`jwtAuthBackendRole` Submodule

Constructs

JwtAuthBackendRole

Represents a {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/jwt_auth_backend_role vault_jwt_auth_backend_role}.

Initializers

import com.hashicorp.cdktf.providers.vault.jwt_auth_backend_role.JwtAuthBackendRole;

JwtAuthBackendRole.Builder.create(Construct scope, java.lang.String id)
//  .connection(SSHProvisionerConnection)
//  .connection(WinrmProvisionerConnection)
//  .count(java.lang.Number)
//  .count(TerraformCount)
//  .dependsOn(java.util.List<ITerraformDependable>)
//  .forEach(ITerraformIterator)
//  .lifecycle(TerraformResourceLifecycle)
//  .provider(TerraformProvider)
//  .provisioners(java.util.List<FileProvisioner)
//  .provisioners(LocalExecProvisioner)
//  .provisioners(RemoteExecProvisioner>)
    .roleName(java.lang.String)
    .userClaim(java.lang.String)
//  .allowedRedirectUris(java.util.List<java.lang.String>)
//  .backend(java.lang.String)
//  .boundAudiences(java.util.List<java.lang.String>)
//  .boundClaims(java.util.Map<java.lang.String, java.lang.String>)
//  .boundClaimsType(java.lang.String)
//  .boundSubject(java.lang.String)
//  .claimMappings(java.util.Map<java.lang.String, java.lang.String>)
//  .clockSkewLeeway(java.lang.Number)
//  .disableBoundClaimsParsing(java.lang.Boolean)
//  .disableBoundClaimsParsing(IResolvable)
//  .expirationLeeway(java.lang.Number)
//  .groupsClaim(java.lang.String)
//  .id(java.lang.String)
//  .maxAge(java.lang.Number)
//  .namespace(java.lang.String)
//  .notBeforeLeeway(java.lang.Number)
//  .oidcScopes(java.util.List<java.lang.String>)
//  .roleType(java.lang.String)
//  .tokenBoundCidrs(java.util.List<java.lang.String>)
//  .tokenExplicitMaxTtl(java.lang.Number)
//  .tokenMaxTtl(java.lang.Number)
//  .tokenNoDefaultPolicy(java.lang.Boolean)
//  .tokenNoDefaultPolicy(IResolvable)
//  .tokenNumUses(java.lang.Number)
//  .tokenPeriod(java.lang.Number)
//  .tokenPolicies(java.util.List<java.lang.String>)
//  .tokenTtl(java.lang.Number)
//  .tokenType(java.lang.String)
//  .userClaimJsonPointer(java.lang.Boolean)
//  .userClaimJsonPointer(IResolvable)
//  .verboseOidcLogging(java.lang.Boolean)
//  .verboseOidcLogging(IResolvable)
    .build();

Name	Type	Description
`scope`	`software.constructs.Construct`	The scope in which to define this construct.
`id`	`java.lang.String`	The scoped construct ID.
`connection`	`com.hashicorp.cdktf.SSHProvisionerConnection OR com.hashicorp.cdktf.WinrmProvisionerConnection`	No description.
`count`	`java.lang.Number OR com.hashicorp.cdktf.TerraformCount`	No description.
`dependsOn`	`java.util.List<com.hashicorp.cdktf.ITerraformDependable>`	No description.
`forEach`	`com.hashicorp.cdktf.ITerraformIterator`	No description.
`lifecycle`	`com.hashicorp.cdktf.TerraformResourceLifecycle`	No description.
`provider`	`com.hashicorp.cdktf.TerraformProvider`	No description.
`provisioners`	`java.util.List<com.hashicorp.cdktf.FileProvisioner OR com.hashicorp.cdktf.LocalExecProvisioner OR com.hashicorp.cdktf.RemoteExecProvisioner>`	No description.
`roleName`	`java.lang.String`	Name of the role.
`userClaim`	`java.lang.String`	The claim to use to uniquely identify the user;
`allowedRedirectUris`	`java.util.List<java.lang.String>`	The list of allowed values for redirect_uri during OIDC logins.
`backend`	`java.lang.String`	Unique name of the auth backend to configure.
`boundAudiences`	`java.util.List<java.lang.String>`	List of aud claims to match against. Any match is sufficient.
`boundClaims`	`java.util.Map<java.lang.String, java.lang.String>`	Map of claims/values to match against. The expected value may be a single string or a comma-separated string list.
`boundClaimsType`	`java.lang.String`	How to interpret values in the claims/values map: can be either "string" (exact match) or "glob" (wildcard match).
`boundSubject`	`java.lang.String`	If set, requires that the sub claim matches this value.
`claimMappings`	`java.util.Map<java.lang.String, java.lang.String>`	Map of claims (keys) to be copied to specified metadata fields (values).
`clockSkewLeeway`	`java.lang.Number`	The amount of leeway to add to all claims to account for clock skew, in seconds.
`disableBoundClaimsParsing`	`java.lang.Boolean OR com.hashicorp.cdktf.IResolvable`	Disable bound claim value parsing. Useful when values contain commas.
`expirationLeeway`	`java.lang.Number`	The amount of leeway to add to expiration (exp) claims to account for clock skew, in seconds.
`groupsClaim`	`java.lang.String`	The claim to use to uniquely identify the set of groups to which the user belongs;
`id`	`java.lang.String`	Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/jwt_auth_backend_role#id JwtAuthBackendRole#id}.
`maxAge`	`java.lang.Number`	Specifies the allowable elapsed time in seconds since the last time the user was actively authenticated.
`namespace`	`java.lang.String`	Target namespace. (requires Enterprise).
`notBeforeLeeway`	`java.lang.Number`	The amount of leeway to add to not before (nbf) claims to account for clock skew, in seconds.
`oidcScopes`	`java.util.List<java.lang.String>`	List of OIDC scopes to be used with an OIDC role.
`roleType`	`java.lang.String`	Type of role, either "oidc" (default) or "jwt".
`tokenBoundCidrs`	`java.util.List<java.lang.String>`	Specifies the blocks of IP addresses which are allowed to use the generated token.
`tokenExplicitMaxTtl`	`java.lang.Number`	Generated Token's Explicit Maximum TTL in seconds.
`tokenMaxTtl`	`java.lang.Number`	The maximum lifetime of the generated token.
`tokenNoDefaultPolicy`	`java.lang.Boolean OR com.hashicorp.cdktf.IResolvable`	If true, the 'default' policy will not automatically be added to generated tokens.
`tokenNumUses`	`java.lang.Number`	The maximum number of times a token may be used, a value of zero means unlimited.
`tokenPeriod`	`java.lang.Number`	Generated Token's Period.
`tokenPolicies`	`java.util.List<java.lang.String>`	Generated Token's Policies.
`tokenTtl`	`java.lang.Number`	The initial ttl of the token to generate in seconds.
`tokenType`	`java.lang.String`	The type of token to generate, service or batch.
`userClaimJsonPointer`	`java.lang.Boolean OR com.hashicorp.cdktf.IResolvable`	Specifies if the user_claim value uses JSON pointer syntax for referencing claims.
`verboseOidcLogging`	`java.lang.Boolean OR com.hashicorp.cdktf.IResolvable`	Log received OIDC tokens and claims when debug-level logging is active.

`scope`^Required

Type: software.constructs.Construct

The scope in which to define this construct.

`id`^Required

Type: java.lang.String

The scoped construct ID.

Must be unique amongst siblings in the same scope

`connection`^Optional

Type: com.hashicorp.cdktf.SSHProvisionerConnection OR com.hashicorp.cdktf.WinrmProvisionerConnection

`count`^Optional

Type: java.lang.Number OR com.hashicorp.cdktf.TerraformCount

`dependsOn`^Optional

Type: java.util.List<com.hashicorp.cdktf.ITerraformDependable>

`forEach`^Optional

Type: com.hashicorp.cdktf.ITerraformIterator

`lifecycle`^Optional

Type: com.hashicorp.cdktf.TerraformResourceLifecycle

`provider`^Optional

Type: com.hashicorp.cdktf.TerraformProvider

`provisioners`^Optional

Type: java.util.List<com.hashicorp.cdktf.FileProvisioner OR com.hashicorp.cdktf.LocalExecProvisioner OR com.hashicorp.cdktf.RemoteExecProvisioner>

`roleName`^Required

Type: java.lang.String

Name of the role.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/jwt_auth_backend_role#role_name JwtAuthBackendRole#role_name}

`userClaim`^Required

Type: java.lang.String

The claim to use to uniquely identify the user;

this will be used as the name for the Identity entity alias created due to a successful login.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/jwt_auth_backend_role#user_claim JwtAuthBackendRole#user_claim}

`allowedRedirectUris`^Optional

Type: java.util.List<java.lang.String>

The list of allowed values for redirect_uri during OIDC logins.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/jwt_auth_backend_role#allowed_redirect_uris JwtAuthBackendRole#allowed_redirect_uris}

`backend`^Optional

Type: java.lang.String

Unique name of the auth backend to configure.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/jwt_auth_backend_role#backend JwtAuthBackendRole#backend}

`boundAudiences`^Optional

Type: java.util.List<java.lang.String>

List of aud claims to match against. Any match is sufficient.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/jwt_auth_backend_role#bound_audiences JwtAuthBackendRole#bound_audiences}

`boundClaims`^Optional

Type: java.util.Map<java.lang.String, java.lang.String>

Map of claims/values to match against. The expected value may be a single string or a comma-separated string list.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/jwt_auth_backend_role#bound_claims JwtAuthBackendRole#bound_claims}

`boundClaimsType`^Optional

Type: java.lang.String

How to interpret values in the claims/values map: can be either "string" (exact match) or "glob" (wildcard match).

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/jwt_auth_backend_role#bound_claims_type JwtAuthBackendRole#bound_claims_type}

`boundSubject`^Optional

Type: java.lang.String

If set, requires that the sub claim matches this value.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/jwt_auth_backend_role#bound_subject JwtAuthBackendRole#bound_subject}

`claimMappings`^Optional

Type: java.util.Map<java.lang.String, java.lang.String>

Map of claims (keys) to be copied to specified metadata fields (values).

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/jwt_auth_backend_role#claim_mappings JwtAuthBackendRole#claim_mappings}

`clockSkewLeeway`^Optional

Type: java.lang.Number

The amount of leeway to add to all claims to account for clock skew, in seconds.

Defaults to 60 seconds if set to 0 and can be disabled if set to -1. Only applicable with 'jwt' roles.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/jwt_auth_backend_role#clock_skew_leeway JwtAuthBackendRole#clock_skew_leeway}

`disableBoundClaimsParsing`^Optional

Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

Disable bound claim value parsing. Useful when values contain commas.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/jwt_auth_backend_role#disable_bound_claims_parsing JwtAuthBackendRole#disable_bound_claims_parsing}

`expirationLeeway`^Optional

Type: java.lang.Number

The amount of leeway to add to expiration (exp) claims to account for clock skew, in seconds.

Defaults to 150 seconds if set to 0 and can be disabled if set to -1. Only applicable with 'jwt' roles.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/jwt_auth_backend_role#expiration_leeway JwtAuthBackendRole#expiration_leeway}

`groupsClaim`^Optional

Type: java.lang.String

The claim to use to uniquely identify the set of groups to which the user belongs;

this will be used as the names for the Identity group aliases created due to a successful login. The claim value must be a list of strings.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/jwt_auth_backend_role#groups_claim JwtAuthBackendRole#groups_claim}

`id`^Optional

Type: java.lang.String

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/jwt_auth_backend_role#id JwtAuthBackendRole#id}.

Please be aware that the id field is automatically added to all resources in Terraform providers using a Terraform provider SDK version below 2. If you experience problems setting this value it might not be settable. Please take a look at the provider documentation to ensure it should be settable.

`maxAge`^Optional

Type: java.lang.Number

Specifies the allowable elapsed time in seconds since the last time the user was actively authenticated.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/jwt_auth_backend_role#max_age JwtAuthBackendRole#max_age}

`namespace`^Optional

Type: java.lang.String

Target namespace. (requires Enterprise).

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/jwt_auth_backend_role#namespace JwtAuthBackendRole#namespace}

`notBeforeLeeway`^Optional

Type: java.lang.Number

The amount of leeway to add to not before (nbf) claims to account for clock skew, in seconds.

Defaults to 150 seconds if set to 0 and can be disabled if set to -1. Only applicable with 'jwt' roles.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/jwt_auth_backend_role#not_before_leeway JwtAuthBackendRole#not_before_leeway}

`oidcScopes`^Optional

Type: java.util.List<java.lang.String>

List of OIDC scopes to be used with an OIDC role.

The standard scope "openid" is automatically included and need not be specified.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/jwt_auth_backend_role#oidc_scopes JwtAuthBackendRole#oidc_scopes}

`roleType`^Optional

Type: java.lang.String

Type of role, either "oidc" (default) or "jwt".

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/jwt_auth_backend_role#role_type JwtAuthBackendRole#role_type}

`tokenBoundCidrs`^Optional

Type: java.util.List<java.lang.String>

Specifies the blocks of IP addresses which are allowed to use the generated token.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/jwt_auth_backend_role#token_bound_cidrs JwtAuthBackendRole#token_bound_cidrs}

`tokenExplicitMaxTtl`^Optional

Type: java.lang.Number

Generated Token's Explicit Maximum TTL in seconds.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/jwt_auth_backend_role#token_explicit_max_ttl JwtAuthBackendRole#token_explicit_max_ttl}

`tokenMaxTtl`^Optional

Type: java.lang.Number

The maximum lifetime of the generated token.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/jwt_auth_backend_role#token_max_ttl JwtAuthBackendRole#token_max_ttl}

`tokenNoDefaultPolicy`^Optional

Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

If true, the 'default' policy will not automatically be added to generated tokens.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/jwt_auth_backend_role#token_no_default_policy JwtAuthBackendRole#token_no_default_policy}

`tokenNumUses`^Optional

Type: java.lang.Number

The maximum number of times a token may be used, a value of zero means unlimited.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/jwt_auth_backend_role#token_num_uses JwtAuthBackendRole#token_num_uses}

`tokenPeriod`^Optional

Type: java.lang.Number

Generated Token's Period.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/jwt_auth_backend_role#token_period JwtAuthBackendRole#token_period}

`tokenPolicies`^Optional

Type: java.util.List<java.lang.String>

Generated Token's Policies.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/jwt_auth_backend_role#token_policies JwtAuthBackendRole#token_policies}

`tokenTtl`^Optional

Type: java.lang.Number

The initial ttl of the token to generate in seconds.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/jwt_auth_backend_role#token_ttl JwtAuthBackendRole#token_ttl}

`tokenType`^Optional

Type: java.lang.String

The type of token to generate, service or batch.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/jwt_auth_backend_role#token_type JwtAuthBackendRole#token_type}

`userClaimJsonPointer`^Optional

Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

Specifies if the user_claim value uses JSON pointer syntax for referencing claims.

By default, the user_claim value will not use JSON pointer.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/jwt_auth_backend_role#user_claim_json_pointer JwtAuthBackendRole#user_claim_json_pointer}

`verboseOidcLogging`^Optional

Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

Log received OIDC tokens and claims when debug-level logging is active.

Not recommended in production since sensitive information may be present in OIDC responses.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/jwt_auth_backend_role#verbose_oidc_logging JwtAuthBackendRole#verbose_oidc_logging}

Methods

Name	Description
`toString`	Returns a string representation of this construct.
`addOverride`	No description.
`overrideLogicalId`	Overrides the auto-generated logical ID with a specific ID.
`resetOverrideLogicalId`	Resets a previously passed logical Id to use the auto-generated logical id again.
`toHclTerraform`	No description.
`toMetadata`	No description.
`toTerraform`	Adds this resource to the terraform JSON output.
`addMoveTarget`	Adds a user defined moveTarget string to this resource to be later used in .moveTo(moveTarget) to resolve the location of the move.
`getAnyMapAttribute`	No description.
`getBooleanAttribute`	No description.
`getBooleanMapAttribute`	No description.
`getListAttribute`	No description.
`getNumberAttribute`	No description.
`getNumberListAttribute`	No description.
`getNumberMapAttribute`	No description.
`getStringAttribute`	No description.
`getStringMapAttribute`	No description.
`hasResourceMove`	No description.
`importFrom`	No description.
`interpolationForAttribute`	No description.
`moveFromId`	Move the resource corresponding to "id" to this resource.
`moveTo`	Moves this resource to the target resource given by moveTarget.
`moveToId`	Moves this resource to the resource corresponding to "id".
`resetAllowedRedirectUris`	No description.
`resetBackend`	No description.
`resetBoundAudiences`	No description.
`resetBoundClaims`	No description.
`resetBoundClaimsType`	No description.
`resetBoundSubject`	No description.
`resetClaimMappings`	No description.
`resetClockSkewLeeway`	No description.
`resetDisableBoundClaimsParsing`	No description.
`resetExpirationLeeway`	No description.
`resetGroupsClaim`	No description.
`resetId`	No description.
`resetMaxAge`	No description.
`resetNamespace`	No description.
`resetNotBeforeLeeway`	No description.
`resetOidcScopes`	No description.
`resetRoleType`	No description.
`resetTokenBoundCidrs`	No description.
`resetTokenExplicitMaxTtl`	No description.
`resetTokenMaxTtl`	No description.
`resetTokenNoDefaultPolicy`	No description.
`resetTokenNumUses`	No description.
`resetTokenPeriod`	No description.
`resetTokenPolicies`	No description.
`resetTokenTtl`	No description.
`resetTokenType`	No description.
`resetUserClaimJsonPointer`	No description.
`resetVerboseOidcLogging`	No description.

`toString`

public java.lang.String toString()

Returns a string representation of this construct.

`addOverride`

public void addOverride(java.lang.String path, java.lang.Object value)

`path`^Required

Type: java.lang.String

`value`^Required

Type: java.lang.Object

`overrideLogicalId`

public void overrideLogicalId(java.lang.String newLogicalId)

Overrides the auto-generated logical ID with a specific ID.

`newLogicalId`^Required

Type: java.lang.String

The new logical ID to use for this stack element.

`resetOverrideLogicalId`

public void resetOverrideLogicalId()

Resets a previously passed logical Id to use the auto-generated logical id again.

`toHclTerraform`

public java.lang.Object toHclTerraform()

`toMetadata`

public java.lang.Object toMetadata()

`toTerraform`

public java.lang.Object toTerraform()

Adds this resource to the terraform JSON output.

`addMoveTarget`

public void addMoveTarget(java.lang.String moveTarget)

Adds a user defined moveTarget string to this resource to be later used in .moveTo(moveTarget) to resolve the location of the move.

`moveTarget`^Required

Type: java.lang.String

The string move target that will correspond to this resource.

`getAnyMapAttribute`

public java.util.Map<java.lang.String, java.lang.Object> getAnyMapAttribute(java.lang.String terraformAttribute)

`terraformAttribute`^Required

Type: java.lang.String

`getBooleanAttribute`

public IResolvable getBooleanAttribute(java.lang.String terraformAttribute)

`terraformAttribute`^Required

Type: java.lang.String

`getBooleanMapAttribute`

public java.util.Map<java.lang.String, java.lang.Boolean> getBooleanMapAttribute(java.lang.String terraformAttribute)

`terraformAttribute`^Required

Type: java.lang.String

`getListAttribute`

public java.util.List<java.lang.String> getListAttribute(java.lang.String terraformAttribute)

`terraformAttribute`^Required

Type: java.lang.String

`getNumberAttribute`

public java.lang.Number getNumberAttribute(java.lang.String terraformAttribute)

`terraformAttribute`^Required

Type: java.lang.String

`getNumberListAttribute`

public java.util.List<java.lang.Number> getNumberListAttribute(java.lang.String terraformAttribute)

`terraformAttribute`^Required

Type: java.lang.String

`getNumberMapAttribute`

public java.util.Map<java.lang.String, java.lang.Number> getNumberMapAttribute(java.lang.String terraformAttribute)

`terraformAttribute`^Required

Type: java.lang.String

`getStringAttribute`

public java.lang.String getStringAttribute(java.lang.String terraformAttribute)

`terraformAttribute`^Required

Type: java.lang.String

`getStringMapAttribute`

public java.util.Map<java.lang.String, java.lang.String> getStringMapAttribute(java.lang.String terraformAttribute)

`terraformAttribute`^Required

Type: java.lang.String

`hasResourceMove`

public TerraformResourceMoveByTarget OR TerraformResourceMoveById hasResourceMove()

`importFrom`

public void importFrom(java.lang.String id)
public void importFrom(java.lang.String id, TerraformProvider provider)

`id`^Required

Type: java.lang.String

`provider`^Optional

Type: com.hashicorp.cdktf.TerraformProvider

`interpolationForAttribute`

public IResolvable interpolationForAttribute(java.lang.String terraformAttribute)

`terraformAttribute`^Required

Type: java.lang.String

`moveFromId`

public void moveFromId(java.lang.String id)

Move the resource corresponding to "id" to this resource.

Note that the resource being moved from must be marked as moved using it's instance function.

`id`^Required

Type: java.lang.String

Full id of resource being moved from, e.g. "aws_s3_bucket.example".

`moveTo`

public void moveTo(java.lang.String moveTarget)
public void moveTo(java.lang.String moveTarget, java.lang.String OR java.lang.Number index)

Moves this resource to the target resource given by moveTarget.

`moveTarget`^Required

Type: java.lang.String

The previously set user defined string set by .addMoveTarget() corresponding to the resource to move to.

`index`^Optional

Type: java.lang.String OR java.lang.Number

Optional The index corresponding to the key the resource is to appear in the foreach of a resource to move to.

`moveToId`

public void moveToId(java.lang.String id)

Moves this resource to the resource corresponding to "id".

`id`^Required

Type: java.lang.String

Full id of resource to move to, e.g. "aws_s3_bucket.example".

`resetAllowedRedirectUris`

public void resetAllowedRedirectUris()

`resetBackend`

public void resetBackend()

`resetBoundAudiences`

public void resetBoundAudiences()

`resetBoundClaims`

public void resetBoundClaims()

`resetBoundClaimsType`

public void resetBoundClaimsType()

`resetBoundSubject`

public void resetBoundSubject()

`resetClaimMappings`

public void resetClaimMappings()

`resetClockSkewLeeway`

public void resetClockSkewLeeway()

`resetDisableBoundClaimsParsing`

public void resetDisableBoundClaimsParsing()

`resetExpirationLeeway`

public void resetExpirationLeeway()

`resetGroupsClaim`

public void resetGroupsClaim()

`resetId`

public void resetId()

`resetMaxAge`

public void resetMaxAge()

`resetNamespace`

public void resetNamespace()

`resetNotBeforeLeeway`

public void resetNotBeforeLeeway()

`resetOidcScopes`

public void resetOidcScopes()

`resetRoleType`

public void resetRoleType()

`resetTokenBoundCidrs`

public void resetTokenBoundCidrs()

`resetTokenExplicitMaxTtl`

public void resetTokenExplicitMaxTtl()

`resetTokenMaxTtl`

public void resetTokenMaxTtl()

`resetTokenNoDefaultPolicy`

public void resetTokenNoDefaultPolicy()

`resetTokenNumUses`

public void resetTokenNumUses()

`resetTokenPeriod`

public void resetTokenPeriod()

`resetTokenPolicies`

public void resetTokenPolicies()

`resetTokenTtl`

public void resetTokenTtl()

`resetTokenType`

public void resetTokenType()

`resetUserClaimJsonPointer`

public void resetUserClaimJsonPointer()

`resetVerboseOidcLogging`

public void resetVerboseOidcLogging()

Static Functions

Name	Description
`isConstruct`	Checks if `x` is a construct.
`isTerraformElement`	No description.
`isTerraformResource`	No description.
`generateConfigForImport`	Generates CDKTF code for importing a JwtAuthBackendRole resource upon running "cdktf plan ".

`isConstruct`

import com.hashicorp.cdktf.providers.vault.jwt_auth_backend_role.JwtAuthBackendRole;

JwtAuthBackendRole.isConstruct(java.lang.Object x)

Checks if x is a construct.

Use this method instead of instanceof to properly detect Construct instances, even when the construct library is symlinked.

Explanation: in JavaScript, multiple copies of the constructs library on disk are seen as independent, completely different libraries. As a consequence, the class Construct in each copy of the constructs library is seen as a different class, and an instance of one class will not test as instanceof the other class. npm install will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the constructs library can be accidentally installed, and instanceof will behave unpredictably. It is safest to avoid using instanceof, and using this type-testing method instead.

`x`^Required

Type: java.lang.Object

Any object.

`isTerraformElement`

import com.hashicorp.cdktf.providers.vault.jwt_auth_backend_role.JwtAuthBackendRole;

JwtAuthBackendRole.isTerraformElement(java.lang.Object x)

`x`^Required

Type: java.lang.Object

`isTerraformResource`

import com.hashicorp.cdktf.providers.vault.jwt_auth_backend_role.JwtAuthBackendRole;

JwtAuthBackendRole.isTerraformResource(java.lang.Object x)

`x`^Required

Type: java.lang.Object

`generateConfigForImport`

import com.hashicorp.cdktf.providers.vault.jwt_auth_backend_role.JwtAuthBackendRole;

JwtAuthBackendRole.generateConfigForImport(Construct scope, java.lang.String importToId, java.lang.String importFromId),JwtAuthBackendRole.generateConfigForImport(Construct scope, java.lang.String importToId, java.lang.String importFromId, TerraformProvider provider)

Generates CDKTF code for importing a JwtAuthBackendRole resource upon running "cdktf plan ".

`scope`^Required

Type: software.constructs.Construct

The scope in which to define this construct.

`importToId`^Required

Type: java.lang.String

The construct id used in the generated config for the JwtAuthBackendRole to import.

`importFromId`^Required

Type: java.lang.String

The id of the existing JwtAuthBackendRole that should be imported.

Refer to the {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/jwt_auth_backend_role#import import section} in the documentation of this resource for the id to use

`provider`^Optional

Type: com.hashicorp.cdktf.TerraformProvider

? Optional instance of the provider where the JwtAuthBackendRole to import is found.

Properties

Name	Type	Description
`node`	`software.constructs.Node`	The tree node.
`cdktfStack`	`com.hashicorp.cdktf.TerraformStack`	No description.
`fqn`	`java.lang.String`	No description.
`friendlyUniqueId`	`java.lang.String`	No description.
`terraformMetaArguments`	`java.util.Map<java.lang.String, java.lang.Object>`	No description.
`terraformResourceType`	`java.lang.String`	No description.
`terraformGeneratorMetadata`	`com.hashicorp.cdktf.TerraformProviderGeneratorMetadata`	No description.
`connection`	`com.hashicorp.cdktf.SSHProvisionerConnection OR com.hashicorp.cdktf.WinrmProvisionerConnection`	No description.
`count`	`java.lang.Number OR com.hashicorp.cdktf.TerraformCount`	No description.
`dependsOn`	`java.util.List<java.lang.String>`	No description.
`forEach`	`com.hashicorp.cdktf.ITerraformIterator`	No description.
`lifecycle`	`com.hashicorp.cdktf.TerraformResourceLifecycle`	No description.
`provider`	`com.hashicorp.cdktf.TerraformProvider`	No description.
`provisioners`	`java.util.List<com.hashicorp.cdktf.FileProvisioner OR com.hashicorp.cdktf.LocalExecProvisioner OR com.hashicorp.cdktf.RemoteExecProvisioner>`	No description.
`allowedRedirectUrisInput`	`java.util.List<java.lang.String>`	No description.
`backendInput`	`java.lang.String`	No description.
`boundAudiencesInput`	`java.util.List<java.lang.String>`	No description.
`boundClaimsInput`	`java.util.Map<java.lang.String, java.lang.String>`	No description.
`boundClaimsTypeInput`	`java.lang.String`	No description.
`boundSubjectInput`	`java.lang.String`	No description.
`claimMappingsInput`	`java.util.Map<java.lang.String, java.lang.String>`	No description.
`clockSkewLeewayInput`	`java.lang.Number`	No description.
`disableBoundClaimsParsingInput`	`java.lang.Boolean OR com.hashicorp.cdktf.IResolvable`	No description.
`expirationLeewayInput`	`java.lang.Number`	No description.
`groupsClaimInput`	`java.lang.String`	No description.
`idInput`	`java.lang.String`	No description.
`maxAgeInput`	`java.lang.Number`	No description.
`namespaceInput`	`java.lang.String`	No description.
`notBeforeLeewayInput`	`java.lang.Number`	No description.
`oidcScopesInput`	`java.util.List<java.lang.String>`	No description.
`roleNameInput`	`java.lang.String`	No description.
`roleTypeInput`	`java.lang.String`	No description.
`tokenBoundCidrsInput`	`java.util.List<java.lang.String>`	No description.
`tokenExplicitMaxTtlInput`	`java.lang.Number`	No description.
`tokenMaxTtlInput`	`java.lang.Number`	No description.
`tokenNoDefaultPolicyInput`	`java.lang.Boolean OR com.hashicorp.cdktf.IResolvable`	No description.
`tokenNumUsesInput`	`java.lang.Number`	No description.
`tokenPeriodInput`	`java.lang.Number`	No description.
`tokenPoliciesInput`	`java.util.List<java.lang.String>`	No description.
`tokenTtlInput`	`java.lang.Number`	No description.
`tokenTypeInput`	`java.lang.String`	No description.
`userClaimInput`	`java.lang.String`	No description.
`userClaimJsonPointerInput`	`java.lang.Boolean OR com.hashicorp.cdktf.IResolvable`	No description.
`verboseOidcLoggingInput`	`java.lang.Boolean OR com.hashicorp.cdktf.IResolvable`	No description.
`allowedRedirectUris`	`java.util.List<java.lang.String>`	No description.
`backend`	`java.lang.String`	No description.
`boundAudiences`	`java.util.List<java.lang.String>`	No description.
`boundClaims`	`java.util.Map<java.lang.String, java.lang.String>`	No description.
`boundClaimsType`	`java.lang.String`	No description.
`boundSubject`	`java.lang.String`	No description.
`claimMappings`	`java.util.Map<java.lang.String, java.lang.String>`	No description.
`clockSkewLeeway`	`java.lang.Number`	No description.
`disableBoundClaimsParsing`	`java.lang.Boolean OR com.hashicorp.cdktf.IResolvable`	No description.
`expirationLeeway`	`java.lang.Number`	No description.
`groupsClaim`	`java.lang.String`	No description.
`id`	`java.lang.String`	No description.
`maxAge`	`java.lang.Number`	No description.
`namespace`	`java.lang.String`	No description.
`notBeforeLeeway`	`java.lang.Number`	No description.
`oidcScopes`	`java.util.List<java.lang.String>`	No description.
`roleName`	`java.lang.String`	No description.
`roleType`	`java.lang.String`	No description.
`tokenBoundCidrs`	`java.util.List<java.lang.String>`	No description.
`tokenExplicitMaxTtl`	`java.lang.Number`	No description.
`tokenMaxTtl`	`java.lang.Number`	No description.
`tokenNoDefaultPolicy`	`java.lang.Boolean OR com.hashicorp.cdktf.IResolvable`	No description.
`tokenNumUses`	`java.lang.Number`	No description.
`tokenPeriod`	`java.lang.Number`	No description.
`tokenPolicies`	`java.util.List<java.lang.String>`	No description.
`tokenTtl`	`java.lang.Number`	No description.
`tokenType`	`java.lang.String`	No description.
`userClaim`	`java.lang.String`	No description.
`userClaimJsonPointer`	`java.lang.Boolean OR com.hashicorp.cdktf.IResolvable`	No description.
`verboseOidcLogging`	`java.lang.Boolean OR com.hashicorp.cdktf.IResolvable`	No description.

`node`^Required

public Node getNode();

Type: software.constructs.Node

The tree node.

`cdktfStack`^Required

public TerraformStack getCdktfStack();

Type: com.hashicorp.cdktf.TerraformStack

`fqn`^Required

public java.lang.String getFqn();

Type: java.lang.String

`friendlyUniqueId`^Required

public java.lang.String getFriendlyUniqueId();

Type: java.lang.String

`terraformMetaArguments`^Required

public java.util.Map<java.lang.String, java.lang.Object> getTerraformMetaArguments();

Type: java.util.Map<java.lang.String, java.lang.Object>

`terraformResourceType`^Required

public java.lang.String getTerraformResourceType();

Type: java.lang.String

`terraformGeneratorMetadata`^Optional

public TerraformProviderGeneratorMetadata getTerraformGeneratorMetadata();

Type: com.hashicorp.cdktf.TerraformProviderGeneratorMetadata

`connection`^Optional

public java.lang.Object getConnection();

Type: com.hashicorp.cdktf.SSHProvisionerConnection OR com.hashicorp.cdktf.WinrmProvisionerConnection

`count`^Optional

public java.lang.Object getCount();

Type: java.lang.Number OR com.hashicorp.cdktf.TerraformCount

`dependsOn`^Optional

public java.util.List<java.lang.String> getDependsOn();

Type: java.util.List<java.lang.String>

`forEach`^Optional

public ITerraformIterator getForEach();

Type: com.hashicorp.cdktf.ITerraformIterator

`lifecycle`^Optional

public TerraformResourceLifecycle getLifecycle();

Type: com.hashicorp.cdktf.TerraformResourceLifecycle

`provider`^Optional

public TerraformProvider getProvider();

Type: com.hashicorp.cdktf.TerraformProvider

`provisioners`^Optional

public java.lang.Object getProvisioners();

Type: java.util.List<com.hashicorp.cdktf.FileProvisioner OR com.hashicorp.cdktf.LocalExecProvisioner OR com.hashicorp.cdktf.RemoteExecProvisioner>

`allowedRedirectUrisInput`^Optional

public java.util.List<java.lang.String> getAllowedRedirectUrisInput();

Type: java.util.List<java.lang.String>

`backendInput`^Optional

public java.lang.String getBackendInput();

Type: java.lang.String

`boundAudiencesInput`^Optional

public java.util.List<java.lang.String> getBoundAudiencesInput();

Type: java.util.List<java.lang.String>

`boundClaimsInput`^Optional

public java.util.Map<java.lang.String, java.lang.String> getBoundClaimsInput();

Type: java.util.Map<java.lang.String, java.lang.String>

`boundClaimsTypeInput`^Optional

public java.lang.String getBoundClaimsTypeInput();

Type: java.lang.String

`boundSubjectInput`^Optional

public java.lang.String getBoundSubjectInput();

Type: java.lang.String

`claimMappingsInput`^Optional

public java.util.Map<java.lang.String, java.lang.String> getClaimMappingsInput();

Type: java.util.Map<java.lang.String, java.lang.String>

`clockSkewLeewayInput`^Optional

public java.lang.Number getClockSkewLeewayInput();

Type: java.lang.Number

`disableBoundClaimsParsingInput`^Optional

public java.lang.Object getDisableBoundClaimsParsingInput();

Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

`expirationLeewayInput`^Optional

public java.lang.Number getExpirationLeewayInput();

Type: java.lang.Number

`groupsClaimInput`^Optional

public java.lang.String getGroupsClaimInput();

Type: java.lang.String

`idInput`^Optional

public java.lang.String getIdInput();

Type: java.lang.String

`maxAgeInput`^Optional

public java.lang.Number getMaxAgeInput();

Type: java.lang.Number

`namespaceInput`^Optional

public java.lang.String getNamespaceInput();

Type: java.lang.String

`notBeforeLeewayInput`^Optional

public java.lang.Number getNotBeforeLeewayInput();

Type: java.lang.Number

`oidcScopesInput`^Optional

public java.util.List<java.lang.String> getOidcScopesInput();

Type: java.util.List<java.lang.String>

`roleNameInput`^Optional

public java.lang.String getRoleNameInput();

Type: java.lang.String

`roleTypeInput`^Optional

public java.lang.String getRoleTypeInput();

Type: java.lang.String

`tokenBoundCidrsInput`^Optional

public java.util.List<java.lang.String> getTokenBoundCidrsInput();

Type: java.util.List<java.lang.String>

`tokenExplicitMaxTtlInput`^Optional

public java.lang.Number getTokenExplicitMaxTtlInput();

Type: java.lang.Number

`tokenMaxTtlInput`^Optional

public java.lang.Number getTokenMaxTtlInput();

Type: java.lang.Number

`tokenNoDefaultPolicyInput`^Optional

public java.lang.Object getTokenNoDefaultPolicyInput();

Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

`tokenNumUsesInput`^Optional

public java.lang.Number getTokenNumUsesInput();

Type: java.lang.Number

`tokenPeriodInput`^Optional

public java.lang.Number getTokenPeriodInput();

Type: java.lang.Number

`tokenPoliciesInput`^Optional

public java.util.List<java.lang.String> getTokenPoliciesInput();

Type: java.util.List<java.lang.String>

`tokenTtlInput`^Optional

public java.lang.Number getTokenTtlInput();

Type: java.lang.Number

`tokenTypeInput`^Optional

public java.lang.String getTokenTypeInput();

Type: java.lang.String

`userClaimInput`^Optional

public java.lang.String getUserClaimInput();

Type: java.lang.String

`userClaimJsonPointerInput`^Optional

public java.lang.Object getUserClaimJsonPointerInput();

Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

`verboseOidcLoggingInput`^Optional

public java.lang.Object getVerboseOidcLoggingInput();

Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

`allowedRedirectUris`^Required

public java.util.List<java.lang.String> getAllowedRedirectUris();

Type: java.util.List<java.lang.String>

`backend`^Required

public java.lang.String getBackend();

Type: java.lang.String

`boundAudiences`^Required

public java.util.List<java.lang.String> getBoundAudiences();

Type: java.util.List<java.lang.String>

`boundClaims`^Required

public java.util.Map<java.lang.String, java.lang.String> getBoundClaims();

Type: java.util.Map<java.lang.String, java.lang.String>

`boundClaimsType`^Required

public java.lang.String getBoundClaimsType();

Type: java.lang.String

`boundSubject`^Required

public java.lang.String getBoundSubject();

Type: java.lang.String

`claimMappings`^Required

public java.util.Map<java.lang.String, java.lang.String> getClaimMappings();

Type: java.util.Map<java.lang.String, java.lang.String>

`clockSkewLeeway`^Required

public java.lang.Number getClockSkewLeeway();

Type: java.lang.Number

`disableBoundClaimsParsing`^Required

public java.lang.Object getDisableBoundClaimsParsing();

Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

`expirationLeeway`^Required

public java.lang.Number getExpirationLeeway();

Type: java.lang.Number

`groupsClaim`^Required

public java.lang.String getGroupsClaim();

Type: java.lang.String

`id`^Required

public java.lang.String getId();

Type: java.lang.String

`maxAge`^Required

public java.lang.Number getMaxAge();

Type: java.lang.Number

`namespace`^Required

public java.lang.String getNamespace();

Type: java.lang.String

`notBeforeLeeway`^Required

public java.lang.Number getNotBeforeLeeway();

Type: java.lang.Number

`oidcScopes`^Required

public java.util.List<java.lang.String> getOidcScopes();

Type: java.util.List<java.lang.String>

`roleName`^Required

public java.lang.String getRoleName();

Type: java.lang.String

`roleType`^Required

public java.lang.String getRoleType();

Type: java.lang.String

`tokenBoundCidrs`^Required

public java.util.List<java.lang.String> getTokenBoundCidrs();

Type: java.util.List<java.lang.String>

`tokenExplicitMaxTtl`^Required

public java.lang.Number getTokenExplicitMaxTtl();

Type: java.lang.Number

`tokenMaxTtl`^Required

public java.lang.Number getTokenMaxTtl();

Type: java.lang.Number

`tokenNoDefaultPolicy`^Required

public java.lang.Object getTokenNoDefaultPolicy();

Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

`tokenNumUses`^Required

public java.lang.Number getTokenNumUses();

Type: java.lang.Number

`tokenPeriod`^Required

public java.lang.Number getTokenPeriod();

Type: java.lang.Number

`tokenPolicies`^Required

public java.util.List<java.lang.String> getTokenPolicies();

Type: java.util.List<java.lang.String>

`tokenTtl`^Required

public java.lang.Number getTokenTtl();

Type: java.lang.Number

`tokenType`^Required

public java.lang.String getTokenType();

Type: java.lang.String

`userClaim`^Required

public java.lang.String getUserClaim();

Type: java.lang.String

`userClaimJsonPointer`^Required

public java.lang.Object getUserClaimJsonPointer();

Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

`verboseOidcLogging`^Required

public java.lang.Object getVerboseOidcLogging();

Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

Constants

Name	Type	Description
`tfResourceType`	`java.lang.String`	No description.

`tfResourceType`^Required

public java.lang.String getTfResourceType();

Type: java.lang.String

Structs

JwtAuthBackendRoleConfig

Initializer

import com.hashicorp.cdktf.providers.vault.jwt_auth_backend_role.JwtAuthBackendRoleConfig;

JwtAuthBackendRoleConfig.builder()
//  .connection(SSHProvisionerConnection)
//  .connection(WinrmProvisionerConnection)
//  .count(java.lang.Number)
//  .count(TerraformCount)
//  .dependsOn(java.util.List<ITerraformDependable>)
//  .forEach(ITerraformIterator)
//  .lifecycle(TerraformResourceLifecycle)
//  .provider(TerraformProvider)
//  .provisioners(java.util.List<FileProvisioner)
//  .provisioners(LocalExecProvisioner)
//  .provisioners(RemoteExecProvisioner>)
    .roleName(java.lang.String)
    .userClaim(java.lang.String)
//  .allowedRedirectUris(java.util.List<java.lang.String>)
//  .backend(java.lang.String)
//  .boundAudiences(java.util.List<java.lang.String>)
//  .boundClaims(java.util.Map<java.lang.String, java.lang.String>)
//  .boundClaimsType(java.lang.String)
//  .boundSubject(java.lang.String)
//  .claimMappings(java.util.Map<java.lang.String, java.lang.String>)
//  .clockSkewLeeway(java.lang.Number)
//  .disableBoundClaimsParsing(java.lang.Boolean)
//  .disableBoundClaimsParsing(IResolvable)
//  .expirationLeeway(java.lang.Number)
//  .groupsClaim(java.lang.String)
//  .id(java.lang.String)
//  .maxAge(java.lang.Number)
//  .namespace(java.lang.String)
//  .notBeforeLeeway(java.lang.Number)
//  .oidcScopes(java.util.List<java.lang.String>)
//  .roleType(java.lang.String)
//  .tokenBoundCidrs(java.util.List<java.lang.String>)
//  .tokenExplicitMaxTtl(java.lang.Number)
//  .tokenMaxTtl(java.lang.Number)
//  .tokenNoDefaultPolicy(java.lang.Boolean)
//  .tokenNoDefaultPolicy(IResolvable)
//  .tokenNumUses(java.lang.Number)
//  .tokenPeriod(java.lang.Number)
//  .tokenPolicies(java.util.List<java.lang.String>)
//  .tokenTtl(java.lang.Number)
//  .tokenType(java.lang.String)
//  .userClaimJsonPointer(java.lang.Boolean)
//  .userClaimJsonPointer(IResolvable)
//  .verboseOidcLogging(java.lang.Boolean)
//  .verboseOidcLogging(IResolvable)
    .build();

Properties

Name	Type	Description
`connection`	`com.hashicorp.cdktf.SSHProvisionerConnection OR com.hashicorp.cdktf.WinrmProvisionerConnection`	No description.
`count`	`java.lang.Number OR com.hashicorp.cdktf.TerraformCount`	No description.
`dependsOn`	`java.util.List<com.hashicorp.cdktf.ITerraformDependable>`	No description.
`forEach`	`com.hashicorp.cdktf.ITerraformIterator`	No description.
`lifecycle`	`com.hashicorp.cdktf.TerraformResourceLifecycle`	No description.
`provider`	`com.hashicorp.cdktf.TerraformProvider`	No description.
`provisioners`	`java.util.List<com.hashicorp.cdktf.FileProvisioner OR com.hashicorp.cdktf.LocalExecProvisioner OR com.hashicorp.cdktf.RemoteExecProvisioner>`	No description.
`roleName`	`java.lang.String`	Name of the role.
`userClaim`	`java.lang.String`	The claim to use to uniquely identify the user;
`allowedRedirectUris`	`java.util.List<java.lang.String>`	The list of allowed values for redirect_uri during OIDC logins.
`backend`	`java.lang.String`	Unique name of the auth backend to configure.
`boundAudiences`	`java.util.List<java.lang.String>`	List of aud claims to match against. Any match is sufficient.
`boundClaims`	`java.util.Map<java.lang.String, java.lang.String>`	Map of claims/values to match against. The expected value may be a single string or a comma-separated string list.
`boundClaimsType`	`java.lang.String`	How to interpret values in the claims/values map: can be either "string" (exact match) or "glob" (wildcard match).
`boundSubject`	`java.lang.String`	If set, requires that the sub claim matches this value.
`claimMappings`	`java.util.Map<java.lang.String, java.lang.String>`	Map of claims (keys) to be copied to specified metadata fields (values).
`clockSkewLeeway`	`java.lang.Number`	The amount of leeway to add to all claims to account for clock skew, in seconds.
`disableBoundClaimsParsing`	`java.lang.Boolean OR com.hashicorp.cdktf.IResolvable`	Disable bound claim value parsing. Useful when values contain commas.
`expirationLeeway`	`java.lang.Number`	The amount of leeway to add to expiration (exp) claims to account for clock skew, in seconds.
`groupsClaim`	`java.lang.String`	The claim to use to uniquely identify the set of groups to which the user belongs;
`id`	`java.lang.String`	Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/jwt_auth_backend_role#id JwtAuthBackendRole#id}.
`maxAge`	`java.lang.Number`	Specifies the allowable elapsed time in seconds since the last time the user was actively authenticated.
`namespace`	`java.lang.String`	Target namespace. (requires Enterprise).
`notBeforeLeeway`	`java.lang.Number`	The amount of leeway to add to not before (nbf) claims to account for clock skew, in seconds.
`oidcScopes`	`java.util.List<java.lang.String>`	List of OIDC scopes to be used with an OIDC role.
`roleType`	`java.lang.String`	Type of role, either "oidc" (default) or "jwt".
`tokenBoundCidrs`	`java.util.List<java.lang.String>`	Specifies the blocks of IP addresses which are allowed to use the generated token.
`tokenExplicitMaxTtl`	`java.lang.Number`	Generated Token's Explicit Maximum TTL in seconds.
`tokenMaxTtl`	`java.lang.Number`	The maximum lifetime of the generated token.
`tokenNoDefaultPolicy`	`java.lang.Boolean OR com.hashicorp.cdktf.IResolvable`	If true, the 'default' policy will not automatically be added to generated tokens.
`tokenNumUses`	`java.lang.Number`	The maximum number of times a token may be used, a value of zero means unlimited.
`tokenPeriod`	`java.lang.Number`	Generated Token's Period.
`tokenPolicies`	`java.util.List<java.lang.String>`	Generated Token's Policies.
`tokenTtl`	`java.lang.Number`	The initial ttl of the token to generate in seconds.
`tokenType`	`java.lang.String`	The type of token to generate, service or batch.
`userClaimJsonPointer`	`java.lang.Boolean OR com.hashicorp.cdktf.IResolvable`	Specifies if the user_claim value uses JSON pointer syntax for referencing claims.
`verboseOidcLogging`	`java.lang.Boolean OR com.hashicorp.cdktf.IResolvable`	Log received OIDC tokens and claims when debug-level logging is active.

`connection`^Optional

public java.lang.Object getConnection();

Type: com.hashicorp.cdktf.SSHProvisionerConnection OR com.hashicorp.cdktf.WinrmProvisionerConnection

`count`^Optional

public java.lang.Object getCount();

Type: java.lang.Number OR com.hashicorp.cdktf.TerraformCount

`dependsOn`^Optional

public java.util.List<ITerraformDependable> getDependsOn();

Type: java.util.List<com.hashicorp.cdktf.ITerraformDependable>

`forEach`^Optional

public ITerraformIterator getForEach();

Type: com.hashicorp.cdktf.ITerraformIterator

`lifecycle`^Optional

public TerraformResourceLifecycle getLifecycle();

Type: com.hashicorp.cdktf.TerraformResourceLifecycle

`provider`^Optional

public TerraformProvider getProvider();

Type: com.hashicorp.cdktf.TerraformProvider

`provisioners`^Optional

public java.lang.Object getProvisioners();

Type: java.util.List<com.hashicorp.cdktf.FileProvisioner OR com.hashicorp.cdktf.LocalExecProvisioner OR com.hashicorp.cdktf.RemoteExecProvisioner>

`roleName`^Required

public java.lang.String getRoleName();

Type: java.lang.String

Name of the role.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/jwt_auth_backend_role#role_name JwtAuthBackendRole#role_name}

`userClaim`^Required

public java.lang.String getUserClaim();

Type: java.lang.String

The claim to use to uniquely identify the user;

this will be used as the name for the Identity entity alias created due to a successful login.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/jwt_auth_backend_role#user_claim JwtAuthBackendRole#user_claim}

`allowedRedirectUris`^Optional

public java.util.List<java.lang.String> getAllowedRedirectUris();

Type: java.util.List<java.lang.String>

The list of allowed values for redirect_uri during OIDC logins.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/jwt_auth_backend_role#allowed_redirect_uris JwtAuthBackendRole#allowed_redirect_uris}

`backend`^Optional

public java.lang.String getBackend();

Type: java.lang.String

Unique name of the auth backend to configure.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/jwt_auth_backend_role#backend JwtAuthBackendRole#backend}

`boundAudiences`^Optional

public java.util.List<java.lang.String> getBoundAudiences();

Type: java.util.List<java.lang.String>

List of aud claims to match against. Any match is sufficient.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/jwt_auth_backend_role#bound_audiences JwtAuthBackendRole#bound_audiences}

`boundClaims`^Optional

public java.util.Map<java.lang.String, java.lang.String> getBoundClaims();

Type: java.util.Map<java.lang.String, java.lang.String>

Map of claims/values to match against. The expected value may be a single string or a comma-separated string list.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/jwt_auth_backend_role#bound_claims JwtAuthBackendRole#bound_claims}

`boundClaimsType`^Optional

public java.lang.String getBoundClaimsType();

Type: java.lang.String

How to interpret values in the claims/values map: can be either "string" (exact match) or "glob" (wildcard match).

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/jwt_auth_backend_role#bound_claims_type JwtAuthBackendRole#bound_claims_type}

`boundSubject`^Optional

public java.lang.String getBoundSubject();

Type: java.lang.String

If set, requires that the sub claim matches this value.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/jwt_auth_backend_role#bound_subject JwtAuthBackendRole#bound_subject}

`claimMappings`^Optional

public java.util.Map<java.lang.String, java.lang.String> getClaimMappings();

Type: java.util.Map<java.lang.String, java.lang.String>

Map of claims (keys) to be copied to specified metadata fields (values).

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/jwt_auth_backend_role#claim_mappings JwtAuthBackendRole#claim_mappings}

`clockSkewLeeway`^Optional

public java.lang.Number getClockSkewLeeway();

Type: java.lang.Number

The amount of leeway to add to all claims to account for clock skew, in seconds.

Defaults to 60 seconds if set to 0 and can be disabled if set to -1. Only applicable with 'jwt' roles.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/jwt_auth_backend_role#clock_skew_leeway JwtAuthBackendRole#clock_skew_leeway}

`disableBoundClaimsParsing`^Optional

public java.lang.Object getDisableBoundClaimsParsing();

Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

Disable bound claim value parsing. Useful when values contain commas.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/jwt_auth_backend_role#disable_bound_claims_parsing JwtAuthBackendRole#disable_bound_claims_parsing}

`expirationLeeway`^Optional

public java.lang.Number getExpirationLeeway();

Type: java.lang.Number

The amount of leeway to add to expiration (exp) claims to account for clock skew, in seconds.

Defaults to 150 seconds if set to 0 and can be disabled if set to -1. Only applicable with 'jwt' roles.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/jwt_auth_backend_role#expiration_leeway JwtAuthBackendRole#expiration_leeway}

`groupsClaim`^Optional

public java.lang.String getGroupsClaim();

Type: java.lang.String

The claim to use to uniquely identify the set of groups to which the user belongs;

this will be used as the names for the Identity group aliases created due to a successful login. The claim value must be a list of strings.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/jwt_auth_backend_role#groups_claim JwtAuthBackendRole#groups_claim}

`id`^Optional

public java.lang.String getId();

Type: java.lang.String

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/jwt_auth_backend_role#id JwtAuthBackendRole#id}.

Please be aware that the id field is automatically added to all resources in Terraform providers using a Terraform provider SDK version below 2. If you experience problems setting this value it might not be settable. Please take a look at the provider documentation to ensure it should be settable.

`maxAge`^Optional

public java.lang.Number getMaxAge();

Type: java.lang.Number

Specifies the allowable elapsed time in seconds since the last time the user was actively authenticated.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/jwt_auth_backend_role#max_age JwtAuthBackendRole#max_age}

`namespace`^Optional

public java.lang.String getNamespace();

Type: java.lang.String

Target namespace. (requires Enterprise).

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/jwt_auth_backend_role#namespace JwtAuthBackendRole#namespace}

`notBeforeLeeway`^Optional

public java.lang.Number getNotBeforeLeeway();

Type: java.lang.Number

The amount of leeway to add to not before (nbf) claims to account for clock skew, in seconds.

Defaults to 150 seconds if set to 0 and can be disabled if set to -1. Only applicable with 'jwt' roles.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/jwt_auth_backend_role#not_before_leeway JwtAuthBackendRole#not_before_leeway}

`oidcScopes`^Optional

public java.util.List<java.lang.String> getOidcScopes();

Type: java.util.List<java.lang.String>

List of OIDC scopes to be used with an OIDC role.

The standard scope "openid" is automatically included and need not be specified.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/jwt_auth_backend_role#oidc_scopes JwtAuthBackendRole#oidc_scopes}

`roleType`^Optional

public java.lang.String getRoleType();

Type: java.lang.String

Type of role, either "oidc" (default) or "jwt".

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/jwt_auth_backend_role#role_type JwtAuthBackendRole#role_type}

`tokenBoundCidrs`^Optional

public java.util.List<java.lang.String> getTokenBoundCidrs();

Type: java.util.List<java.lang.String>

Specifies the blocks of IP addresses which are allowed to use the generated token.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/jwt_auth_backend_role#token_bound_cidrs JwtAuthBackendRole#token_bound_cidrs}

`tokenExplicitMaxTtl`^Optional

public java.lang.Number getTokenExplicitMaxTtl();

Type: java.lang.Number

Generated Token's Explicit Maximum TTL in seconds.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/jwt_auth_backend_role#token_explicit_max_ttl JwtAuthBackendRole#token_explicit_max_ttl}

`tokenMaxTtl`^Optional

public java.lang.Number getTokenMaxTtl();

Type: java.lang.Number

The maximum lifetime of the generated token.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/jwt_auth_backend_role#token_max_ttl JwtAuthBackendRole#token_max_ttl}

`tokenNoDefaultPolicy`^Optional

public java.lang.Object getTokenNoDefaultPolicy();

Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

If true, the 'default' policy will not automatically be added to generated tokens.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/jwt_auth_backend_role#token_no_default_policy JwtAuthBackendRole#token_no_default_policy}

`tokenNumUses`^Optional

public java.lang.Number getTokenNumUses();

Type: java.lang.Number

The maximum number of times a token may be used, a value of zero means unlimited.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/jwt_auth_backend_role#token_num_uses JwtAuthBackendRole#token_num_uses}

`tokenPeriod`^Optional

public java.lang.Number getTokenPeriod();

Type: java.lang.Number

Generated Token's Period.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/jwt_auth_backend_role#token_period JwtAuthBackendRole#token_period}

`tokenPolicies`^Optional

public java.util.List<java.lang.String> getTokenPolicies();

Type: java.util.List<java.lang.String>

Generated Token's Policies.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/jwt_auth_backend_role#token_policies JwtAuthBackendRole#token_policies}

`tokenTtl`^Optional

public java.lang.Number getTokenTtl();

Type: java.lang.Number

The initial ttl of the token to generate in seconds.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/jwt_auth_backend_role#token_ttl JwtAuthBackendRole#token_ttl}

`tokenType`^Optional

public java.lang.String getTokenType();

Type: java.lang.String

The type of token to generate, service or batch.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/jwt_auth_backend_role#token_type JwtAuthBackendRole#token_type}

`userClaimJsonPointer`^Optional

public java.lang.Object getUserClaimJsonPointer();

Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

Specifies if the user_claim value uses JSON pointer syntax for referencing claims.

By default, the user_claim value will not use JSON pointer.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/jwt_auth_backend_role#user_claim_json_pointer JwtAuthBackendRole#user_claim_json_pointer}

`verboseOidcLogging`^Optional

public java.lang.Object getVerboseOidcLogging();

Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

Log received OIDC tokens and claims when debug-level logging is active.

Not recommended in production since sensitive information may be present in OIDC responses.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.5.0/docs/resources/jwt_auth_backend_role#verbose_oidc_logging JwtAuthBackendRole#verbose_oidc_logging}

Files

jwtAuthBackendRole.java.md

Latest commit

History

jwtAuthBackendRole.java.md

File metadata and controls

jwtAuthBackendRole Submodule

Constructs