Module io.helidon.integrations.vault.auths.token
Package io.helidon.integrations.vault.auths.token

Class CreateToken.Request

    • Method Detail

      • addPolicy

        public CreateToken.Request addPolicy​(String policy)
        Add a policy for the token. Policies must be a subset of the policies belonging to the token making the request, unless root. If not specified, defaults to all the policies of the calling token.
        Parameters:
        policy - policy to add
        Returns:
        updated request

      • addMetadata

        public CreateToken.Request addMetadata​(String key,
                                       String value)
        Request metadata, passed through to the audit devices.
        Parameters:
        key - name
        value - value
        Returns:
        updated request

      • noParent

        public CreateToken.Request noParent​(boolean noParent)
        This argument only has effect if used by a root or sudo caller. When set to true, the token created will not have a parent.
        Parameters:
        noParent - set to true to create an orphan token
        Returns:
        updated request

      • noDefaultPolicy

        public CreateToken.Request noDefaultPolicy​(boolean noDefaultPolicy)
        If configured to true, the default policy will not be contained in this token's policy set.
        Parameters:
        noDefaultPolicy - whether to exclude default policy
        Returns:
        updated request

      • renewable

        public CreateToken.Request renewable​(boolean renewable)
        Set to false to disable the ability of the token to be renewed past its initial TTL. Setting the value to true will allow the token to be renewable up to the system/mount maximum TTL.

        Defaults to true.

        Parameters:
        renewable - whether the token should be renewable
        Returns:
        updated request

      • numUses

        public CreateToken.Request numUses​(int numUses)
        The maximum uses for the given token. This can be used to create a one-time-token or limited use token. The value of 0 has no limit to the number of uses.
        Parameters:
        numUses - number of uses, defaults to 0 - unlimited
        Returns:
        updated request

      • id

        public CreateToken.Request id​(String id)
        The ID of the client token. Can only be specified by a root token. The ID provided may not contain a . character. Otherwise, the token ID is a randomly generated value.

        Note: The ID should not start with the s. prefix.

        Parameters:
        id - id of the client token
        Returns:
        updated request

      • roleName

        public CreateToken.Request roleName​(String roleName)
        The name of the token role.
        Parameters:
        roleName - role name
        Returns:
        updated request

      • displayName

        public CreateToken.Request displayName​(String displayName)
        The display name of the token.
        Parameters:
        displayName - display name
        Returns:
        updated request

      • entityAlias

        public CreateToken.Request entityAlias​(String entityAlias)
        Name of the entity alias to associate with during token creation. Only works in combination with role_name argument and used entity alias must be listed in allowed_entity_aliases. If this has been specified, the entity will not be inherited from the parent.
        Parameters:
        entityAlias - entity alias
        Returns:
        updated request

      • period

        public CreateToken.Request period​(String period)
        If specified, the token will be periodic; it will have no maximum TTL (unless an "explicit-max-ttl" is also set) but every renewal will use the given period. Requires a root token or one with the sudo capability.
        Parameters:
        period - period
        Returns:
        updated request

      • ttl

        public CreateToken.Request ttl​(Duration ttl)
        The TTL period of the token. If not provided, the token is valid for the default lease TTL, or indefinitely if the root policy is used.
        Parameters:
        ttl - duration of the token, smallest unit is seconds
        Returns:
        updated request

      • explicitMaxTtl

        public CreateToken.Request explicitMaxTtl​(Duration explicitMaxTtl)
        If set, the token will have an explicit max TTL set upon it. This maximum token TTL cannot be changed later, and unlike with normal tokens, updates to the system/mount max TTL value will have no effect at renewal time -- the token will never be able to be renewed or used past the value set at issue time.
        Parameters:
        explicitMaxTtl - duration of the max TTL, smallest unit is seconds
        Returns:
        updated request