tokenAuthBackendRole.typescript.md

tokenAuthBackendRole Submodule

Constructs

TokenAuthBackendRole

Represents a {@link https://registry.terraform.io/providers/hashicorp/vault/4.6.0/docs/resources/token_auth_backend_role vault_token_auth_backend_role}.

Initializers

import { tokenAuthBackendRole } from '@cdktf/provider-vault'

new tokenAuthBackendRole.TokenAuthBackendRole(scope: Construct, id: string, config: TokenAuthBackendRoleConfig)

Name	Type	Description
scope	constructs.Construct	The scope in which to define this construct.
id	string	The scoped construct ID.
config	TokenAuthBackendRoleConfig	No description.

---

scope^Required

• Type: constructs.Construct

The scope in which to define this construct.

---

id^Required

• Type: string

The scoped construct ID.

Must be unique amongst siblings in the same scope

---

config^Required

• Type: TokenAuthBackendRoleConfig

---

Methods

Name	Description
toString	Returns a string representation of this construct.
addOverride	No description.
overrideLogicalId	Overrides the auto-generated logical ID with a specific ID.
resetOverrideLogicalId	Resets a previously passed logical Id to use the auto-generated logical id again.
toHclTerraform	No description.
toMetadata	No description.
toTerraform	Adds this resource to the terraform JSON output.
addMoveTarget	Adds a user defined moveTarget string to this resource to be later used in .moveTo(moveTarget) to resolve the location of the move.
getAnyMapAttribute	No description.
getBooleanAttribute	No description.
getBooleanMapAttribute	No description.
getListAttribute	No description.
getNumberAttribute	No description.
getNumberListAttribute	No description.
getNumberMapAttribute	No description.
getStringAttribute	No description.
getStringMapAttribute	No description.
hasResourceMove	No description.
importFrom	No description.
interpolationForAttribute	No description.
moveFromId	Move the resource corresponding to "id" to this resource.
moveTo	Moves this resource to the target resource given by moveTarget.
moveToId	Moves this resource to the resource corresponding to "id".
resetAllowedEntityAliases	No description.
resetAllowedPolicies	No description.
resetAllowedPoliciesGlob	No description.
resetDisallowedPolicies	No description.
resetDisallowedPoliciesGlob	No description.
resetId	No description.
resetNamespace	No description.
resetOrphan	No description.
resetPathSuffix	No description.
resetRenewable	No description.
resetTokenBoundCidrs	No description.
resetTokenExplicitMaxTtl	No description.
resetTokenMaxTtl	No description.
resetTokenNoDefaultPolicy	No description.
resetTokenNumUses	No description.
resetTokenPeriod	No description.
resetTokenPolicies	No description.
resetTokenTtl	No description.
resetTokenType	No description.

---

toString

public toString(): string

Returns a string representation of this construct.

addOverride

public addOverride(path: string, value: any): void

path^Required

• Type: string

---

value^Required

• Type: any

---

overrideLogicalId

public overrideLogicalId(newLogicalId: string): void

Overrides the auto-generated logical ID with a specific ID.

newLogicalId^Required

• Type: string

The new logical ID to use for this stack element.

---

resetOverrideLogicalId

public resetOverrideLogicalId(): void

Resets a previously passed logical Id to use the auto-generated logical id again.

toHclTerraform

public toHclTerraform(): any

toMetadata

public toMetadata(): any

toTerraform

public toTerraform(): any

Adds this resource to the terraform JSON output.

addMoveTarget

public addMoveTarget(moveTarget: string): void

Adds a user defined moveTarget string to this resource to be later used in .moveTo(moveTarget) to resolve the location of the move.

moveTarget^Required

• Type: string

The string move target that will correspond to this resource.

---

getAnyMapAttribute

public getAnyMapAttribute(terraformAttribute: string): {[ key: string ]: any}

terraformAttribute^Required

• Type: string

---

getBooleanAttribute

public getBooleanAttribute(terraformAttribute: string): IResolvable

terraformAttribute^Required

• Type: string

---

getBooleanMapAttribute

public getBooleanMapAttribute(terraformAttribute: string): {[ key: string ]: boolean}

terraformAttribute^Required

• Type: string

---

getListAttribute

public getListAttribute(terraformAttribute: string): string[]

terraformAttribute^Required

• Type: string

---

getNumberAttribute

public getNumberAttribute(terraformAttribute: string): number

terraformAttribute^Required

• Type: string

---

getNumberListAttribute

public getNumberListAttribute(terraformAttribute: string): number[]

terraformAttribute^Required

• Type: string

---

getNumberMapAttribute

public getNumberMapAttribute(terraformAttribute: string): {[ key: string ]: number}

terraformAttribute^Required

• Type: string

---

getStringAttribute

public getStringAttribute(terraformAttribute: string): string

terraformAttribute^Required

• Type: string

---

getStringMapAttribute

public getStringMapAttribute(terraformAttribute: string): {[ key: string ]: string}

terraformAttribute^Required

• Type: string

---

hasResourceMove

public hasResourceMove(): TerraformResourceMoveByTarget | TerraformResourceMoveById

importFrom

public importFrom(id: string, provider?: TerraformProvider): void

id^Required

• Type: string

---

provider^Optional

• Type: cdktf.TerraformProvider

---

interpolationForAttribute

public interpolationForAttribute(terraformAttribute: string): IResolvable

terraformAttribute^Required

• Type: string

---

moveFromId

public moveFromId(id: string): void

Move the resource corresponding to "id" to this resource.

Note that the resource being moved from must be marked as moved using it's instance function.

id^Required

• Type: string

Full id of resource being moved from, e.g. "aws_s3_bucket.example".

---

moveTo

public moveTo(moveTarget: string, index?: string | number): void

Moves this resource to the target resource given by moveTarget.

moveTarget^Required

• Type: string

The previously set user defined string set by .addMoveTarget() corresponding to the resource to move to.

---

index^Optional

• Type: string | number

Optional The index corresponding to the key the resource is to appear in the foreach of a resource to move to.

---

moveToId

public moveToId(id: string): void

Moves this resource to the resource corresponding to "id".

id^Required

• Type: string

Full id of resource to move to, e.g. "aws_s3_bucket.example".

---

resetAllowedEntityAliases

public resetAllowedEntityAliases(): void

resetAllowedPolicies

public resetAllowedPolicies(): void

resetAllowedPoliciesGlob

public resetAllowedPoliciesGlob(): void

resetDisallowedPolicies

public resetDisallowedPolicies(): void

resetDisallowedPoliciesGlob

public resetDisallowedPoliciesGlob(): void

resetId

public resetId(): void

resetNamespace

public resetNamespace(): void

resetOrphan

public resetOrphan(): void

resetPathSuffix

public resetPathSuffix(): void

resetRenewable

public resetRenewable(): void

resetTokenBoundCidrs

public resetTokenBoundCidrs(): void

resetTokenExplicitMaxTtl

public resetTokenExplicitMaxTtl(): void

resetTokenMaxTtl

public resetTokenMaxTtl(): void

resetTokenNoDefaultPolicy

public resetTokenNoDefaultPolicy(): void

resetTokenNumUses

public resetTokenNumUses(): void

resetTokenPeriod

public resetTokenPeriod(): void

resetTokenPolicies

public resetTokenPolicies(): void

resetTokenTtl

public resetTokenTtl(): void

resetTokenType

public resetTokenType(): void

Static Functions

Name	Description
isConstruct	Checks if x is a construct.
isTerraformElement	No description.
isTerraformResource	No description.
generateConfigForImport	Generates CDKTF code for importing a TokenAuthBackendRole resource upon running "cdktf plan ".

---

isConstruct

import { tokenAuthBackendRole } from '@cdktf/provider-vault'

tokenAuthBackendRole.TokenAuthBackendRole.isConstruct(x: any)

Checks if x is a construct.

Use this method instead of instanceof to properly detect Construct instances, even when the construct library is symlinked.

Explanation: in JavaScript, multiple copies of the constructs library on disk are seen as independent, completely different libraries. As a consequence, the class Construct in each copy of the constructs library is seen as a different class, and an instance of one class will not test as instanceof the other class. npm install will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the constructs library can be accidentally installed, and instanceof will behave unpredictably. It is safest to avoid using instanceof, and using this type-testing method instead.

x^Required

• Type: any

Any object.

---

isTerraformElement

import { tokenAuthBackendRole } from '@cdktf/provider-vault'

tokenAuthBackendRole.TokenAuthBackendRole.isTerraformElement(x: any)

x^Required

• Type: any

---

isTerraformResource

import { tokenAuthBackendRole } from '@cdktf/provider-vault'

tokenAuthBackendRole.TokenAuthBackendRole.isTerraformResource(x: any)

x^Required

• Type: any

---

generateConfigForImport

import { tokenAuthBackendRole } from '@cdktf/provider-vault'

tokenAuthBackendRole.TokenAuthBackendRole.generateConfigForImport(scope: Construct, importToId: string, importFromId: string, provider?: TerraformProvider)

Generates CDKTF code for importing a TokenAuthBackendRole resource upon running "cdktf plan ".

scope^Required

• Type: constructs.Construct

The scope in which to define this construct.

---

importToId^Required

• Type: string

The construct id used in the generated config for the TokenAuthBackendRole to import.

---

importFromId^Required

• Type: string

The id of the existing TokenAuthBackendRole that should be imported.

Refer to the {@link https://registry.terraform.io/providers/hashicorp/vault/4.6.0/docs/resources/token_auth_backend_role#import import section} in the documentation of this resource for the id to use

---

provider^Optional

• Type: cdktf.TerraformProvider

? Optional instance of the provider where the TokenAuthBackendRole to import is found.

---

Properties

Name	Type	Description
node	constructs.Node	The tree node.
cdktfStack	cdktf.TerraformStack	No description.
fqn	string	No description.
friendlyUniqueId	string	No description.
terraformMetaArguments	{[ key: string ]: any}	No description.
terraformResourceType	string	No description.
terraformGeneratorMetadata	cdktf.TerraformProviderGeneratorMetadata	No description.
connection	cdktf.SSHProvisionerConnection | cdktf.WinrmProvisionerConnection	No description.
count	number | cdktf.TerraformCount	No description.
dependsOn	string[]	No description.
forEach	cdktf.ITerraformIterator	No description.
lifecycle	cdktf.TerraformResourceLifecycle	No description.
provider	cdktf.TerraformProvider	No description.
provisioners	cdktf.FileProvisioner | cdktf.LocalExecProvisioner | cdktf.RemoteExecProvisioner[]	No description.
allowedEntityAliasesInput	string[]	No description.
allowedPoliciesGlobInput	string[]	No description.
allowedPoliciesInput	string[]	No description.
disallowedPoliciesGlobInput	string[]	No description.
disallowedPoliciesInput	string[]	No description.
idInput	string	No description.
namespaceInput	string	No description.
orphanInput	boolean | cdktf.IResolvable	No description.
pathSuffixInput	string	No description.
renewableInput	boolean | cdktf.IResolvable	No description.
roleNameInput	string	No description.
tokenBoundCidrsInput	string[]	No description.
tokenExplicitMaxTtlInput	number	No description.
tokenMaxTtlInput	number	No description.
tokenNoDefaultPolicyInput	boolean | cdktf.IResolvable	No description.
tokenNumUsesInput	number	No description.
tokenPeriodInput	number	No description.
tokenPoliciesInput	string[]	No description.
tokenTtlInput	number	No description.
tokenTypeInput	string	No description.
allowedEntityAliases	string[]	No description.
allowedPolicies	string[]	No description.
allowedPoliciesGlob	string[]	No description.
disallowedPolicies	string[]	No description.
disallowedPoliciesGlob	string[]	No description.
id	string	No description.
namespace	string	No description.
orphan	boolean | cdktf.IResolvable	No description.
pathSuffix	string	No description.
renewable	boolean | cdktf.IResolvable	No description.
roleName	string	No description.
tokenBoundCidrs	string[]	No description.
tokenExplicitMaxTtl	number	No description.
tokenMaxTtl	number	No description.
tokenNoDefaultPolicy	boolean | cdktf.IResolvable	No description.
tokenNumUses	number	No description.
tokenPeriod	number	No description.
tokenPolicies	string[]	No description.
tokenTtl	number	No description.
tokenType	string	No description.

---

node^Required

public readonly node: Node;

• Type: constructs.Node

The tree node.

---

cdktfStack^Required

public readonly cdktfStack: TerraformStack;

• Type: cdktf.TerraformStack

---

fqn^Required

public readonly fqn: string;

• Type: string

---

friendlyUniqueId^Required

public readonly friendlyUniqueId: string;

• Type: string

---

terraformMetaArguments^Required

public readonly terraformMetaArguments: {[ key: string ]: any};

• Type: {[ key: string ]: any}

---

terraformResourceType^Required

public readonly terraformResourceType: string;

• Type: string

---

terraformGeneratorMetadata^Optional

public readonly terraformGeneratorMetadata: TerraformProviderGeneratorMetadata;

• Type: cdktf.TerraformProviderGeneratorMetadata

---

connection^Optional

public readonly connection: SSHProvisionerConnection | WinrmProvisionerConnection;

• Type: cdktf.SSHProvisionerConnection | cdktf.WinrmProvisionerConnection

---

count^Optional

public readonly count: number | TerraformCount;

• Type: number | cdktf.TerraformCount

---

dependsOn^Optional

public readonly dependsOn: string[];

• Type: string[]

---

forEach^Optional

public readonly forEach: ITerraformIterator;

• Type: cdktf.ITerraformIterator

---

lifecycle^Optional

public readonly lifecycle: TerraformResourceLifecycle;

• Type: cdktf.TerraformResourceLifecycle

---

provider^Optional

public readonly provider: TerraformProvider;

• Type: cdktf.TerraformProvider

---

provisioners^Optional

public readonly provisioners: FileProvisioner | LocalExecProvisioner | RemoteExecProvisioner[];

• Type: cdktf.FileProvisioner | cdktf.LocalExecProvisioner | cdktf.RemoteExecProvisioner[]

---

allowedEntityAliasesInput^Optional

public readonly allowedEntityAliasesInput: string[];

• Type: string[]

---

allowedPoliciesGlobInput^Optional

public readonly allowedPoliciesGlobInput: string[];

• Type: string[]

---

allowedPoliciesInput^Optional

public readonly allowedPoliciesInput: string[];

• Type: string[]

---

disallowedPoliciesGlobInput^Optional

public readonly disallowedPoliciesGlobInput: string[];

• Type: string[]

---

disallowedPoliciesInput^Optional

public readonly disallowedPoliciesInput: string[];

• Type: string[]

---

idInput^Optional

public readonly idInput: string;

• Type: string

---

namespaceInput^Optional

public readonly namespaceInput: string;

• Type: string

---

orphanInput^Optional

public readonly orphanInput: boolean | IResolvable;

• Type: boolean | cdktf.IResolvable

---

pathSuffixInput^Optional

public readonly pathSuffixInput: string;

• Type: string

---

renewableInput^Optional

public readonly renewableInput: boolean | IResolvable;

• Type: boolean | cdktf.IResolvable

---

roleNameInput^Optional

public readonly roleNameInput: string;

• Type: string

---

tokenBoundCidrsInput^Optional

public readonly tokenBoundCidrsInput: string[];

• Type: string[]

---

tokenExplicitMaxTtlInput^Optional

public readonly tokenExplicitMaxTtlInput: number;

• Type: number

---

tokenMaxTtlInput^Optional

public readonly tokenMaxTtlInput: number;

• Type: number

---

tokenNoDefaultPolicyInput^Optional

public readonly tokenNoDefaultPolicyInput: boolean | IResolvable;

• Type: boolean | cdktf.IResolvable

---

tokenNumUsesInput^Optional

public readonly tokenNumUsesInput: number;

• Type: number

---

tokenPeriodInput^Optional

public readonly tokenPeriodInput: number;

• Type: number

---

tokenPoliciesInput^Optional

public readonly tokenPoliciesInput: string[];

• Type: string[]

---

tokenTtlInput^Optional

public readonly tokenTtlInput: number;

• Type: number

---

tokenTypeInput^Optional

public readonly tokenTypeInput: string;

• Type: string

---

allowedEntityAliases^Required

public readonly allowedEntityAliases: string[];

• Type: string[]

---

allowedPolicies^Required

public readonly allowedPolicies: string[];

• Type: string[]

---

allowedPoliciesGlob^Required

public readonly allowedPoliciesGlob: string[];

• Type: string[]

---

disallowedPolicies^Required

public readonly disallowedPolicies: string[];

• Type: string[]

---

disallowedPoliciesGlob^Required

public readonly disallowedPoliciesGlob: string[];

• Type: string[]

---

id^Required

public readonly id: string;

• Type: string

---

namespace^Required

public readonly namespace: string;

• Type: string

---

orphan^Required

public readonly orphan: boolean | IResolvable;

• Type: boolean | cdktf.IResolvable

---

pathSuffix^Required

public readonly pathSuffix: string;

• Type: string

---

renewable^Required

public readonly renewable: boolean | IResolvable;

• Type: boolean | cdktf.IResolvable

---

roleName^Required

public readonly roleName: string;

• Type: string

---

tokenBoundCidrs^Required

public readonly tokenBoundCidrs: string[];

• Type: string[]

---

tokenExplicitMaxTtl^Required

public readonly tokenExplicitMaxTtl: number;

• Type: number

---

tokenMaxTtl^Required

public readonly tokenMaxTtl: number;

• Type: number

---

tokenNoDefaultPolicy^Required

public readonly tokenNoDefaultPolicy: boolean | IResolvable;

• Type: boolean | cdktf.IResolvable

---

tokenNumUses^Required

public readonly tokenNumUses: number;

• Type: number

---

tokenPeriod^Required

public readonly tokenPeriod: number;

• Type: number

---

tokenPolicies^Required

public readonly tokenPolicies: string[];

• Type: string[]

---

tokenTtl^Required

public readonly tokenTtl: number;

• Type: number

---

tokenType^Required

public readonly tokenType: string;

• Type: string

---

Constants

Name	Type	Description
tfResourceType	string	No description.

---

tfResourceType^Required

public readonly tfResourceType: string;

• Type: string

---

Structs

TokenAuthBackendRoleConfig

Initializer

import { tokenAuthBackendRole } from '@cdktf/provider-vault'

const tokenAuthBackendRoleConfig: tokenAuthBackendRole.TokenAuthBackendRoleConfig = { ... }

Properties

Name	Type	Description
connection	cdktf.SSHProvisionerConnection | cdktf.WinrmProvisionerConnection	No description.
count	number | cdktf.TerraformCount	No description.
dependsOn	cdktf.ITerraformDependable[]	No description.
forEach	cdktf.ITerraformIterator	No description.
lifecycle	cdktf.TerraformResourceLifecycle	No description.
provider	cdktf.TerraformProvider	No description.
provisioners	cdktf.FileProvisioner | cdktf.LocalExecProvisioner | cdktf.RemoteExecProvisioner[]	No description.
roleName	string	Name of the role.
allowedEntityAliases	string[]	Set of allowed entity aliases for this role.
allowedPolicies	string[]	List of allowed policies for given role.
allowedPoliciesGlob	string[]	Set of allowed policies with glob match for given role.
disallowedPolicies	string[]	List of disallowed policies for given role.
disallowedPoliciesGlob	string[]	Set of disallowed policies with glob match for given role.
id	string	Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.6.0/docs/resources/token_auth_backend_role#id TokenAuthBackendRole#id}.
namespace	string	Target namespace. (requires Enterprise).
orphan	boolean | cdktf.IResolvable	If true, tokens created against this policy will be orphan tokens.
pathSuffix	string	Tokens created against this role will have the given suffix as part of their path in addition to the role name.
renewable	boolean | cdktf.IResolvable	Whether to disable the ability of the token to be renewed past its initial TTL.
tokenBoundCidrs	string[]	Specifies the blocks of IP addresses which are allowed to use the generated token.
tokenExplicitMaxTtl	number	Generated Token's Explicit Maximum TTL in seconds.
tokenMaxTtl	number	The maximum lifetime of the generated token.
tokenNoDefaultPolicy	boolean | cdktf.IResolvable	If true, the 'default' policy will not automatically be added to generated tokens.
tokenNumUses	number	The maximum number of times a token may be used, a value of zero means unlimited.
tokenPeriod	number	Generated Token's Period.
tokenPolicies	string[]	Generated Token's Policies.
tokenTtl	number	The initial ttl of the token to generate in seconds.
tokenType	string	The type of token to generate, service or batch.

---

connection^Optional

public readonly connection: SSHProvisionerConnection | WinrmProvisionerConnection;

• Type: cdktf.SSHProvisionerConnection | cdktf.WinrmProvisionerConnection

---

count^Optional

public readonly count: number | TerraformCount;

• Type: number | cdktf.TerraformCount

---

dependsOn^Optional

public readonly dependsOn: ITerraformDependable[];

• Type: cdktf.ITerraformDependable[]

---

forEach^Optional

public readonly forEach: ITerraformIterator;

• Type: cdktf.ITerraformIterator

---

lifecycle^Optional

public readonly lifecycle: TerraformResourceLifecycle;

• Type: cdktf.TerraformResourceLifecycle

---

provider^Optional

public readonly provider: TerraformProvider;

• Type: cdktf.TerraformProvider

---

provisioners^Optional

public readonly provisioners: FileProvisioner | LocalExecProvisioner | RemoteExecProvisioner[];

• Type: cdktf.FileProvisioner | cdktf.LocalExecProvisioner | cdktf.RemoteExecProvisioner[]

---

roleName^Required

public readonly roleName: string;

• Type: string

Name of the role.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.6.0/docs/resources/token_auth_backend_role#role_name TokenAuthBackendRole#role_name}

---

allowedEntityAliases^Optional

public readonly allowedEntityAliases: string[];

• Type: string[]

Set of allowed entity aliases for this role.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.6.0/docs/resources/token_auth_backend_role#allowed_entity_aliases TokenAuthBackendRole#allowed_entity_aliases}

---

allowedPolicies^Optional

public readonly allowedPolicies: string[];

• Type: string[]

List of allowed policies for given role.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.6.0/docs/resources/token_auth_backend_role#allowed_policies TokenAuthBackendRole#allowed_policies}

---

allowedPoliciesGlob^Optional

public readonly allowedPoliciesGlob: string[];

• Type: string[]

Set of allowed policies with glob match for given role.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.6.0/docs/resources/token_auth_backend_role#allowed_policies_glob TokenAuthBackendRole#allowed_policies_glob}

---

disallowedPolicies^Optional

public readonly disallowedPolicies: string[];

• Type: string[]

List of disallowed policies for given role.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.6.0/docs/resources/token_auth_backend_role#disallowed_policies TokenAuthBackendRole#disallowed_policies}

---

disallowedPoliciesGlob^Optional

public readonly disallowedPoliciesGlob: string[];

• Type: string[]

Set of disallowed policies with glob match for given role.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.6.0/docs/resources/token_auth_backend_role#disallowed_policies_glob TokenAuthBackendRole#disallowed_policies_glob}

---

id^Optional

public readonly id: string;

• Type: string

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.6.0/docs/resources/token_auth_backend_role#id TokenAuthBackendRole#id}.

Please be aware that the id field is automatically added to all resources in Terraform providers using a Terraform provider SDK version below 2. If you experience problems setting this value it might not be settable. Please take a look at the provider documentation to ensure it should be settable.

---

namespace^Optional

public readonly namespace: string;

• Type: string

Target namespace. (requires Enterprise).

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.6.0/docs/resources/token_auth_backend_role#namespace TokenAuthBackendRole#namespace}

---

orphan^Optional

public readonly orphan: boolean | IResolvable;

• Type: boolean | cdktf.IResolvable

If true, tokens created against this policy will be orphan tokens.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.6.0/docs/resources/token_auth_backend_role#orphan TokenAuthBackendRole#orphan}

---

pathSuffix^Optional

public readonly pathSuffix: string;

• Type: string

Tokens created against this role will have the given suffix as part of their path in addition to the role name.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.6.0/docs/resources/token_auth_backend_role#path_suffix TokenAuthBackendRole#path_suffix}

---

renewable^Optional

public readonly renewable: boolean | IResolvable;

• Type: boolean | cdktf.IResolvable

Whether to disable the ability of the token to be renewed past its initial TTL.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.6.0/docs/resources/token_auth_backend_role#renewable TokenAuthBackendRole#renewable}

---

tokenBoundCidrs^Optional

public readonly tokenBoundCidrs: string[];

• Type: string[]

Specifies the blocks of IP addresses which are allowed to use the generated token.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.6.0/docs/resources/token_auth_backend_role#token_bound_cidrs TokenAuthBackendRole#token_bound_cidrs}

---

tokenExplicitMaxTtl^Optional

public readonly tokenExplicitMaxTtl: number;

• Type: number

Generated Token's Explicit Maximum TTL in seconds.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.6.0/docs/resources/token_auth_backend_role#token_explicit_max_ttl TokenAuthBackendRole#token_explicit_max_ttl}

---

tokenMaxTtl^Optional

public readonly tokenMaxTtl: number;

• Type: number

The maximum lifetime of the generated token.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.6.0/docs/resources/token_auth_backend_role#token_max_ttl TokenAuthBackendRole#token_max_ttl}

---

tokenNoDefaultPolicy^Optional

public readonly tokenNoDefaultPolicy: boolean | IResolvable;

• Type: boolean | cdktf.IResolvable

If true, the 'default' policy will not automatically be added to generated tokens.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.6.0/docs/resources/token_auth_backend_role#token_no_default_policy TokenAuthBackendRole#token_no_default_policy}

---

tokenNumUses^Optional

public readonly tokenNumUses: number;

• Type: number

The maximum number of times a token may be used, a value of zero means unlimited.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.6.0/docs/resources/token_auth_backend_role#token_num_uses TokenAuthBackendRole#token_num_uses}

---

tokenPeriod^Optional

public readonly tokenPeriod: number;

• Type: number

Generated Token's Period.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.6.0/docs/resources/token_auth_backend_role#token_period TokenAuthBackendRole#token_period}

---

tokenPolicies^Optional

public readonly tokenPolicies: string[];

• Type: string[]

Generated Token's Policies.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.6.0/docs/resources/token_auth_backend_role#token_policies TokenAuthBackendRole#token_policies}

---

tokenTtl^Optional

public readonly tokenTtl: number;

• Type: number

The initial ttl of the token to generate in seconds.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.6.0/docs/resources/token_auth_backend_role#token_ttl TokenAuthBackendRole#token_ttl}

---

tokenType^Optional

public readonly tokenType: string;

• Type: string

The type of token to generate, service or batch.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.6.0/docs/resources/token_auth_backend_role#token_type TokenAuthBackendRole#token_type}

---