role tags from, with no leading or trailing /s. Defaults to “aws”.
disallow_reauthentication bool
If set, only allows a single token to be granted per instance ID.
instance_id str
Instance ID for which this tag is intended for. If set, the created tag can only be used by the instance with the given ID.
max_ttl str
The maximum TTL of the tokens issued using this role.
policies Sequence[str]
The policies to be associated with the tag. Must be a subset of the policies associated with the role.
role str
The name of the AWS auth backend role to read role tags from, with no leading or trailing /s.
tag_key str
The key of the role tag.
tag_value str
The value to set the role key.

Package Details

Repository
https://github.com/pulumi/pulumi-vault
License
Apache-2.0
Notes
This Pulumi package is based on the vault Terraform Provider.