VaultAppRole#

pydantic model phalanx.models.vault.VaultAppRole#

Newly-created Vault AppRole for secret access.

Parameters:

data (Any) –

Show JSON schema
{
   "title": "VaultAppRole",
   "description": "Newly-created Vault AppRole for secret access.",
   "type": "object",
   "properties": {
      "role_id": {
         "title": "Role Id",
         "type": "string"
      },
      "policies": {
         "items": {
            "type": "string"
         },
         "title": "Policies",
         "type": "array"
      },
      "token_ttl": {
         "anyOf": [
            {
               "type": "integer"
            },
            {
               "type": "string"
            }
         ],
         "default": 0,
         "description": "Either an integer number of seconds or a duration string. 0 means there is no limit other than Vault defaults.",
         "title": "Token lifetime"
      },
      "token_max_ttl": {
         "anyOf": [
            {
               "type": "integer"
            },
            {
               "type": "string"
            }
         ],
         "default": 0,
         "description": "Maximum token lifetime even after renewal. Either an integer number of seconds or a duration string. 0 means there is no limit other than Vault defaults.",
         "title": "Maximum token lifetime"
      },
      "secret_id": {
         "title": "Secret Id",
         "type": "string"
      },
      "secret_id_accessor": {
         "title": "Secret Id Accessor",
         "type": "string"
      }
   },
   "required": [
      "role_id",
      "policies",
      "secret_id",
      "secret_id_accessor"
   ]
}

Fields:
field policies: list[str] [Required]#

Policies applied to this AppRole.

field role_id: str [Required]#

Unique identifier of the AppRole.

field secret_id: str [Required]#

Authentication credentials for the AppRole.

field secret_id_accessor: str [Required]#

Accessor for the AppRole authentication credentials.

field token_max_ttl: int | str = 0#

Maximum token lifetime even after renewal. Either an integer number of seconds or a duration string. 0 means there is no limit other than Vault defaults.

field token_ttl: int | str = 0#

Either an integer number of seconds or a duration string. 0 means there is no limit other than Vault defaults.

to_kubernetes_secret(name)#

Format the data as a secret for vault-secrets-operator.

Parameters:

name (str) – Name of the secret to create.

Returns:

YAML creating a Kubernetes Secret resource for Vault Secrets Operator, suitable for passing to kubectl apply.

Return type:

str

to_yaml()#

Format the data in YAML.

Return type:

str