Linode v4.39.0, May 8 25

Linode v4.39.0 published on Thursday, May 8, 2025 by Pulumi

linode.Token

Explore with Pulumi AI

Linode v4.39.0 published on Thursday, May 8, 2025 by Pulumi

It is common for the provider itself to be configured with broadly scoped Personal Access Tokens. Provisioning scripts or tools configured within a Linode Instance should follow the principle of least privilege to afford only the required roles for tools to perform their necessary tasks. The linode.Token resource allows for the management of Personal Access Tokens with scopes mirroring or narrowing the scope of the parent token.

For more information, see the Linode APIv4 docs.

Example Usage

The following example shows how one might use this resource to configure a token for use in another tool that needs access to Linode resources.

import * as pulumi from "@pulumi/pulumi";
import * as linode from "@pulumi/linode";

const foo = new linode.Token("foo", {
    label: "token",
    scopes: "linodes:read_only",
    expiry: "2100-01-02T03:04:05Z",
});
const fooInstance = new linode.Instance("foo", {});

import pulumi
import pulumi_linode as linode

foo = linode.Token("foo",
    label="token",
    scopes="linodes:read_only",
    expiry="2100-01-02T03:04:05Z")
foo_instance = linode.Instance("foo")

package main

import (
	"github.com/pulumi/pulumi-linode/sdk/v4/go/linode"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := linode.NewToken(ctx, "foo", &linode.TokenArgs{
			Label:  pulumi.String("token"),
			Scopes: pulumi.String("linodes:read_only"),
			Expiry: pulumi.String("2100-01-02T03:04:05Z"),
		})
		if err != nil {
			return err
		}
		_, err = linode.NewInstance(ctx, "foo", nil)
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Linode = Pulumi.Linode;

return await Deployment.RunAsync(() => 
{
    var foo = new Linode.Token("foo", new()
    {
        Label = "token",
        Scopes = "linodes:read_only",
        Expiry = "2100-01-02T03:04:05Z",
    });

    var fooInstance = new Linode.Instance("foo");

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.linode.Token;
import com.pulumi.linode.TokenArgs;
import com.pulumi.linode.Instance;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var foo = new Token("foo", TokenArgs.builder()
            .label("token")
            .scopes("linodes:read_only")
            .expiry("2100-01-02T03:04:05Z")
            .build());

        var fooInstance = new Instance("fooInstance");

    }
}

resources:
  foo:
    type: linode:Token
    properties:
      label: token
      scopes: linodes:read_only
      expiry: 2100-01-02T03:04:05Z
  fooInstance:
    type: linode:Instance
    name: foo

Create Token Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new Token(name: string, args: TokenArgs, opts?: CustomResourceOptions);

@overload
def Token(resource_name: str,
          args: TokenArgs,
          opts: Optional[ResourceOptions] = None)

@overload
def Token(resource_name: str,
          opts: Optional[ResourceOptions] = None,
          scopes: Optional[str] = None,
          expiry: Optional[str] = None,
          label: Optional[str] = None)

func NewToken(ctx *Context, name string, args TokenArgs, opts ...ResourceOption) (*Token, error)

public Token(string name, TokenArgs args, CustomResourceOptions? opts = null)

public Token(String name, TokenArgs args)
public Token(String name, TokenArgs args, CustomResourceOptions options)

type: linode:Token
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args TokenArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args TokenArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args TokenArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args TokenArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args TokenArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var tokenResource = new Linode.Token("tokenResource", new()
{
    Scopes = "string",
    Expiry = "string",
    Label = "string",
});

example, err := linode.NewToken(ctx, "tokenResource", &linode.TokenArgs{
	Scopes: pulumi.String("string"),
	Expiry: pulumi.String("string"),
	Label:  pulumi.String("string"),
})

var tokenResource = new Token("tokenResource", TokenArgs.builder()
    .scopes("string")
    .expiry("string")
    .label("string")
    .build());

token_resource = linode.Token("tokenResource",
    scopes="string",
    expiry="string",
    label="string")

const tokenResource = new linode.Token("tokenResource", {
    scopes: "string",
    expiry: "string",
    label: "string",
});

type: linode:Token
properties:
    expiry: string
    label: string
    scopes: string

Token Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The Token resource accepts the following input properties:

Scopes string: The scopes this token was created with. These define what parts of the Account the token can be used to access. Many command-line tools, such as the Linode CLI, require tokens with access to *. Tokens with more restrictive scopes are generally more secure. All scopes can be viewed in the Linode API documentation.
Expiry string: When this token will expire. Personal Access Tokens cannot be renewed, so after this time the token will be completely unusable and a new token will need to be generated. Tokens may be created with 'null' as their expiry and will never expire unless revoked.
Label string: A label for the Token.

Scopes string: The scopes this token was created with. These define what parts of the Account the token can be used to access. Many command-line tools, such as the Linode CLI, require tokens with access to *. Tokens with more restrictive scopes are generally more secure. All scopes can be viewed in the Linode API documentation.
Expiry string: When this token will expire. Personal Access Tokens cannot be renewed, so after this time the token will be completely unusable and a new token will need to be generated. Tokens may be created with 'null' as their expiry and will never expire unless revoked.
Label string: A label for the Token.

scopes String: The scopes this token was created with. These define what parts of the Account the token can be used to access. Many command-line tools, such as the Linode CLI, require tokens with access to *. Tokens with more restrictive scopes are generally more secure. All scopes can be viewed in the Linode API documentation.
expiry String: When this token will expire. Personal Access Tokens cannot be renewed, so after this time the token will be completely unusable and a new token will need to be generated. Tokens may be created with 'null' as their expiry and will never expire unless revoked.
label String: A label for the Token.

scopes string: The scopes this token was created with. These define what parts of the Account the token can be used to access. Many command-line tools, such as the Linode CLI, require tokens with access to *. Tokens with more restrictive scopes are generally more secure. All scopes can be viewed in the Linode API documentation.
expiry string: When this token will expire. Personal Access Tokens cannot be renewed, so after this time the token will be completely unusable and a new token will need to be generated. Tokens may be created with 'null' as their expiry and will never expire unless revoked.
label string: A label for the Token.

scopes str: The scopes this token was created with. These define what parts of the Account the token can be used to access. Many command-line tools, such as the Linode CLI, require tokens with access to *. Tokens with more restrictive scopes are generally more secure. All scopes can be viewed in the Linode API documentation.
expiry str: When this token will expire. Personal Access Tokens cannot be renewed, so after this time the token will be completely unusable and a new token will need to be generated. Tokens may be created with 'null' as their expiry and will never expire unless revoked.
label str: A label for the Token.

scopes String: The scopes this token was created with. These define what parts of the Account the token can be used to access. Many command-line tools, such as the Linode CLI, require tokens with access to *. Tokens with more restrictive scopes are generally more secure. All scopes can be viewed in the Linode API documentation.
expiry String: When this token will expire. Personal Access Tokens cannot be renewed, so after this time the token will be completely unusable and a new token will need to be generated. Tokens may be created with 'null' as their expiry and will never expire unless revoked.
label String: A label for the Token.

Outputs

All input properties are implicitly available as output properties. Additionally, the Token resource produces the following output properties:

ApiToken string: The token used to access the API.
Created string: The date this Token was created.
Id string: The provider-assigned unique ID for this managed resource.

Created string: The date this Token was created.
Id string: The provider-assigned unique ID for this managed resource.
Token string: The token used to access the API.

created String: The date this Token was created.
id String: The provider-assigned unique ID for this managed resource.
token String: The token used to access the API.

created string: The date this Token was created.
id string: The provider-assigned unique ID for this managed resource.
token string: The token used to access the API.

created str: The date this Token was created.
id str: The provider-assigned unique ID for this managed resource.
token str: The token used to access the API.

created String: The date this Token was created.
id String: The provider-assigned unique ID for this managed resource.
token String: The token used to access the API.

Look up Existing Token Resource

Get an existing Token resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: TokenState, opts?: CustomResourceOptions): Token

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        created: Optional[str] = None,
        expiry: Optional[str] = None,
        label: Optional[str] = None,
        scopes: Optional[str] = None,
        token: Optional[str] = None) -> Token

func GetToken(ctx *Context, name string, id IDInput, state *TokenState, opts ...ResourceOption) (*Token, error)

public static Token Get(string name, Input<string> id, TokenState? state, CustomResourceOptions? opts = null)

public static Token get(String name, Output<String> id, TokenState state, CustomResourceOptions options)

resources:  _:    type: linode:Token    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

ApiToken string: The token used to access the API.
Created string: The date this Token was created.
Expiry string: When this token will expire. Personal Access Tokens cannot be renewed, so after this time the token will be completely unusable and a new token will need to be generated. Tokens may be created with 'null' as their expiry and will never expire unless revoked.
Label string: A label for the Token.
Scopes string: The scopes this token was created with. These define what parts of the Account the token can be used to access. Many command-line tools, such as the Linode CLI, require tokens with access to *. Tokens with more restrictive scopes are generally more secure. All scopes can be viewed in the Linode API documentation.

Created string: The date this Token was created.
Expiry string: When this token will expire. Personal Access Tokens cannot be renewed, so after this time the token will be completely unusable and a new token will need to be generated. Tokens may be created with 'null' as their expiry and will never expire unless revoked.
Label string: A label for the Token.
Scopes string: The scopes this token was created with. These define what parts of the Account the token can be used to access. Many command-line tools, such as the Linode CLI, require tokens with access to *. Tokens with more restrictive scopes are generally more secure. All scopes can be viewed in the Linode API documentation.
Token string: The token used to access the API.

created String: The date this Token was created.
expiry String: When this token will expire. Personal Access Tokens cannot be renewed, so after this time the token will be completely unusable and a new token will need to be generated. Tokens may be created with 'null' as their expiry and will never expire unless revoked.
label String: A label for the Token.
scopes String: The scopes this token was created with. These define what parts of the Account the token can be used to access. Many command-line tools, such as the Linode CLI, require tokens with access to *. Tokens with more restrictive scopes are generally more secure. All scopes can be viewed in the Linode API documentation.
token String: The token used to access the API.

created string: The date this Token was created.
expiry string: When this token will expire. Personal Access Tokens cannot be renewed, so after this time the token will be completely unusable and a new token will need to be generated. Tokens may be created with 'null' as their expiry and will never expire unless revoked.
label string: A label for the Token.
scopes string: The scopes this token was created with. These define what parts of the Account the token can be used to access. Many command-line tools, such as the Linode CLI, require tokens with access to *. Tokens with more restrictive scopes are generally more secure. All scopes can be viewed in the Linode API documentation.
token string: The token used to access the API.

created str: The date this Token was created.
expiry str: When this token will expire. Personal Access Tokens cannot be renewed, so after this time the token will be completely unusable and a new token will need to be generated. Tokens may be created with 'null' as their expiry and will never expire unless revoked.
label str: A label for the Token.
scopes str: The scopes this token was created with. These define what parts of the Account the token can be used to access. Many command-line tools, such as the Linode CLI, require tokens with access to *. Tokens with more restrictive scopes are generally more secure. All scopes can be viewed in the Linode API documentation.
token str: The token used to access the API.

created String: The date this Token was created.
expiry String: When this token will expire. Personal Access Tokens cannot be renewed, so after this time the token will be completely unusable and a new token will need to be generated. Tokens may be created with 'null' as their expiry and will never expire unless revoked.
label String: A label for the Token.
scopes String: The scopes this token was created with. These define what parts of the Account the token can be used to access. Many command-line tools, such as the Linode CLI, require tokens with access to *. Tokens with more restrictive scopes are generally more secure. All scopes can be viewed in the Linode API documentation.
token String: The token used to access the API.

Import

Linodes Tokens can be imported using the Linode Token id, e.g. The secret token will not be imported.

$ pulumi import linode:index/token:Token mytoken 1234567

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: Linode pulumi/pulumi-linode
License: Apache-2.0
Notes: This Pulumi package is based on the linode Terraform Provider.

Linode v4.39.0 published on Thursday, May 8, 2025 by Pulumi

pulumi/pulumi-linode

linode.Token

On this page

On this page

Example Usage

Create Token Resource

Constructor syntax

Parameters

Constructor example

Token Resource Properties

Inputs

Outputs

Look up Existing Token Resource

Import

Package Details

On this page

On this page