linode.Token
Explore with Pulumi AI
Provides a Linode Token resource. This can be used to create, modify, and delete Linode API Personal Access Tokens. Personal Access Tokens proxy user credentials for Linode API access. This is necessary for tools, to interact with Linode services on a user’s behalf.
It is common for the provider itself to be configured with broadly scoped Personal Access Tokens. Provisioning scripts or tools configured within a Linode Instance should follow the principle of least privilege to afford only the required roles for tools to perform their necessary tasks. The linode.Token
resource allows for the management of Personal Access Tokens with scopes mirroring or narrowing the scope of the parent token.
For more information, see the Linode APIv4 docs.
Example Usage
The following example shows how one might use this resource to configure a token for use in another tool that needs access to Linode resources.
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Linode = Pulumi.Linode;
return await Deployment.RunAsync(() =>
{
var fooToken = new Linode.Token("fooToken", new()
{
Expiry = "2100-01-02T03:04:05Z",
Label = "token",
Scopes = "linodes:read_only",
});
var fooInstance = new Linode.Instance("fooInstance");
});
package main
import (
"github.com/pulumi/pulumi-linode/sdk/v4/go/linode"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := linode.NewToken(ctx, "fooToken", &linode.TokenArgs{
Expiry: pulumi.String("2100-01-02T03:04:05Z"),
Label: pulumi.String("token"),
Scopes: pulumi.String("linodes:read_only"),
})
if err != nil {
return err
}
_, err = linode.NewInstance(ctx, "fooInstance", nil)
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.linode.Token;
import com.pulumi.linode.TokenArgs;
import com.pulumi.linode.Instance;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var fooToken = new Token("fooToken", TokenArgs.builder()
.expiry("2100-01-02T03:04:05Z")
.label("token")
.scopes("linodes:read_only")
.build());
var fooInstance = new Instance("fooInstance");
}
}
import pulumi
import pulumi_linode as linode
foo_token = linode.Token("fooToken",
expiry="2100-01-02T03:04:05Z",
label="token",
scopes="linodes:read_only")
foo_instance = linode.Instance("fooInstance")
import * as pulumi from "@pulumi/pulumi";
import * as linode from "@pulumi/linode";
const fooToken = new linode.Token("fooToken", {
expiry: "2100-01-02T03:04:05Z",
label: "token",
scopes: "linodes:read_only",
});
const fooInstance = new linode.Instance("fooInstance", {});
resources:
fooToken:
type: linode:Token
properties:
expiry: 2100-01-02T03:04:05Z
label: token
scopes: linodes:read_only
fooInstance:
type: linode:Instance
Create Token Resource
new Token(name: string, args: TokenArgs, opts?: CustomResourceOptions);
@overload
def Token(resource_name: str,
opts: Optional[ResourceOptions] = None,
expiry: Optional[str] = None,
label: Optional[str] = None,
scopes: Optional[str] = None)
@overload
def Token(resource_name: str,
args: TokenArgs,
opts: Optional[ResourceOptions] = None)
func NewToken(ctx *Context, name string, args TokenArgs, opts ...ResourceOption) (*Token, error)
public Token(string name, TokenArgs args, CustomResourceOptions? opts = null)
type: linode:Token
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args TokenArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args TokenArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args TokenArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args TokenArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args TokenArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Token Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The Token resource accepts the following input properties:
- Scopes string
The scopes this token was created with. These define what parts of the Account the token can be used to access. Many command-line tools, such as the Linode CLI, require tokens with access to *. Tokens with more restrictive scopes are generally more secure. All scopes can be viewed in the Linode API documentation.
- Expiry string
When this token will expire. Personal Access Tokens cannot be renewed, so after this time the token will be completely unusable and a new token will need to be generated. Tokens may be created with 'null' as their expiry and will never expire unless revoked.
- Label string
A label for the Token.
- Scopes string
The scopes this token was created with. These define what parts of the Account the token can be used to access. Many command-line tools, such as the Linode CLI, require tokens with access to *. Tokens with more restrictive scopes are generally more secure. All scopes can be viewed in the Linode API documentation.
- Expiry string
When this token will expire. Personal Access Tokens cannot be renewed, so after this time the token will be completely unusable and a new token will need to be generated. Tokens may be created with 'null' as their expiry and will never expire unless revoked.
- Label string
A label for the Token.
- scopes String
The scopes this token was created with. These define what parts of the Account the token can be used to access. Many command-line tools, such as the Linode CLI, require tokens with access to *. Tokens with more restrictive scopes are generally more secure. All scopes can be viewed in the Linode API documentation.
- expiry String
When this token will expire. Personal Access Tokens cannot be renewed, so after this time the token will be completely unusable and a new token will need to be generated. Tokens may be created with 'null' as their expiry and will never expire unless revoked.
- label String
A label for the Token.
- scopes string
The scopes this token was created with. These define what parts of the Account the token can be used to access. Many command-line tools, such as the Linode CLI, require tokens with access to *. Tokens with more restrictive scopes are generally more secure. All scopes can be viewed in the Linode API documentation.
- expiry string
When this token will expire. Personal Access Tokens cannot be renewed, so after this time the token will be completely unusable and a new token will need to be generated. Tokens may be created with 'null' as their expiry and will never expire unless revoked.
- label string
A label for the Token.
- scopes str
The scopes this token was created with. These define what parts of the Account the token can be used to access. Many command-line tools, such as the Linode CLI, require tokens with access to *. Tokens with more restrictive scopes are generally more secure. All scopes can be viewed in the Linode API documentation.
- expiry str
When this token will expire. Personal Access Tokens cannot be renewed, so after this time the token will be completely unusable and a new token will need to be generated. Tokens may be created with 'null' as their expiry and will never expire unless revoked.
- label str
A label for the Token.
- scopes String
The scopes this token was created with. These define what parts of the Account the token can be used to access. Many command-line tools, such as the Linode CLI, require tokens with access to *. Tokens with more restrictive scopes are generally more secure. All scopes can be viewed in the Linode API documentation.
- expiry String
When this token will expire. Personal Access Tokens cannot be renewed, so after this time the token will be completely unusable and a new token will need to be generated. Tokens may be created with 'null' as their expiry and will never expire unless revoked.
- label String
A label for the Token.
Outputs
All input properties are implicitly available as output properties. Additionally, the Token resource produces the following output properties:
Look up Existing Token Resource
Get an existing Token resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: TokenState, opts?: CustomResourceOptions): Token
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
created: Optional[str] = None,
expiry: Optional[str] = None,
label: Optional[str] = None,
scopes: Optional[str] = None,
token: Optional[str] = None) -> Token
func GetToken(ctx *Context, name string, id IDInput, state *TokenState, opts ...ResourceOption) (*Token, error)
public static Token Get(string name, Input<string> id, TokenState? state, CustomResourceOptions? opts = null)
public static Token get(String name, Output<String> id, TokenState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Api
Token string The token used to access the API.
- Created string
The date this Token was created.
- Expiry string
When this token will expire. Personal Access Tokens cannot be renewed, so after this time the token will be completely unusable and a new token will need to be generated. Tokens may be created with 'null' as their expiry and will never expire unless revoked.
- Label string
A label for the Token.
- Scopes string
The scopes this token was created with. These define what parts of the Account the token can be used to access. Many command-line tools, such as the Linode CLI, require tokens with access to *. Tokens with more restrictive scopes are generally more secure. All scopes can be viewed in the Linode API documentation.
- Created string
The date this Token was created.
- Expiry string
When this token will expire. Personal Access Tokens cannot be renewed, so after this time the token will be completely unusable and a new token will need to be generated. Tokens may be created with 'null' as their expiry and will never expire unless revoked.
- Label string
A label for the Token.
- Scopes string
The scopes this token was created with. These define what parts of the Account the token can be used to access. Many command-line tools, such as the Linode CLI, require tokens with access to *. Tokens with more restrictive scopes are generally more secure. All scopes can be viewed in the Linode API documentation.
- Token string
The token used to access the API.
- created String
The date this Token was created.
- expiry String
When this token will expire. Personal Access Tokens cannot be renewed, so after this time the token will be completely unusable and a new token will need to be generated. Tokens may be created with 'null' as their expiry and will never expire unless revoked.
- label String
A label for the Token.
- scopes String
The scopes this token was created with. These define what parts of the Account the token can be used to access. Many command-line tools, such as the Linode CLI, require tokens with access to *. Tokens with more restrictive scopes are generally more secure. All scopes can be viewed in the Linode API documentation.
- token String
The token used to access the API.
- created string
The date this Token was created.
- expiry string
When this token will expire. Personal Access Tokens cannot be renewed, so after this time the token will be completely unusable and a new token will need to be generated. Tokens may be created with 'null' as their expiry and will never expire unless revoked.
- label string
A label for the Token.
- scopes string
The scopes this token was created with. These define what parts of the Account the token can be used to access. Many command-line tools, such as the Linode CLI, require tokens with access to *. Tokens with more restrictive scopes are generally more secure. All scopes can be viewed in the Linode API documentation.
- token string
The token used to access the API.
- created str
The date this Token was created.
- expiry str
When this token will expire. Personal Access Tokens cannot be renewed, so after this time the token will be completely unusable and a new token will need to be generated. Tokens may be created with 'null' as their expiry and will never expire unless revoked.
- label str
A label for the Token.
- scopes str
The scopes this token was created with. These define what parts of the Account the token can be used to access. Many command-line tools, such as the Linode CLI, require tokens with access to *. Tokens with more restrictive scopes are generally more secure. All scopes can be viewed in the Linode API documentation.
- token str
The token used to access the API.
- created String
The date this Token was created.
- expiry String
When this token will expire. Personal Access Tokens cannot be renewed, so after this time the token will be completely unusable and a new token will need to be generated. Tokens may be created with 'null' as their expiry and will never expire unless revoked.
- label String
A label for the Token.
- scopes String
The scopes this token was created with. These define what parts of the Account the token can be used to access. Many command-line tools, such as the Linode CLI, require tokens with access to *. Tokens with more restrictive scopes are generally more secure. All scopes can be viewed in the Linode API documentation.
- token String
The token used to access the API.
Import
Linodes Tokens can be imported using the Linode Token id
, e.g.
The secret token will not be imported.
$ pulumi import linode:index/token:Token mytoken 1234567
Package Details
- Repository
- Linode pulumi/pulumi-linode
- License
- Apache-2.0
- Notes
This Pulumi package is based on the
linode
Terraform Provider.