case class Role(bindSecretId: Boolean = true, secretIdBoundCidrs: List[String] = List.empty, secretIdNumUses: Int = 0, secretIdTtl: Duration = Duration.Undefined, tokenPolicies: List[String] = List.empty, tokenTtl: Duration = Duration.Undefined, tokenMaxTtl: Duration = Duration.Undefined, tokenExplicitMaxTtl: Duration = Duration.Undefined, tokenPeriod: Duration = Duration.Undefined, tokenBoundCidrs: List[String] = List.empty, tokenNumUses: Int = 0, tokenNoDefaultPolicy: Boolean = false, tokenType: TokenType = TokenType.Service, enableLocalSecretIds: Boolean = false) extends Product with Serializable
- bindSecretId
Require secret_id to be presented when logging in using this AppRole.
- secretIdBoundCidrs
list of CIDR blocks; if set, specifies blocks of IP addresses which can perform the login operation.
- secretIdNumUses
Number of times any particular SecretID can be used to fetch a token from this AppRole, after which the SecretID will expire. A value of zero will allow unlimited uses.
- secretIdTtl
Duration in either an integer number of seconds (3600) or an integer time unit (60m) after which any SecretID expires.
- tokenPolicies
list of policies set on tokens issued via this AppRole.
- tokenTtl
Duration in either an integer number of seconds (3600) or an integer time unit (60m) to set as the TTL for issued tokens and at renewal time.
- tokenMaxTtl
Duration in either an integer number of seconds (3600) or an integer time unit (60m) after which the issued token can no longer be renewed.
- tokenExplicitMaxTtl
If set, will encode an explicit max TTL onto the token. This is a hard cap even if token_ttl and token_max_ttl would otherwise allow a renewal.
- tokenPeriod
Duration in either an integer number of seconds (3600) or an integer time unit (60m). If set, the token generated using this AppRole is a periodic token; so long as it is renewed it never expires, but the TTL set on the token at each renewal is fixed to the value specified here. If this value is modified, the token will pick up the new value at its next renewal.
- tokenBoundCidrs
list of CIDR blocks; if set, specifies blocks of IP addresses which can use the auth tokens generated by this role.
- tokenNumUses
Number of times issued tokens can be used. A value of 0 means unlimited uses.
- tokenNoDefaultPolicy
If set, the
default
policy will not be set on generated tokens; otherwise it will be added to the policies set intokenPolicies
.- tokenType
The type of token that should be generated via this role. Can be service, batch, or default to use the mount's default (which unless changed will be service tokens).
- enableLocalSecretIds
If set, the secret IDs generated using this role will be cluster local. This can only be set during role creation and once set, it can't be reset later.
- Source
- Role.scala
- Alphabetic
- By Inheritance
- Role
- Serializable
- Product
- Equals
- AnyRef
- Any
- by StringFormat
- by Ensuring
- by ArrowAssoc
- Hide All
- Show All
- Public
- Protected
Instance Constructors
- new Role(bindSecretId: Boolean = true, secretIdBoundCidrs: List[String] = List.empty, secretIdNumUses: Int = 0, secretIdTtl: Duration = Duration.Undefined, tokenPolicies: List[String] = List.empty, tokenTtl: Duration = Duration.Undefined, tokenMaxTtl: Duration = Duration.Undefined, tokenExplicitMaxTtl: Duration = Duration.Undefined, tokenPeriod: Duration = Duration.Undefined, tokenBoundCidrs: List[String] = List.empty, tokenNumUses: Int = 0, tokenNoDefaultPolicy: Boolean = false, tokenType: TokenType = TokenType.Service, enableLocalSecretIds: Boolean = false)
- bindSecretId
Require secret_id to be presented when logging in using this AppRole.
- secretIdBoundCidrs
list of CIDR blocks; if set, specifies blocks of IP addresses which can perform the login operation.
- secretIdNumUses
Number of times any particular SecretID can be used to fetch a token from this AppRole, after which the SecretID will expire. A value of zero will allow unlimited uses.
- secretIdTtl
Duration in either an integer number of seconds (3600) or an integer time unit (60m) after which any SecretID expires.
- tokenPolicies
list of policies set on tokens issued via this AppRole.
- tokenTtl
Duration in either an integer number of seconds (3600) or an integer time unit (60m) to set as the TTL for issued tokens and at renewal time.
- tokenMaxTtl
Duration in either an integer number of seconds (3600) or an integer time unit (60m) after which the issued token can no longer be renewed.
- tokenExplicitMaxTtl
If set, will encode an explicit max TTL onto the token. This is a hard cap even if token_ttl and token_max_ttl would otherwise allow a renewal.
- tokenPeriod
Duration in either an integer number of seconds (3600) or an integer time unit (60m). If set, the token generated using this AppRole is a periodic token; so long as it is renewed it never expires, but the TTL set on the token at each renewal is fixed to the value specified here. If this value is modified, the token will pick up the new value at its next renewal.
- tokenBoundCidrs
list of CIDR blocks; if set, specifies blocks of IP addresses which can use the auth tokens generated by this role.
- tokenNumUses
Number of times issued tokens can be used. A value of 0 means unlimited uses.
- tokenNoDefaultPolicy
If set, the
default
policy will not be set on generated tokens; otherwise it will be added to the policies set intokenPolicies
.- tokenType
The type of token that should be generated via this role. Can be service, batch, or default to use the mount's default (which unless changed will be service tokens).
- enableLocalSecretIds
If set, the secret IDs generated using this role will be cluster local. This can only be set during role creation and once set, it can't be reset later.
Value Members
- final def !=(arg0: Any): Boolean
- Definition Classes
- AnyRef → Any
- final def ##: Int
- Definition Classes
- AnyRef → Any
- def ->[B](y: B): (Role, B)
- final def ==(arg0: Any): Boolean
- Definition Classes
- AnyRef → Any
- final def asInstanceOf[T0]: T0
- Definition Classes
- Any
- val bindSecretId: Boolean
- def clone(): AnyRef
- Attributes
- protected[lang]
- Definition Classes
- AnyRef
- Annotations
- @throws(classOf[java.lang.CloneNotSupportedException]) @native()
- val enableLocalSecretIds: Boolean
- def ensuring(cond: (Role) => Boolean, msg: => Any): Role
- def ensuring(cond: (Role) => Boolean): Role
- def ensuring(cond: Boolean, msg: => Any): Role
- def ensuring(cond: Boolean): Role
- final def eq(arg0: AnyRef): Boolean
- Definition Classes
- AnyRef
- def finalize(): Unit
- Attributes
- protected[lang]
- Definition Classes
- AnyRef
- Annotations
- @throws(classOf[java.lang.Throwable])
- def formatted(fmtstr: String): String
- final def getClass(): Class[_ <: AnyRef]
- Definition Classes
- AnyRef → Any
- Annotations
- @native()
- final def isInstanceOf[T0]: Boolean
- Definition Classes
- Any
- final def ne(arg0: AnyRef): Boolean
- Definition Classes
- AnyRef
- final def notify(): Unit
- Definition Classes
- AnyRef
- Annotations
- @native()
- final def notifyAll(): Unit
- Definition Classes
- AnyRef
- Annotations
- @native()
- def productElementNames: Iterator[String]
- Definition Classes
- Product
- val secretIdBoundCidrs: List[String]
- val secretIdNumUses: Int
- val secretIdTtl: Duration
- final def synchronized[T0](arg0: => T0): T0
- Definition Classes
- AnyRef
- val tokenBoundCidrs: List[String]
- val tokenExplicitMaxTtl: Duration
- val tokenMaxTtl: Duration
- val tokenNoDefaultPolicy: Boolean
- val tokenNumUses: Int
- val tokenPeriod: Duration
- val tokenPolicies: List[String]
- val tokenTtl: Duration
- val tokenType: TokenType
- final def wait(): Unit
- Definition Classes
- AnyRef
- Annotations
- @throws(classOf[java.lang.InterruptedException])
- final def wait(arg0: Long, arg1: Int): Unit
- Definition Classes
- AnyRef
- Annotations
- @throws(classOf[java.lang.InterruptedException])
- final def wait(arg0: Long): Unit
- Definition Classes
- AnyRef
- Annotations
- @throws(classOf[java.lang.InterruptedException]) @native()
Deprecated Value Members
- def →[B](y: B): (Role, B)
- Implicit
- This member is added by an implicit conversion from Role toArrowAssoc[Role] performed by method ArrowAssoc in scala.Predef.
- Definition Classes
- ArrowAssoc
- Annotations
- @deprecated
- Deprecated
(Since version 2.13.0) Use
->
instead. If you still wish to display it as one character, consider using a font with programming ligatures such as Fira Code.