com.pulumi.vault.aws.kotlin.AuthBackendRoleArgs.kt Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of pulumi-vault-kotlin Show documentation
Show all versions of pulumi-vault-kotlin Show documentation
Build cloud applications and infrastructure by combining the safety and reliability of infrastructure as code with the power of the Kotlin programming language.
@file:Suppress("NAME_SHADOWING", "DEPRECATION")
package com.pulumi.vault.aws.kotlin
import com.pulumi.core.Output
import com.pulumi.core.Output.of
import com.pulumi.kotlin.ConvertibleToJava
import com.pulumi.kotlin.PulumiTagMarker
import com.pulumi.vault.aws.AuthBackendRoleArgs.builder
import kotlin.Boolean
import kotlin.Int
import kotlin.String
import kotlin.Suppress
import kotlin.collections.List
import kotlin.jvm.JvmName
/**
* Manages an AWS auth backend role in a Vault server. Roles constrain the
* instances or principals that can perform the login operation against the
* backend. See the [Vault
* documentation](https://www.vaultproject.io/docs/auth/aws.html) for more
* information.
* ## Example Usage
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as vault from "@pulumi/vault";
* const aws = new vault.AuthBackend("aws", {type: "aws"});
* const example = new vault.aws.AuthBackendRole("example", {
* backend: aws.path,
* role: "test-role",
* authType: "iam",
* boundAmiIds: ["ami-8c1be5f6"],
* boundAccountIds: ["123456789012"],
* boundVpcIds: ["vpc-b61106d4"],
* boundSubnetIds: ["vpc-133128f1"],
* boundIamRoleArns: ["arn:aws:iam::123456789012:role/MyRole"],
* boundIamInstanceProfileArns: ["arn:aws:iam::123456789012:instance-profile/MyProfile"],
* inferredEntityType: "ec2_instance",
* inferredAwsRegion: "us-east-1",
* tokenTtl: 60,
* tokenMaxTtl: 120,
* tokenPolicies: [
* "default",
* "dev",
* "prod",
* ],
* });
* ```
* ```python
* import pulumi
* import pulumi_vault as vault
* aws = vault.AuthBackend("aws", type="aws")
* example = vault.aws.AuthBackendRole("example",
* backend=aws.path,
* role="test-role",
* auth_type="iam",
* bound_ami_ids=["ami-8c1be5f6"],
* bound_account_ids=["123456789012"],
* bound_vpc_ids=["vpc-b61106d4"],
* bound_subnet_ids=["vpc-133128f1"],
* bound_iam_role_arns=["arn:aws:iam::123456789012:role/MyRole"],
* bound_iam_instance_profile_arns=["arn:aws:iam::123456789012:instance-profile/MyProfile"],
* inferred_entity_type="ec2_instance",
* inferred_aws_region="us-east-1",
* token_ttl=60,
* token_max_ttl=120,
* token_policies=[
* "default",
* "dev",
* "prod",
* ])
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Vault = Pulumi.Vault;
* return await Deployment.RunAsync(() =>
* {
* var aws = new Vault.AuthBackend("aws", new()
* {
* Type = "aws",
* });
* var example = new Vault.Aws.AuthBackendRole("example", new()
* {
* Backend = aws.Path,
* Role = "test-role",
* AuthType = "iam",
* BoundAmiIds = new[]
* {
* "ami-8c1be5f6",
* },
* BoundAccountIds = new[]
* {
* "123456789012",
* },
* BoundVpcIds = new[]
* {
* "vpc-b61106d4",
* },
* BoundSubnetIds = new[]
* {
* "vpc-133128f1",
* },
* BoundIamRoleArns = new[]
* {
* "arn:aws:iam::123456789012:role/MyRole",
* },
* BoundIamInstanceProfileArns = new[]
* {
* "arn:aws:iam::123456789012:instance-profile/MyProfile",
* },
* InferredEntityType = "ec2_instance",
* InferredAwsRegion = "us-east-1",
* TokenTtl = 60,
* TokenMaxTtl = 120,
* TokenPolicies = new[]
* {
* "default",
* "dev",
* "prod",
* },
* });
* });
* ```
* ```go
* package main
* import (
* "github.com/pulumi/pulumi-vault/sdk/v6/go/vault"
* "github.com/pulumi/pulumi-vault/sdk/v6/go/vault/aws"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* aws, err := vault.NewAuthBackend(ctx, "aws", &vault.AuthBackendArgs{
* Type: pulumi.String("aws"),
* })
* if err != nil {
* return err
* }
* _, err = aws.NewAuthBackendRole(ctx, "example", &aws.AuthBackendRoleArgs{
* Backend: aws.Path,
* Role: pulumi.String("test-role"),
* AuthType: pulumi.String("iam"),
* BoundAmiIds: pulumi.StringArray{
* pulumi.String("ami-8c1be5f6"),
* },
* BoundAccountIds: pulumi.StringArray{
* pulumi.String("123456789012"),
* },
* BoundVpcIds: pulumi.StringArray{
* pulumi.String("vpc-b61106d4"),
* },
* BoundSubnetIds: pulumi.StringArray{
* pulumi.String("vpc-133128f1"),
* },
* BoundIamRoleArns: pulumi.StringArray{
* pulumi.String("arn:aws:iam::123456789012:role/MyRole"),
* },
* BoundIamInstanceProfileArns: pulumi.StringArray{
* pulumi.String("arn:aws:iam::123456789012:instance-profile/MyProfile"),
* },
* InferredEntityType: pulumi.String("ec2_instance"),
* InferredAwsRegion: pulumi.String("us-east-1"),
* TokenTtl: pulumi.Int(60),
* TokenMaxTtl: pulumi.Int(120),
* TokenPolicies: pulumi.StringArray{
* pulumi.String("default"),
* pulumi.String("dev"),
* pulumi.String("prod"),
* },
* })
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.vault.AuthBackend;
* import com.pulumi.vault.AuthBackendArgs;
* import com.pulumi.vault.aws.AuthBackendRole;
* import com.pulumi.vault.aws.AuthBackendRoleArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* var aws = new AuthBackend("aws", AuthBackendArgs.builder()
* .type("aws")
* .build());
* var example = new AuthBackendRole("example", AuthBackendRoleArgs.builder()
* .backend(aws.path())
* .role("test-role")
* .authType("iam")
* .boundAmiIds("ami-8c1be5f6")
* .boundAccountIds("123456789012")
* .boundVpcIds("vpc-b61106d4")
* .boundSubnetIds("vpc-133128f1")
* .boundIamRoleArns("arn:aws:iam::123456789012:role/MyRole")
* .boundIamInstanceProfileArns("arn:aws:iam::123456789012:instance-profile/MyProfile")
* .inferredEntityType("ec2_instance")
* .inferredAwsRegion("us-east-1")
* .tokenTtl(60)
* .tokenMaxTtl(120)
* .tokenPolicies(
* "default",
* "dev",
* "prod")
* .build());
* }
* }
* ```
* ```yaml
* resources:
* aws:
* type: vault:AuthBackend
* properties:
* type: aws
* example:
* type: vault:aws:AuthBackendRole
* properties:
* backend: ${aws.path}
* role: test-role
* authType: iam
* boundAmiIds:
* - ami-8c1be5f6
* boundAccountIds:
* - '123456789012'
* boundVpcIds:
* - vpc-b61106d4
* boundSubnetIds:
* - vpc-133128f1
* boundIamRoleArns:
* - arn:aws:iam::123456789012:role/MyRole
* boundIamInstanceProfileArns:
* - arn:aws:iam::123456789012:instance-profile/MyProfile
* inferredEntityType: ec2_instance
* inferredAwsRegion: us-east-1
* tokenTtl: 60
* tokenMaxTtl: 120
* tokenPolicies:
* - default
* - dev
* - prod
* ```
*
* ## Import
* AWS auth backend roles can be imported using `auth/`, the `backend` path, `/role/`, and the `role` name e.g.
* ```sh
* $ pulumi import vault:aws/authBackendRole:AuthBackendRole example auth/aws/role/test-role
* ```
* @property allowInstanceMigration If set to `true`, allows migration of
* the underlying instance where the client resides.
* @property authType The auth type permitted for this role. Valid choices
* are `ec2` and `iam`. Defaults to `iam`.
* @property backend Path to the mounted aws auth backend.
* @property boundAccountIds If set, defines a constraint on the EC2
* instances that can perform the login operation that they should be using the
* account ID specified by this field. `auth_type` must be set to `ec2` or
* `inferred_entity_type` must be set to `ec2_instance` to use this constraint.
* @property boundAmiIds If set, defines a constraint on the EC2 instances
* that can perform the login operation that they should be using the AMI ID
* specified by this field. `auth_type` must be set to `ec2` or
* `inferred_entity_type` must be set to `ec2_instance` to use this constraint.
* @property boundEc2InstanceIds Only EC2 instances that match this instance ID will be permitted to log in.
* @property boundIamInstanceProfileArns If set, defines a constraint on
* the EC2 instances that can perform the login operation that they must be
* associated with an IAM instance profile ARN which has a prefix that matches
* the value specified by this field. The value is prefix-matched as though it
* were a glob ending in `*`. `auth_type` must be set to `ec2` or
* `inferred_entity_type` must be set to `ec2_instance` to use this constraint.
* @property boundIamPrincipalArns If set, defines the IAM principal that
* must be authenticated when `auth_type` is set to `iam`. Wildcards are
* supported at the end of the ARN.
* @property boundIamRoleArns If set, defines a constraint on the EC2
* instances that can perform the login operation that they must match the IAM
* role ARN specified by this field. `auth_type` must be set to `ec2` or
* `inferred_entity_type` must be set to `ec2_instance` to use this constraint.
* @property boundRegions If set, defines a constraint on the EC2 instances
* that can perform the login operation that the region in their identity
* document must match the one specified by this field. `auth_type` must be set
* to `ec2` or `inferred_entity_type` must be set to `ec2_instance` to use this
* constraint.
* @property boundSubnetIds If set, defines a constraint on the EC2
* instances that can perform the login operation that they be associated with
* the subnet ID that matches the value specified by this field. `auth_type`
* must be set to `ec2` or `inferred_entity_type` must be set to `ec2_instance`
* to use this constraint.
* @property boundVpcIds If set, defines a constraint on the EC2 instances
* that can perform the login operation that they be associated with the VPC ID
* that matches the value specified by this field. `auth_type` must be set to
* `ec2` or `inferred_entity_type` must be set to `ec2_instance` to use this
* constraint.
* @property disallowReauthentication IF set to `true`, only allows a
* single token to be granted per instance ID. This can only be set when
* `auth_type` is set to `ec2`.
* @property inferredAwsRegion When `inferred_entity_type` is set, this
* is the region to search for the inferred entities. Required if
* `inferred_entity_type` is set. This only applies when `auth_type` is set to
* `iam`.
* @property inferredEntityType If set, instructs Vault to turn on
* inferencing. The only valid value is `ec2_instance`, which instructs Vault to
* infer that the role comes from an EC2 instance in an IAM instance profile.
* This only applies when `auth_type` is set to `iam`.
* @property namespace The namespace to provision the resource in.
* The value should not contain leading or trailing forward slashes.
* The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
* *Available only for Vault Enterprise*.
* @property resolveAwsUniqueIds Only valid when
* `auth_type` is `iam`. If set to `true`, the `bound_iam_principal_arns` are
* resolved to [AWS Unique
* IDs](http://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html#identifiers-unique-ids)
* for the bound principal ARN. This field is ignored when a
* `bound_iam_principal_arn` ends in a wildcard. Resolving to unique IDs more
* closely mimics the behavior of AWS services in that if an IAM user or role is
* deleted and a new one is recreated with the same name, those new users or
* roles won't get access to roles in Vault that were permissioned to the prior
* principals of the same name. Defaults to `true`.
* Once set to `true`, this cannot be changed to `false` without recreating the role.
* @property role The name of the role.
* @property roleTag If set, enable role tags for this role. The value set
* for this field should be the key of the tag on the EC2 instance. `auth_type`
* must be set to `ec2` or `inferred_entity_type` must be set to `ec2_instance`
* to use this constraint.
* @property tokenBoundCidrs Specifies the blocks of IP addresses which are allowed to use the generated token
* @property tokenExplicitMaxTtl Generated Token's Explicit Maximum TTL in seconds
* @property tokenMaxTtl The maximum lifetime of the generated token
* @property tokenNoDefaultPolicy If true, the 'default' policy will not automatically be added to generated tokens
* @property tokenNumUses The maximum number of times a token may be used, a value of zero means unlimited
* @property tokenPeriod Generated Token's Period
* @property tokenPolicies Generated Token's Policies
* @property tokenTtl The initial ttl of the token to generate in seconds
* @property tokenType The type of token to generate, service or batch
*/
public data class AuthBackendRoleArgs(
public val allowInstanceMigration: Output? = null,
public val authType: Output? = null,
public val backend: Output? = null,
public val boundAccountIds: Output>? = null,
public val boundAmiIds: Output>? = null,
public val boundEc2InstanceIds: Output>? = null,
public val boundIamInstanceProfileArns: Output>? = null,
public val boundIamPrincipalArns: Output>? = null,
public val boundIamRoleArns: Output>? = null,
public val boundRegions: Output>? = null,
public val boundSubnetIds: Output>? = null,
public val boundVpcIds: Output>? = null,
public val disallowReauthentication: Output? = null,
public val inferredAwsRegion: Output? = null,
public val inferredEntityType: Output? = null,
public val namespace: Output? = null,
public val resolveAwsUniqueIds: Output? = null,
public val role: Output? = null,
public val roleTag: Output? = null,
public val tokenBoundCidrs: Output>? = null,
public val tokenExplicitMaxTtl: Output? = null,
public val tokenMaxTtl: Output? = null,
public val tokenNoDefaultPolicy: Output? = null,
public val tokenNumUses: Output? = null,
public val tokenPeriod: Output? = null,
public val tokenPolicies: Output>? = null,
public val tokenTtl: Output? = null,
public val tokenType: Output? = null,
) : ConvertibleToJava {
override fun toJava(): com.pulumi.vault.aws.AuthBackendRoleArgs =
com.pulumi.vault.aws.AuthBackendRoleArgs.builder()
.allowInstanceMigration(allowInstanceMigration?.applyValue({ args0 -> args0 }))
.authType(authType?.applyValue({ args0 -> args0 }))
.backend(backend?.applyValue({ args0 -> args0 }))
.boundAccountIds(boundAccountIds?.applyValue({ args0 -> args0.map({ args0 -> args0 }) }))
.boundAmiIds(boundAmiIds?.applyValue({ args0 -> args0.map({ args0 -> args0 }) }))
.boundEc2InstanceIds(boundEc2InstanceIds?.applyValue({ args0 -> args0.map({ args0 -> args0 }) }))
.boundIamInstanceProfileArns(
boundIamInstanceProfileArns?.applyValue({ args0 ->
args0.map({ args0 ->
args0
})
}),
)
.boundIamPrincipalArns(boundIamPrincipalArns?.applyValue({ args0 -> args0.map({ args0 -> args0 }) }))
.boundIamRoleArns(boundIamRoleArns?.applyValue({ args0 -> args0.map({ args0 -> args0 }) }))
.boundRegions(boundRegions?.applyValue({ args0 -> args0.map({ args0 -> args0 }) }))
.boundSubnetIds(boundSubnetIds?.applyValue({ args0 -> args0.map({ args0 -> args0 }) }))
.boundVpcIds(boundVpcIds?.applyValue({ args0 -> args0.map({ args0 -> args0 }) }))
.disallowReauthentication(disallowReauthentication?.applyValue({ args0 -> args0 }))
.inferredAwsRegion(inferredAwsRegion?.applyValue({ args0 -> args0 }))
.inferredEntityType(inferredEntityType?.applyValue({ args0 -> args0 }))
.namespace(namespace?.applyValue({ args0 -> args0 }))
.resolveAwsUniqueIds(resolveAwsUniqueIds?.applyValue({ args0 -> args0 }))
.role(role?.applyValue({ args0 -> args0 }))
.roleTag(roleTag?.applyValue({ args0 -> args0 }))
.tokenBoundCidrs(tokenBoundCidrs?.applyValue({ args0 -> args0.map({ args0 -> args0 }) }))
.tokenExplicitMaxTtl(tokenExplicitMaxTtl?.applyValue({ args0 -> args0 }))
.tokenMaxTtl(tokenMaxTtl?.applyValue({ args0 -> args0 }))
.tokenNoDefaultPolicy(tokenNoDefaultPolicy?.applyValue({ args0 -> args0 }))
.tokenNumUses(tokenNumUses?.applyValue({ args0 -> args0 }))
.tokenPeriod(tokenPeriod?.applyValue({ args0 -> args0 }))
.tokenPolicies(tokenPolicies?.applyValue({ args0 -> args0.map({ args0 -> args0 }) }))
.tokenTtl(tokenTtl?.applyValue({ args0 -> args0 }))
.tokenType(tokenType?.applyValue({ args0 -> args0 })).build()
}
/**
* Builder for [AuthBackendRoleArgs].
*/
@PulumiTagMarker
public class AuthBackendRoleArgsBuilder internal constructor() {
private var allowInstanceMigration: Output? = null
private var authType: Output? = null
private var backend: Output? = null
private var boundAccountIds: Output>? = null
private var boundAmiIds: Output>? = null
private var boundEc2InstanceIds: Output>? = null
private var boundIamInstanceProfileArns: Output>? = null
private var boundIamPrincipalArns: Output>? = null
private var boundIamRoleArns: Output>? = null
private var boundRegions: Output>? = null
private var boundSubnetIds: Output>? = null
private var boundVpcIds: Output>? = null
private var disallowReauthentication: Output? = null
private var inferredAwsRegion: Output? = null
private var inferredEntityType: Output? = null
private var namespace: Output? = null
private var resolveAwsUniqueIds: Output? = null
private var role: Output? = null
private var roleTag: Output? = null
private var tokenBoundCidrs: Output>? = null
private var tokenExplicitMaxTtl: Output? = null
private var tokenMaxTtl: Output? = null
private var tokenNoDefaultPolicy: Output? = null
private var tokenNumUses: Output? = null
private var tokenPeriod: Output? = null
private var tokenPolicies: Output>? = null
private var tokenTtl: Output? = null
private var tokenType: Output? = null
/**
* @param value If set to `true`, allows migration of
* the underlying instance where the client resides.
*/
@JvmName("pdieigdhyahvtrtj")
public suspend fun allowInstanceMigration(`value`: Output) {
this.allowInstanceMigration = value
}
/**
* @param value The auth type permitted for this role. Valid choices
* are `ec2` and `iam`. Defaults to `iam`.
*/
@JvmName("ssyywuiekpmvmfwf")
public suspend fun authType(`value`: Output) {
this.authType = value
}
/**
* @param value Path to the mounted aws auth backend.
*/
@JvmName("gnbcslsexftmyaxq")
public suspend fun backend(`value`: Output) {
this.backend = value
}
/**
* @param value If set, defines a constraint on the EC2
* instances that can perform the login operation that they should be using the
* account ID specified by this field. `auth_type` must be set to `ec2` or
* `inferred_entity_type` must be set to `ec2_instance` to use this constraint.
*/
@JvmName("miepbyjarmgmcaxv")
public suspend fun boundAccountIds(`value`: Output>) {
this.boundAccountIds = value
}
@JvmName("pjasrjcyaqptapyu")
public suspend fun boundAccountIds(vararg values: Output) {
this.boundAccountIds = Output.all(values.asList())
}
/**
* @param values If set, defines a constraint on the EC2
* instances that can perform the login operation that they should be using the
* account ID specified by this field. `auth_type` must be set to `ec2` or
* `inferred_entity_type` must be set to `ec2_instance` to use this constraint.
*/
@JvmName("wyhjpnkjsgvxuxmv")
public suspend fun boundAccountIds(values: List>) {
this.boundAccountIds = Output.all(values)
}
/**
* @param value If set, defines a constraint on the EC2 instances
* that can perform the login operation that they should be using the AMI ID
* specified by this field. `auth_type` must be set to `ec2` or
* `inferred_entity_type` must be set to `ec2_instance` to use this constraint.
*/
@JvmName("rpmmxnuurldvqdaq")
public suspend fun boundAmiIds(`value`: Output>) {
this.boundAmiIds = value
}
@JvmName("jkcpdptasxumyfof")
public suspend fun boundAmiIds(vararg values: Output) {
this.boundAmiIds = Output.all(values.asList())
}
/**
* @param values If set, defines a constraint on the EC2 instances
* that can perform the login operation that they should be using the AMI ID
* specified by this field. `auth_type` must be set to `ec2` or
* `inferred_entity_type` must be set to `ec2_instance` to use this constraint.
*/
@JvmName("kjlfsrytjxvmrikr")
public suspend fun boundAmiIds(values: List>) {
this.boundAmiIds = Output.all(values)
}
/**
* @param value Only EC2 instances that match this instance ID will be permitted to log in.
*/
@JvmName("bxsrbopnqghifwax")
public suspend fun boundEc2InstanceIds(`value`: Output>) {
this.boundEc2InstanceIds = value
}
@JvmName("fhaoxkswnnmxxgke")
public suspend fun boundEc2InstanceIds(vararg values: Output) {
this.boundEc2InstanceIds = Output.all(values.asList())
}
/**
* @param values Only EC2 instances that match this instance ID will be permitted to log in.
*/
@JvmName("spyrvqkvdowwjsxq")
public suspend fun boundEc2InstanceIds(values: List>) {
this.boundEc2InstanceIds = Output.all(values)
}
/**
* @param value If set, defines a constraint on
* the EC2 instances that can perform the login operation that they must be
* associated with an IAM instance profile ARN which has a prefix that matches
* the value specified by this field. The value is prefix-matched as though it
* were a glob ending in `*`. `auth_type` must be set to `ec2` or
* `inferred_entity_type` must be set to `ec2_instance` to use this constraint.
*/
@JvmName("ryfqyugvlpesjhsm")
public suspend fun boundIamInstanceProfileArns(`value`: Output>) {
this.boundIamInstanceProfileArns = value
}
@JvmName("iwmknirwdvhvxyql")
public suspend fun boundIamInstanceProfileArns(vararg values: Output) {
this.boundIamInstanceProfileArns = Output.all(values.asList())
}
/**
* @param values If set, defines a constraint on
* the EC2 instances that can perform the login operation that they must be
* associated with an IAM instance profile ARN which has a prefix that matches
* the value specified by this field. The value is prefix-matched as though it
* were a glob ending in `*`. `auth_type` must be set to `ec2` or
* `inferred_entity_type` must be set to `ec2_instance` to use this constraint.
*/
@JvmName("utgnclytilbwxdet")
public suspend fun boundIamInstanceProfileArns(values: List>) {
this.boundIamInstanceProfileArns = Output.all(values)
}
/**
* @param value If set, defines the IAM principal that
* must be authenticated when `auth_type` is set to `iam`. Wildcards are
* supported at the end of the ARN.
*/
@JvmName("tghmuvbupbseopkq")
public suspend fun boundIamPrincipalArns(`value`: Output>) {
this.boundIamPrincipalArns = value
}
@JvmName("dubfjajpvgpmqioe")
public suspend fun boundIamPrincipalArns(vararg values: Output) {
this.boundIamPrincipalArns = Output.all(values.asList())
}
/**
* @param values If set, defines the IAM principal that
* must be authenticated when `auth_type` is set to `iam`. Wildcards are
* supported at the end of the ARN.
*/
@JvmName("rycrcvctqhwwqsfl")
public suspend fun boundIamPrincipalArns(values: List>) {
this.boundIamPrincipalArns = Output.all(values)
}
/**
* @param value If set, defines a constraint on the EC2
* instances that can perform the login operation that they must match the IAM
* role ARN specified by this field. `auth_type` must be set to `ec2` or
* `inferred_entity_type` must be set to `ec2_instance` to use this constraint.
*/
@JvmName("yaewbrldhkgeadkb")
public suspend fun boundIamRoleArns(`value`: Output>) {
this.boundIamRoleArns = value
}
@JvmName("ybgurcvpwvbtkskt")
public suspend fun boundIamRoleArns(vararg values: Output) {
this.boundIamRoleArns = Output.all(values.asList())
}
/**
* @param values If set, defines a constraint on the EC2
* instances that can perform the login operation that they must match the IAM
* role ARN specified by this field. `auth_type` must be set to `ec2` or
* `inferred_entity_type` must be set to `ec2_instance` to use this constraint.
*/
@JvmName("vdwkkjdabasfnhtj")
public suspend fun boundIamRoleArns(values: List>) {
this.boundIamRoleArns = Output.all(values)
}
/**
* @param value If set, defines a constraint on the EC2 instances
* that can perform the login operation that the region in their identity
* document must match the one specified by this field. `auth_type` must be set
* to `ec2` or `inferred_entity_type` must be set to `ec2_instance` to use this
* constraint.
*/
@JvmName("rvbuhmxkqxmvesgt")
public suspend fun boundRegions(`value`: Output>) {
this.boundRegions = value
}
@JvmName("koqbstkftrwplbpy")
public suspend fun boundRegions(vararg values: Output) {
this.boundRegions = Output.all(values.asList())
}
/**
* @param values If set, defines a constraint on the EC2 instances
* that can perform the login operation that the region in their identity
* document must match the one specified by this field. `auth_type` must be set
* to `ec2` or `inferred_entity_type` must be set to `ec2_instance` to use this
* constraint.
*/
@JvmName("bcafgsaaffenyeav")
public suspend fun boundRegions(values: List>) {
this.boundRegions = Output.all(values)
}
/**
* @param value If set, defines a constraint on the EC2
* instances that can perform the login operation that they be associated with
* the subnet ID that matches the value specified by this field. `auth_type`
* must be set to `ec2` or `inferred_entity_type` must be set to `ec2_instance`
* to use this constraint.
*/
@JvmName("inrkftimmbadhhsg")
public suspend fun boundSubnetIds(`value`: Output>) {
this.boundSubnetIds = value
}
@JvmName("gasuvwsuoteywlht")
public suspend fun boundSubnetIds(vararg values: Output) {
this.boundSubnetIds = Output.all(values.asList())
}
/**
* @param values If set, defines a constraint on the EC2
* instances that can perform the login operation that they be associated with
* the subnet ID that matches the value specified by this field. `auth_type`
* must be set to `ec2` or `inferred_entity_type` must be set to `ec2_instance`
* to use this constraint.
*/
@JvmName("kbtlngormoaavdxj")
public suspend fun boundSubnetIds(values: List>) {
this.boundSubnetIds = Output.all(values)
}
/**
* @param value If set, defines a constraint on the EC2 instances
* that can perform the login operation that they be associated with the VPC ID
* that matches the value specified by this field. `auth_type` must be set to
* `ec2` or `inferred_entity_type` must be set to `ec2_instance` to use this
* constraint.
*/
@JvmName("dntoawffdmpiqyso")
public suspend fun boundVpcIds(`value`: Output>) {
this.boundVpcIds = value
}
@JvmName("mjqpwxvotgbtvrkw")
public suspend fun boundVpcIds(vararg values: Output) {
this.boundVpcIds = Output.all(values.asList())
}
/**
* @param values If set, defines a constraint on the EC2 instances
* that can perform the login operation that they be associated with the VPC ID
* that matches the value specified by this field. `auth_type` must be set to
* `ec2` or `inferred_entity_type` must be set to `ec2_instance` to use this
* constraint.
*/
@JvmName("grjunpbokcdecixi")
public suspend fun boundVpcIds(values: List>) {
this.boundVpcIds = Output.all(values)
}
/**
* @param value IF set to `true`, only allows a
* single token to be granted per instance ID. This can only be set when
* `auth_type` is set to `ec2`.
*/
@JvmName("ubfrficswevtfjea")
public suspend fun disallowReauthentication(`value`: Output) {
this.disallowReauthentication = value
}
/**
* @param value When `inferred_entity_type` is set, this
* is the region to search for the inferred entities. Required if
* `inferred_entity_type` is set. This only applies when `auth_type` is set to
* `iam`.
*/
@JvmName("nbpvkphfgxanatpc")
public suspend fun inferredAwsRegion(`value`: Output) {
this.inferredAwsRegion = value
}
/**
* @param value If set, instructs Vault to turn on
* inferencing. The only valid value is `ec2_instance`, which instructs Vault to
* infer that the role comes from an EC2 instance in an IAM instance profile.
* This only applies when `auth_type` is set to `iam`.
*/
@JvmName("etmuuhatokcappgg")
public suspend fun inferredEntityType(`value`: Output) {
this.inferredEntityType = value
}
/**
* @param value The namespace to provision the resource in.
* The value should not contain leading or trailing forward slashes.
* The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
* *Available only for Vault Enterprise*.
*/
@JvmName("utqxfdcfxxbmhmeu")
public suspend fun namespace(`value`: Output) {
this.namespace = value
}
/**
* @param value Only valid when
* `auth_type` is `iam`. If set to `true`, the `bound_iam_principal_arns` are
* resolved to [AWS Unique
* IDs](http://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html#identifiers-unique-ids)
* for the bound principal ARN. This field is ignored when a
* `bound_iam_principal_arn` ends in a wildcard. Resolving to unique IDs more
* closely mimics the behavior of AWS services in that if an IAM user or role is
* deleted and a new one is recreated with the same name, those new users or
* roles won't get access to roles in Vault that were permissioned to the prior
* principals of the same name. Defaults to `true`.
* Once set to `true`, this cannot be changed to `false` without recreating the role.
*/
@JvmName("ajqytmuqwahhwgpo")
public suspend fun resolveAwsUniqueIds(`value`: Output) {
this.resolveAwsUniqueIds = value
}
/**
* @param value The name of the role.
*/
@JvmName("oyisdhlwxxffdcrj")
public suspend fun role(`value`: Output) {
this.role = value
}
/**
* @param value If set, enable role tags for this role. The value set
* for this field should be the key of the tag on the EC2 instance. `auth_type`
* must be set to `ec2` or `inferred_entity_type` must be set to `ec2_instance`
* to use this constraint.
*/
@JvmName("dyjlftknbxokwjxe")
public suspend fun roleTag(`value`: Output) {
this.roleTag = value
}
/**
* @param value Specifies the blocks of IP addresses which are allowed to use the generated token
*/
@JvmName("vugkteipsehktdpu")
public suspend fun tokenBoundCidrs(`value`: Output>) {
this.tokenBoundCidrs = value
}
@JvmName("ofqilupyuymeslbu")
public suspend fun tokenBoundCidrs(vararg values: Output) {
this.tokenBoundCidrs = Output.all(values.asList())
}
/**
* @param values Specifies the blocks of IP addresses which are allowed to use the generated token
*/
@JvmName("gpceejlmxticbtcv")
public suspend fun tokenBoundCidrs(values: List>) {
this.tokenBoundCidrs = Output.all(values)
}
/**
* @param value Generated Token's Explicit Maximum TTL in seconds
*/
@JvmName("dqceqgegjcjgqvcu")
public suspend fun tokenExplicitMaxTtl(`value`: Output) {
this.tokenExplicitMaxTtl = value
}
/**
* @param value The maximum lifetime of the generated token
*/
@JvmName("bqgkhydqtmeewwkx")
public suspend fun tokenMaxTtl(`value`: Output) {
this.tokenMaxTtl = value
}
/**
* @param value If true, the 'default' policy will not automatically be added to generated tokens
*/
@JvmName("pgmlrdcqegwrfnwv")
public suspend fun tokenNoDefaultPolicy(`value`: Output) {
this.tokenNoDefaultPolicy = value
}
/**
* @param value The maximum number of times a token may be used, a value of zero means unlimited
*/
@JvmName("edgkpgspllsmfmmq")
public suspend fun tokenNumUses(`value`: Output) {
this.tokenNumUses = value
}
/**
* @param value Generated Token's Period
*/
@JvmName("twpobionvmarvkdc")
public suspend fun tokenPeriod(`value`: Output) {
this.tokenPeriod = value
}
/**
* @param value Generated Token's Policies
*/
@JvmName("oqpdeswfhixhiman")
public suspend fun tokenPolicies(`value`: Output>) {
this.tokenPolicies = value
}
@JvmName("aqcewncawoonjvyp")
public suspend fun tokenPolicies(vararg values: Output) {
this.tokenPolicies = Output.all(values.asList())
}
/**
* @param values Generated Token's Policies
*/
@JvmName("xwtficsiamadelmx")
public suspend fun tokenPolicies(values: List>) {
this.tokenPolicies = Output.all(values)
}
/**
* @param value The initial ttl of the token to generate in seconds
*/
@JvmName("kodyqpncxwdygfhj")
public suspend fun tokenTtl(`value`: Output) {
this.tokenTtl = value
}
/**
* @param value The type of token to generate, service or batch
*/
@JvmName("dxurdnvyvwdqucob")
public suspend fun tokenType(`value`: Output) {
this.tokenType = value
}
/**
* @param value If set to `true`, allows migration of
* the underlying instance where the client resides.
*/
@JvmName("sixqvrtvkiaysghe")
public suspend fun allowInstanceMigration(`value`: Boolean?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.allowInstanceMigration = mapped
}
/**
* @param value The auth type permitted for this role. Valid choices
* are `ec2` and `iam`. Defaults to `iam`.
*/
@JvmName("nbvmfkkliqlndhbf")
public suspend fun authType(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.authType = mapped
}
/**
* @param value Path to the mounted aws auth backend.
*/
@JvmName("fhicitmjxoyybukq")
public suspend fun backend(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.backend = mapped
}
/**
* @param value If set, defines a constraint on the EC2
* instances that can perform the login operation that they should be using the
* account ID specified by this field. `auth_type` must be set to `ec2` or
* `inferred_entity_type` must be set to `ec2_instance` to use this constraint.
*/
@JvmName("xkaqmftcgjchwxyk")
public suspend fun boundAccountIds(`value`: List?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.boundAccountIds = mapped
}
/**
* @param values If set, defines a constraint on the EC2
* instances that can perform the login operation that they should be using the
* account ID specified by this field. `auth_type` must be set to `ec2` or
* `inferred_entity_type` must be set to `ec2_instance` to use this constraint.
*/
@JvmName("wlkhtwalsloafhqd")
public suspend fun boundAccountIds(vararg values: String) {
val toBeMapped = values.toList()
val mapped = toBeMapped.let({ args0 -> of(args0) })
this.boundAccountIds = mapped
}
/**
* @param value If set, defines a constraint on the EC2 instances
* that can perform the login operation that they should be using the AMI ID
* specified by this field. `auth_type` must be set to `ec2` or
* `inferred_entity_type` must be set to `ec2_instance` to use this constraint.
*/
@JvmName("tejmkofgxaycpcth")
public suspend fun boundAmiIds(`value`: List?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.boundAmiIds = mapped
}
/**
* @param values If set, defines a constraint on the EC2 instances
* that can perform the login operation that they should be using the AMI ID
* specified by this field. `auth_type` must be set to `ec2` or
* `inferred_entity_type` must be set to `ec2_instance` to use this constraint.
*/
@JvmName("ejobjybxtntibvfy")
public suspend fun boundAmiIds(vararg values: String) {
val toBeMapped = values.toList()
val mapped = toBeMapped.let({ args0 -> of(args0) })
this.boundAmiIds = mapped
}
/**
* @param value Only EC2 instances that match this instance ID will be permitted to log in.
*/
@JvmName("cefaicprtussffsu")
public suspend fun boundEc2InstanceIds(`value`: List?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.boundEc2InstanceIds = mapped
}
/**
* @param values Only EC2 instances that match this instance ID will be permitted to log in.
*/
@JvmName("vumyeccflndhpqgk")
public suspend fun boundEc2InstanceIds(vararg values: String) {
val toBeMapped = values.toList()
val mapped = toBeMapped.let({ args0 -> of(args0) })
this.boundEc2InstanceIds = mapped
}
/**
* @param value If set, defines a constraint on
* the EC2 instances that can perform the login operation that they must be
* associated with an IAM instance profile ARN which has a prefix that matches
* the value specified by this field. The value is prefix-matched as though it
* were a glob ending in `*`. `auth_type` must be set to `ec2` or
* `inferred_entity_type` must be set to `ec2_instance` to use this constraint.
*/
@JvmName("rvoptdqdiiypspxq")
public suspend fun boundIamInstanceProfileArns(`value`: List?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.boundIamInstanceProfileArns = mapped
}
/**
* @param values If set, defines a constraint on
* the EC2 instances that can perform the login operation that they must be
* associated with an IAM instance profile ARN which has a prefix that matches
* the value specified by this field. The value is prefix-matched as though it
* were a glob ending in `*`. `auth_type` must be set to `ec2` or
* `inferred_entity_type` must be set to `ec2_instance` to use this constraint.
*/
@JvmName("opadyfvpmmhrtime")
public suspend fun boundIamInstanceProfileArns(vararg values: String) {
val toBeMapped = values.toList()
val mapped = toBeMapped.let({ args0 -> of(args0) })
this.boundIamInstanceProfileArns = mapped
}
/**
* @param value If set, defines the IAM principal that
* must be authenticated when `auth_type` is set to `iam`. Wildcards are
* supported at the end of the ARN.
*/
@JvmName("sndbgbhmvfqvobjp")
public suspend fun boundIamPrincipalArns(`value`: List?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.boundIamPrincipalArns = mapped
}
/**
* @param values If set, defines the IAM principal that
* must be authenticated when `auth_type` is set to `iam`. Wildcards are
* supported at the end of the ARN.
*/
@JvmName("aogwggreqmwgagxl")
public suspend fun boundIamPrincipalArns(vararg values: String) {
val toBeMapped = values.toList()
val mapped = toBeMapped.let({ args0 -> of(args0) })
this.boundIamPrincipalArns = mapped
}
/**
* @param value If set, defines a constraint on the EC2
* instances that can perform the login operation that they must match the IAM
* role ARN specified by this field. `auth_type` must be set to `ec2` or
* `inferred_entity_type` must be set to `ec2_instance` to use this constraint.
*/
@JvmName("cfdgqhohqongvfms")
public suspend fun boundIamRoleArns(`value`: List?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.boundIamRoleArns = mapped
}
/**
* @param values If set, defines a constraint on the EC2
* instances that can perform the login operation that they must match the IAM
* role ARN specified by this field. `auth_type` must be set to `ec2` or
* `inferred_entity_type` must be set to `ec2_instance` to use this constraint.
*/
@JvmName("lbjjedvocfvysqpe")
public suspend fun boundIamRoleArns(vararg values: String) {
val toBeMapped = values.toList()
val mapped = toBeMapped.let({ args0 -> of(args0) })
this.boundIamRoleArns = mapped
}
/**
* @param value If set, defines a constraint on the EC2 instances
* that can perform the login operation that the region in their identity
* document must match the one specified by this field. `auth_type` must be set
* to `ec2` or `inferred_entity_type` must be set to `ec2_instance` to use this
* constraint.
*/
@JvmName("bcjkpjutncdwyowh")
public suspend fun boundRegions(`value`: List?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.boundRegions = mapped
}
/**
* @param values If set, defines a constraint on the EC2 instances
* that can perform the login operation that the region in their identity
* document must match the one specified by this field. `auth_type` must be set
* to `ec2` or `inferred_entity_type` must be set to `ec2_instance` to use this
* constraint.
*/
@JvmName("fwsefcixuvtrtpeo")
public suspend fun boundRegions(vararg values: String) {
val toBeMapped = values.toList()
val mapped = toBeMapped.let({ args0 -> of(args0) })
this.boundRegions = mapped
}
/**
* @param value If set, defines a constraint on the EC2
* instances that can perform the login operation that they be associated with
* the subnet ID that matches the value specified by this field. `auth_type`
* must be set to `ec2` or `inferred_entity_type` must be set to `ec2_instance`
* to use this constraint.
*/
@JvmName("xacskxcrouwvmaii")
public suspend fun boundSubnetIds(`value`: List?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.boundSubnetIds = mapped
}
/**
* @param values If set, defines a constraint on the EC2
* instances that can perform the login operation that they be associated with
* the subnet ID that matches the value specified by this field. `auth_type`
* must be set to `ec2` or `inferred_entity_type` must be set to `ec2_instance`
* to use this constraint.
*/
@JvmName("gbgifnlvbkwkgjtt")
public suspend fun boundSubnetIds(vararg values: String) {
val toBeMapped = values.toList()
val mapped = toBeMapped.let({ args0 -> of(args0) })
this.boundSubnetIds = mapped
}
/**
* @param value If set, defines a constraint on the EC2 instances
* that can perform the login operation that they be associated with the VPC ID
* that matches the value specified by this field. `auth_type` must be set to
* `ec2` or `inferred_entity_type` must be set to `ec2_instance` to use this
* constraint.
*/
@JvmName("ptvprrakbnwuwaen")
public suspend fun boundVpcIds(`value`: List?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.boundVpcIds = mapped
}
/**
* @param values If set, defines a constraint on the EC2 instances
* that can perform the login operation that they be associated with the VPC ID
* that matches the value specified by this field. `auth_type` must be set to
* `ec2` or `inferred_entity_type` must be set to `ec2_instance` to use this
* constraint.
*/
@JvmName("fbeepvneqhaictxy")
public suspend fun boundVpcIds(vararg values: String) {
val toBeMapped = values.toList()
val mapped = toBeMapped.let({ args0 -> of(args0) })
this.boundVpcIds = mapped
}
/**
* @param value IF set to `true`, only allows a
* single token to be granted per instance ID. This can only be set when
* `auth_type` is set to `ec2`.
*/
@JvmName("vkdhvsgtosqrlnsn")
public suspend fun disallowReauthentication(`value`: Boolean?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.disallowReauthentication = mapped
}
/**
* @param value When `inferred_entity_type` is set, this
* is the region to search for the inferred entities. Required if
* `inferred_entity_type` is set. This only applies when `auth_type` is set to
* `iam`.
*/
@JvmName("nvlduhvhvkawudir")
public suspend fun inferredAwsRegion(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.inferredAwsRegion = mapped
}
/**
* @param value If set, instructs Vault to turn on
* inferencing. The only valid value is `ec2_instance`, which instructs Vault to
* infer that the role comes from an EC2 instance in an IAM instance profile.
* This only applies when `auth_type` is set to `iam`.
*/
@JvmName("mnupomaxhrvmfxyx")
public suspend fun inferredEntityType(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.inferredEntityType = mapped
}
/**
* @param value The namespace to provision the resource in.
* The value should not contain leading or trailing forward slashes.
* The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
* *Available only for Vault Enterprise*.
*/
@JvmName("wpsujxosintmhsmj")
public suspend fun namespace(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.namespace = mapped
}
/**
* @param value Only valid when
* `auth_type` is `iam`. If set to `true`, the `bound_iam_principal_arns` are
* resolved to [AWS Unique
* IDs](http://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html#identifiers-unique-ids)
* for the bound principal ARN. This field is ignored when a
* `bound_iam_principal_arn` ends in a wildcard. Resolving to unique IDs more
* closely mimics the behavior of AWS services in that if an IAM user or role is
* deleted and a new one is recreated with the same name, those new users or
* roles won't get access to roles in Vault that were permissioned to the prior
* principals of the same name. Defaults to `true`.
* Once set to `true`, this cannot be changed to `false` without recreating the role.
*/
@JvmName("wopjhklrtdfikhdo")
public suspend fun resolveAwsUniqueIds(`value`: Boolean?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.resolveAwsUniqueIds = mapped
}
/**
* @param value The name of the role.
*/
@JvmName("bsarfgosjfivjcgu")
public suspend fun role(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.role = mapped
}
/**
* @param value If set, enable role tags for this role. The value set
* for this field should be the key of the tag on the EC2 instance. `auth_type`
* must be set to `ec2` or `inferred_entity_type` must be set to `ec2_instance`
* to use this constraint.
*/
@JvmName("xbfehfkdqkjcgmim")
public suspend fun roleTag(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.roleTag = mapped
}
/**
* @param value Specifies the blocks of IP addresses which are allowed to use the generated token
*/
@JvmName("wprighcjyhaeassd")
public suspend fun tokenBoundCidrs(`value`: List?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.tokenBoundCidrs = mapped
}
/**
* @param values Specifies the blocks of IP addresses which are allowed to use the generated token
*/
@JvmName("dogpigeeniyqfnmi")
public suspend fun tokenBoundCidrs(vararg values: String) {
val toBeMapped = values.toList()
val mapped = toBeMapped.let({ args0 -> of(args0) })
this.tokenBoundCidrs = mapped
}
/**
* @param value Generated Token's Explicit Maximum TTL in seconds
*/
@JvmName("glvptcyrmdnxjhhd")
public suspend fun tokenExplicitMaxTtl(`value`: Int?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.tokenExplicitMaxTtl = mapped
}
/**
* @param value The maximum lifetime of the generated token
*/
@JvmName("fxvtxnxpmbsvhrxe")
public suspend fun tokenMaxTtl(`value`: Int?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.tokenMaxTtl = mapped
}
/**
* @param value If true, the 'default' policy will not automatically be added to generated tokens
*/
@JvmName("pgshhwrcsxvpuvfk")
public suspend fun tokenNoDefaultPolicy(`value`: Boolean?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.tokenNoDefaultPolicy = mapped
}
/**
* @param value The maximum number of times a token may be used, a value of zero means unlimited
*/
@JvmName("ddfuuoocryqxjebb")
public suspend fun tokenNumUses(`value`: Int?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.tokenNumUses = mapped
}
/**
* @param value Generated Token's Period
*/
@JvmName("dcwkgimcwpqdkpop")
public suspend fun tokenPeriod(`value`: Int?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.tokenPeriod = mapped
}
/**
* @param value Generated Token's Policies
*/
@JvmName("uwdxrrjlilldlxic")
public suspend fun tokenPolicies(`value`: List?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.tokenPolicies = mapped
}
/**
* @param values Generated Token's Policies
*/
@JvmName("bposhkbydwwuiqjd")
public suspend fun tokenPolicies(vararg values: String) {
val toBeMapped = values.toList()
val mapped = toBeMapped.let({ args0 -> of(args0) })
this.tokenPolicies = mapped
}
/**
* @param value The initial ttl of the token to generate in seconds
*/
@JvmName("uismrmuxnugfsneu")
public suspend fun tokenTtl(`value`: Int?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.tokenTtl = mapped
}
/**
* @param value The type of token to generate, service or batch
*/
@JvmName("ysttjbxrqimpwwnu")
public suspend fun tokenType(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.tokenType = mapped
}
internal fun build(): AuthBackendRoleArgs = AuthBackendRoleArgs(
allowInstanceMigration = allowInstanceMigration,
authType = authType,
backend = backend,
boundAccountIds = boundAccountIds,
boundAmiIds = boundAmiIds,
boundEc2InstanceIds = boundEc2InstanceIds,
boundIamInstanceProfileArns = boundIamInstanceProfileArns,
boundIamPrincipalArns = boundIamPrincipalArns,
boundIamRoleArns = boundIamRoleArns,
boundRegions = boundRegions,
boundSubnetIds = boundSubnetIds,
boundVpcIds = boundVpcIds,
disallowReauthentication = disallowReauthentication,
inferredAwsRegion = inferredAwsRegion,
inferredEntityType = inferredEntityType,
namespace = namespace,
resolveAwsUniqueIds = resolveAwsUniqueIds,
role = role,
roleTag = roleTag,
tokenBoundCidrs = tokenBoundCidrs,
tokenExplicitMaxTtl = tokenExplicitMaxTtl,
tokenMaxTtl = tokenMaxTtl,
tokenNoDefaultPolicy = tokenNoDefaultPolicy,
tokenNumUses = tokenNumUses,
tokenPeriod = tokenPeriod,
tokenPolicies = tokenPolicies,
tokenTtl = tokenTtl,
tokenType = tokenType,
)
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy