Module io.helidon.integrations.vault.auths.k8s
Package io.helidon.integrations.vault.auths.k8s

Class CreateRole.Request

java.lang.Object
io.helidon.integrations.common.rest.ApiJsonBuilder<CreateRole.Request>
io.helidon.integrations.common.rest.ApiJsonRequest<CreateRole.Request>
io.helidon.integrations.vault.VaultRequest<CreateRole.Request>
io.helidon.integrations.vault.auths.k8s.CreateRole.Request
All Implemented Interfaces:
ApiRequest<CreateRole.Request>
Enclosing class:
CreateRole
public static class CreateRole.Request extends VaultRequest<CreateRole.Request>
Request object. Can be configured with additional headers, query parameters etc.

  • Method Details

    • builder

      public static CreateRole.Request builder()
      Fluent API builder for configuring a request. The request builder is passed as is, without a build method. The equivalent of a build method is ApiJsonBuilder.toJson(jakarta.json.JsonBuilderFactory) used by the RestApi.
      Returns:
      new request builder

    • addBoundServiceAccountName

      public CreateRole.Request addBoundServiceAccountName(String serviceAccountName)
      Add a service account name able to access this role. If set to "*" all names are allowed, both this and addBoundServiceAccountNamespace(String) can not be "*".
      Parameters:
      serviceAccountName - service account name
      Returns:
      updated request

    • addBoundServiceAccountNamespace

      public CreateRole.Request addBoundServiceAccountNamespace(String serviceAccountNamespace)
      Add a namespace allowed to access this role. If set to "*" all namespaces are allowed, both this and addBoundServiceAccountName(String) can not be set to "*".
      Parameters:
      serviceAccountNamespace - service account namespace
      Returns:
      updated request

    • audience

      public CreateRole.Request audience(String audience)
      Optional Audience claim to verify in the JWT.
      Parameters:
      audience - audience
      Returns:
      updated request

    • tokenTtl

      public CreateRole.Request tokenTtl(int ttl)
      The incremental lifetime for generated tokens. This current value of this will be referenced at renewal time.
      Parameters:
      ttl - time to live
      Returns:
      updated request

    • tokenMaxTtl

      public CreateRole.Request tokenMaxTtl(int ttl)
      The maximum lifetime for generated tokens. This current value of this will be referenced at renewal time.
      Parameters:
      ttl - time to live
      Returns:
      updated request

    • addTokenPolicy

      public CreateRole.Request addTokenPolicy(String policy)
      Add a policy to encode on the generated token.
      Parameters:
      policy - policy to add
      Returns:
      updated request

    • addTokenBoundCidr

      public CreateRole.Request addTokenBoundCidr(String cidr)
      Add CIDR block. f set, specifies blocks of IP addresses which can authenticate successfully, and ties the resulting token to these blocks as well.
      Parameters:
      cidr - CIDR to add
      Returns:
      updated request

    • tokenExplicitMaxTtl

      public CreateRole.Request tokenExplicitMaxTtl(int ttl)
      If set, will encode an explicit max TTL onto the token. This is a hard cap even if token_ttl and token_max_ttl would otherwise allow a renewal.
      Parameters:
      ttl - time to live
      Returns:
      updated request

    • tokenNoDefaultPolicy

      public CreateRole.Request tokenNoDefaultPolicy(boolean noDefaultPolicy)
      If set, the default policy will not be set on generated tokens; otherwise it will be added to the policies set in token_policies.
      Parameters:
      noDefaultPolicy - whether to disable default policy for this role
      Returns:
      updated request

    • tokenNumUses

      public CreateRole.Request tokenNumUses(int numUses)
      The maximum number of times a generated token may be used (within its lifetime); 0 means unlimited. If you require the token to have the ability to create child tokens, you will need to set this value to 0.
      Parameters:
      numUses - number of uses
      Returns:
      updated request

    • tokenPeriod

      public CreateRole.Request tokenPeriod(int period)
      The period, if any, to set on the token.
      Parameters:
      period - period
      Returns:
      updated request

    • tokenType

      public CreateRole.Request tokenType(String type)
      The type of token that should be generated. Can be service, batch, or default to use the mount's tuned default (which unless changed will be service tokens). For token store roles, there are two additional possibilities: default-service and default-batch which specify the type to return unless the client requests a different type at generation time.
      Parameters:
      type - type
      Returns:
      updated request
      See Also:

    • roleName

      public CreateRole.Request roleName(String roleName)
      Name of the role to create.
      Parameters:
      roleName - role name
      Returns:
      updated request

    • roleName

      public String roleName()
      Name of the configured role.
      Returns:
      role name