1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
|
# OpenbaoClient::KubernetesWriteAuthRoleRequest
## Properties
| Name | Type | Description | Notes |
| ---- | ---- | ----------- | ----- |
| **alias_name_source** | **String** | Source to use when deriving the Alias name. valid choices: \"serviceaccount_uid\" : <token.uid> e.g. 474b11b5-0f20-4f9d-8ca5-65715ab325e0 (most secure choice) \"serviceaccount_name\" : <namespace>/<serviceaccount> e.g. vault/vault-agent default: \"serviceaccount_uid\" | [optional][default to 'serviceaccount_uid'] |
| **audience** | **String** | Optional Audience claim to verify in the jwt. | [optional] |
| **bound_cidrs** | **Array<String>** | Use \"token_bound_cidrs\" instead. If this and \"token_bound_cidrs\" are both specified, only \"token_bound_cidrs\" will be used. | [optional] |
| **bound_service_account_names** | **Array<String>** | List of service account names able to access this role. If set to \"*\" all names are allowed. | [optional] |
| **bound_service_account_namespace_selector** | **String** | A label selector for Kubernetes namespaces which are allowed to access this role. Accepts either a JSON or YAML object. If set with bound_service_account_namespaces, the conditions are ORed. | [optional] |
| **bound_service_account_namespaces** | **Array<String>** | List of namespaces allowed to access this role. If set to \"*\" all namespaces are allowed. | [optional] |
| **max_ttl** | **Integer** | Use \"token_max_ttl\" instead. If this and \"token_max_ttl\" are both specified, only \"token_max_ttl\" will be used. | [optional] |
| **num_uses** | **Integer** | Use \"token_num_uses\" instead. If this and \"token_num_uses\" are both specified, only \"token_num_uses\" will be used. | [optional] |
| **period** | **Integer** | Use \"token_period\" instead. If this and \"token_period\" are both specified, only \"token_period\" will be used. | [optional] |
| **policies** | **Array<String>** | Use \"token_policies\" instead. If this and \"token_policies\" are both specified, only \"token_policies\" will be used. | [optional] |
| **token_bound_cidrs** | **Array<String>** | Comma separated string or JSON list of CIDR blocks. If set, specifies the blocks of IP addresses which are allowed to use the generated token. | [optional] |
| **token_explicit_max_ttl** | **Integer** | If set, tokens created via this role carry an explicit maximum TTL. During renewal, the current maximum TTL values of the role and the mount are not checked for changes, and any updates to these values will have no effect on the token being renewed. | [optional] |
| **token_max_ttl** | **Integer** | The maximum lifetime of the generated token | [optional] |
| **token_no_default_policy** | **Boolean** | If true, the 'default' policy will not automatically be added to generated tokens | [optional] |
| **token_num_uses** | **Integer** | The maximum number of times a token may be used, a value of zero means unlimited | [optional] |
| **token_period** | **Integer** | If set, tokens created via this role will have no max lifetime; instead, their renewal period will be fixed to this value. This takes an integer number of seconds, or a string duration (e.g. \"24h\"). | [optional] |
| **token_policies** | **Array<String>** | Comma-separated list of policies | [optional] |
| **token_strictly_bind_ip** | **Boolean** | If true, CIDRs for the token will be strictly bound to the source IP address of the login request | [optional] |
| **token_ttl** | **Integer** | The initial ttl of the token to generate | [optional] |
| **token_type** | **String** | The type of token to generate, service or batch | [optional][default to 'default-service'] |
| **ttl** | **Integer** | Use \"token_ttl\" instead. If this and \"token_ttl\" are both specified, only \"token_ttl\" will be used. | [optional] |
## Example
```ruby
require 'openbao_client'
instance = OpenbaoClient::KubernetesWriteAuthRoleRequest.new(
alias_name_source: null,
audience: null,
bound_cidrs: null,
bound_service_account_names: null,
bound_service_account_namespace_selector: null,
bound_service_account_namespaces: null,
max_ttl: null,
num_uses: null,
period: null,
policies: null,
token_bound_cidrs: null,
token_explicit_max_ttl: null,
token_max_ttl: null,
token_no_default_policy: null,
token_num_uses: null,
token_period: null,
token_policies: null,
token_strictly_bind_ip: null,
token_ttl: null,
token_type: null,
ttl: null
)
```
|
