linode.Token
Explore with Pulumi AI
Provides a Linode Token resource. This can be used to create, modify, and delete Linode API Personal Access Tokens. Personal Access Tokens proxy user credentials for Linode API access. This is necessary for tools, such as Pulumi, to interact with Linode services on a user’s behalf.
It is common for the provider itself to be configured with broadly scoped Personal Access Tokens. Provisioning scripts or tools configured within a Linode Instance should follow the principle of least privilege to afford only the required roles for tools to perform their necessary tasks. The linode.Token
resource allows for the management of Personal Access Tokens with scopes mirroring or narrowing the scope of the parent token.
For more information, see the Linode APIv4 docs.
Example Usage
The following example shows how one might use this resource to configure a token for use in another tool that needs access to Linode resources.
import * as pulumi from "@pulumi/pulumi";
import * as linode from "@pulumi/linode";
const foo = new linode.Token("foo", {
label: "token",
scopes: "linodes:read_only",
expiry: "2100-01-02T03:04:05Z",
});
const fooInstance = new linode.Instance("foo", {});
import pulumi
import pulumi_linode as linode
foo = linode.Token("foo",
label="token",
scopes="linodes:read_only",
expiry="2100-01-02T03:04:05Z")
foo_instance = linode.Instance("foo")
package main
import (
"github.com/pulumi/pulumi-linode/sdk/v4/go/linode"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := linode.NewToken(ctx, "foo", &linode.TokenArgs{
Label: pulumi.String("token"),
Scopes: pulumi.String("linodes:read_only"),
Expiry: pulumi.String("2100-01-02T03:04:05Z"),
})
if err != nil {
return err
}
_, err = linode.NewInstance(ctx, "foo", nil)
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Linode = Pulumi.Linode;
return await Deployment.RunAsync(() =>
{
var foo = new Linode.Token("foo", new()
{
Label = "token",
Scopes = "linodes:read_only",
Expiry = "2100-01-02T03:04:05Z",
});
var fooInstance = new Linode.Instance("foo");
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.linode.Token;
import com.pulumi.linode.TokenArgs;
import com.pulumi.linode.Instance;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var foo = new Token("foo", TokenArgs.builder()
.label("token")
.scopes("linodes:read_only")
.expiry("2100-01-02T03:04:05Z")
.build());
var fooInstance = new Instance("fooInstance");
}
}
resources:
foo:
type: linode:Token
properties:
label: token
scopes: linodes:read_only
expiry: 2100-01-02T03:04:05Z
fooInstance:
type: linode:Instance
name: foo
Create Token Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Token(name: string, args: TokenArgs, opts?: CustomResourceOptions);
@overload
def Token(resource_name: str,
args: TokenArgs,
opts: Optional[ResourceOptions] = None)
@overload
def Token(resource_name: str,
opts: Optional[ResourceOptions] = None,
scopes: Optional[str] = None,
expiry: Optional[str] = None,
label: Optional[str] = None)
func NewToken(ctx *Context, name string, args TokenArgs, opts ...ResourceOption) (*Token, error)
public Token(string name, TokenArgs args, CustomResourceOptions? opts = null)
type: linode:Token
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args TokenArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args TokenArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args TokenArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args TokenArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args TokenArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var tokenResource = new Linode.Token("tokenResource", new()
{
Scopes = "string",
Expiry = "string",
Label = "string",
});
example, err := linode.NewToken(ctx, "tokenResource", &linode.TokenArgs{
Scopes: pulumi.String("string"),
Expiry: pulumi.String("string"),
Label: pulumi.String("string"),
})
var tokenResource = new Token("tokenResource", TokenArgs.builder()
.scopes("string")
.expiry("string")
.label("string")
.build());
token_resource = linode.Token("tokenResource",
scopes="string",
expiry="string",
label="string")
const tokenResource = new linode.Token("tokenResource", {
scopes: "string",
expiry: "string",
label: "string",
});
type: linode:Token
properties:
expiry: string
label: string
scopes: string
Token Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The Token resource accepts the following input properties:
- Scopes string
- The scopes this token was created with. These define what parts of the Account the token can be used to access. Many command-line tools, such as the Linode CLI, require tokens with access to *. Tokens with more restrictive scopes are generally more secure. All scopes can be viewed in the Linode API documentation.
- Expiry string
- When this token will expire. Personal Access Tokens cannot be renewed, so after this time the token will be completely unusable and a new token will need to be generated. Tokens may be created with 'null' as their expiry and will never expire unless revoked.
- Label string
- A label for the Token.
- Scopes string
- The scopes this token was created with. These define what parts of the Account the token can be used to access. Many command-line tools, such as the Linode CLI, require tokens with access to *. Tokens with more restrictive scopes are generally more secure. All scopes can be viewed in the Linode API documentation.
- Expiry string
- When this token will expire. Personal Access Tokens cannot be renewed, so after this time the token will be completely unusable and a new token will need to be generated. Tokens may be created with 'null' as their expiry and will never expire unless revoked.
- Label string
- A label for the Token.
- scopes String
- The scopes this token was created with. These define what parts of the Account the token can be used to access. Many command-line tools, such as the Linode CLI, require tokens with access to *. Tokens with more restrictive scopes are generally more secure. All scopes can be viewed in the Linode API documentation.
- expiry String
- When this token will expire. Personal Access Tokens cannot be renewed, so after this time the token will be completely unusable and a new token will need to be generated. Tokens may be created with 'null' as their expiry and will never expire unless revoked.
- label String
- A label for the Token.
- scopes string
- The scopes this token was created with. These define what parts of the Account the token can be used to access. Many command-line tools, such as the Linode CLI, require tokens with access to *. Tokens with more restrictive scopes are generally more secure. All scopes can be viewed in the Linode API documentation.
- expiry string
- When this token will expire. Personal Access Tokens cannot be renewed, so after this time the token will be completely unusable and a new token will need to be generated. Tokens may be created with 'null' as their expiry and will never expire unless revoked.
- label string
- A label for the Token.
- scopes str
- The scopes this token was created with. These define what parts of the Account the token can be used to access. Many command-line tools, such as the Linode CLI, require tokens with access to *. Tokens with more restrictive scopes are generally more secure. All scopes can be viewed in the Linode API documentation.
- expiry str
- When this token will expire. Personal Access Tokens cannot be renewed, so after this time the token will be completely unusable and a new token will need to be generated. Tokens may be created with 'null' as their expiry and will never expire unless revoked.
- label str
- A label for the Token.
- scopes String
- The scopes this token was created with. These define what parts of the Account the token can be used to access. Many command-line tools, such as the Linode CLI, require tokens with access to *. Tokens with more restrictive scopes are generally more secure. All scopes can be viewed in the Linode API documentation.
- expiry String
- When this token will expire. Personal Access Tokens cannot be renewed, so after this time the token will be completely unusable and a new token will need to be generated. Tokens may be created with 'null' as their expiry and will never expire unless revoked.
- label String
- A label for the Token.
Outputs
All input properties are implicitly available as output properties. Additionally, the Token resource produces the following output properties:
Look up Existing Token Resource
Get an existing Token resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: TokenState, opts?: CustomResourceOptions): Token
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
created: Optional[str] = None,
expiry: Optional[str] = None,
label: Optional[str] = None,
scopes: Optional[str] = None,
token: Optional[str] = None) -> Token
func GetToken(ctx *Context, name string, id IDInput, state *TokenState, opts ...ResourceOption) (*Token, error)
public static Token Get(string name, Input<string> id, TokenState? state, CustomResourceOptions? opts = null)
public static Token get(String name, Output<String> id, TokenState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Api
Token string - The token used to access the API.
- Created string
- The date this Token was created.
- Expiry string
- When this token will expire. Personal Access Tokens cannot be renewed, so after this time the token will be completely unusable and a new token will need to be generated. Tokens may be created with 'null' as their expiry and will never expire unless revoked.
- Label string
- A label for the Token.
- Scopes string
- The scopes this token was created with. These define what parts of the Account the token can be used to access. Many command-line tools, such as the Linode CLI, require tokens with access to *. Tokens with more restrictive scopes are generally more secure. All scopes can be viewed in the Linode API documentation.
- Created string
- The date this Token was created.
- Expiry string
- When this token will expire. Personal Access Tokens cannot be renewed, so after this time the token will be completely unusable and a new token will need to be generated. Tokens may be created with 'null' as their expiry and will never expire unless revoked.
- Label string
- A label for the Token.
- Scopes string
- The scopes this token was created with. These define what parts of the Account the token can be used to access. Many command-line tools, such as the Linode CLI, require tokens with access to *. Tokens with more restrictive scopes are generally more secure. All scopes can be viewed in the Linode API documentation.
- Token string
- The token used to access the API.
- created String
- The date this Token was created.
- expiry String
- When this token will expire. Personal Access Tokens cannot be renewed, so after this time the token will be completely unusable and a new token will need to be generated. Tokens may be created with 'null' as their expiry and will never expire unless revoked.
- label String
- A label for the Token.
- scopes String
- The scopes this token was created with. These define what parts of the Account the token can be used to access. Many command-line tools, such as the Linode CLI, require tokens with access to *. Tokens with more restrictive scopes are generally more secure. All scopes can be viewed in the Linode API documentation.
- token String
- The token used to access the API.
- created string
- The date this Token was created.
- expiry string
- When this token will expire. Personal Access Tokens cannot be renewed, so after this time the token will be completely unusable and a new token will need to be generated. Tokens may be created with 'null' as their expiry and will never expire unless revoked.
- label string
- A label for the Token.
- scopes string
- The scopes this token was created with. These define what parts of the Account the token can be used to access. Many command-line tools, such as the Linode CLI, require tokens with access to *. Tokens with more restrictive scopes are generally more secure. All scopes can be viewed in the Linode API documentation.
- token string
- The token used to access the API.
- created str
- The date this Token was created.
- expiry str
- When this token will expire. Personal Access Tokens cannot be renewed, so after this time the token will be completely unusable and a new token will need to be generated. Tokens may be created with 'null' as their expiry and will never expire unless revoked.
- label str
- A label for the Token.
- scopes str
- The scopes this token was created with. These define what parts of the Account the token can be used to access. Many command-line tools, such as the Linode CLI, require tokens with access to *. Tokens with more restrictive scopes are generally more secure. All scopes can be viewed in the Linode API documentation.
- token str
- The token used to access the API.
- created String
- The date this Token was created.
- expiry String
- When this token will expire. Personal Access Tokens cannot be renewed, so after this time the token will be completely unusable and a new token will need to be generated. Tokens may be created with 'null' as their expiry and will never expire unless revoked.
- label String
- A label for the Token.
- scopes String
- The scopes this token was created with. These define what parts of the Account the token can be used to access. Many command-line tools, such as the Linode CLI, require tokens with access to *. Tokens with more restrictive scopes are generally more secure. All scopes can be viewed in the Linode API documentation.
- token String
- The token used to access the API.
Import
Linodes Tokens can be imported using the Linode Token id
, e.g. The secret token will not be imported.
$ pulumi import linode:index/token:Token mytoken 1234567
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Linode pulumi/pulumi-linode
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
linode
Terraform Provider.