Module io.helidon.integrations.vault.auths.approle
Package io.helidon.integrations.vault.auths.approle

Class CreateAppRole.Request

    • Method Detail

      • roleName

        public CreateAppRole.Request roleName​(String name)
        Name of the AppRole.
        Parameters:
        name - AppRole name
        Returns:
        updated request

      • bindSecretId

        public CreateAppRole.Request bindSecretId​(boolean bindSecretId)
        Require secret_id to be presented when logging in using this AppRole.
        Parameters:
        bindSecretId - whether to bind secret id
        Returns:
        updated request

      • addSecretIdBoundCidr

        public CreateAppRole.Request addSecretIdBoundCidr​(String cidr)
        CIDR blocks; if set, specifies blocks of IP addresses which can perform the login operation.
        Parameters:
        cidr - CIDR block
        Returns:
        updated request

      • secretIdNumUses

        public CreateAppRole.Request secretIdNumUses​(int numberOfUses)
        Number of times any particular SecretID can be used to fetch a token from this AppRole, after which the SecretID will expire. A value of zero will allow unlimited uses.
        Parameters:
        numberOfUses - number of uses
        Returns:
        updated request

      • secretIdTtl

        public CreateAppRole.Request secretIdTtl​(Duration ttl)
        Duration after which the secret id expires.
        Parameters:
        ttl - time to live
        Returns:
        updated request

      • addTokenPolicy

        public CreateAppRole.Request addTokenPolicy​(String policy)
        Token policy to encode onto generated tokens.
        Parameters:
        policy - policy name
        Returns:
        updated request

      • addTokenBoundCidr

        public CreateAppRole.Request addTokenBoundCidr​(String cidr)
        Token bound CIDR blocks. If set, specifies blocks of IP addresses which can authenticate successfully, and ties the resulting token to these blocks as well.
        Parameters:
        cidr - CIDR block
        Returns:
        updated request

      • tokenExplicitMaxTtl

        public CreateAppRole.Request tokenExplicitMaxTtl​(Duration duration)
        If set, will encode an explicit max TTL onto the token. This is a hard cap even if token_ttl and token_max_ttl would otherwise allow a renewal.
        Parameters:
        duration - time to live
        Returns:
        updated request

      • tokenNoDefaultPolicy

        public CreateAppRole.Request tokenNoDefaultPolicy​(boolean noDefaultPolicy)
        If set, the default policy will not be set on generated tokens; otherwise it will be added to the policies set in token_policies.
        Parameters:
        noDefaultPolicy - whether to disable default policy
        Returns:
        updated request

      • tokenNumUses

        public CreateAppRole.Request tokenNumUses​(int numUses)
        The maximum number of times a generated token may be used (within its lifetime); 0 means unlimited. If you require the token to have the ability to create child tokens, you will need to set this value to 0.
        Parameters:
        numUses - number of uses
        Returns:
        updated request

      • tokenPeriod

        public CreateAppRole.Request tokenPeriod​(int period)
        Period to use on the token. See Period
        Parameters:
        period - period to use
        Returns:
        updated request

      • tokenType

        public CreateAppRole.Request tokenType​(String tokenType)
        The type of token that should be generated. Can be service, batch, or default to use the mount's tuned default (which unless changed will be service tokens). For token store roles, there are two additional possibilities: default-service and default-batch which specify the type to return unless the client requests a different type at generation time.
        Parameters:
        tokenType - token type to use
        Returns:
        updated request