Docs Home Pulumi IaC Pulumi ESC Pulumi Insights Pulumi Cloud Packages Tutorials
  1. Packages
  2. HashiCorp Vault Provider
  3. API Docs
  4. getNomadAccessToken
HashiCorp Vault v6.6.0 published on Thursday, Mar 13, 2025 by Pulumi
pulumi/pulumi-vault

vault.getNomadAccessToken

Explore with Pulumi AI

HashiCorp Vault v6.6.0 published on Thursday, Mar 13, 2025 by Pulumi
pulumi/pulumi-vault

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as vault from "@pulumi/vault";

const config = new vault.NomadSecretBackend("config", {
    backend: "nomad",
    description: "test description",
    defaultLeaseTtlSeconds: 3600,
    maxLeaseTtlSeconds: 7200,
    address: "https://127.0.0.1:4646",
    token: "ae20ceaa-...",
});
const test = new vault.NomadSecretRole("test", {
    backend: config.backend,
    role: "test",
    type: "client",
    policies: ["readonly"],
});
const token = pulumi.all([config.backend, test.role]).apply(([backend, role]) => vault.getNomadAccessTokenOutput({
    backend: backend,
    role: role,
}));
Copy
import pulumi
import pulumi_vault as vault

config = vault.NomadSecretBackend("config",
    backend="nomad",
    description="test description",
    default_lease_ttl_seconds=3600,
    max_lease_ttl_seconds=7200,
    address="https://127.0.0.1:4646",
    token="ae20ceaa-...")
test = vault.NomadSecretRole("test",
    backend=config.backend,
    role="test",
    type="client",
    policies=["readonly"])
token = pulumi.Output.all(
    backend=config.backend,
    role=test.role
).apply(lambda resolved_outputs: vault.get_nomad_access_token_output(backend=resolved_outputs['backend'],
    role=resolved_outputs['role']))
Copy
package main

import (
	"github.com/pulumi/pulumi-vault/sdk/v6/go/vault"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		config, err := vault.NewNomadSecretBackend(ctx, "config", &vault.NomadSecretBackendArgs{
			Backend:                pulumi.String("nomad"),
			Description:            pulumi.String("test description"),
			DefaultLeaseTtlSeconds: pulumi.Int(3600),
			MaxLeaseTtlSeconds:     pulumi.Int(7200),
			Address:                pulumi.String("https://127.0.0.1:4646"),
			Token:                  pulumi.String("ae20ceaa-..."),
		})
		if err != nil {
			return err
		}
		test, err := vault.NewNomadSecretRole(ctx, "test", &vault.NomadSecretRoleArgs{
			Backend: config.Backend,
			Role:    pulumi.String("test"),
			Type:    pulumi.String("client"),
			Policies: pulumi.StringArray{
				pulumi.String("readonly"),
			},
		})
		if err != nil {
			return err
		}
		_ = pulumi.All(config.Backend, test.Role).ApplyT(func(_args []interface{}) (vault.GetNomadAccessTokenResult, error) {
			backend := _args[0].(*string)
			role := _args[1].(string)
			return vault.GetNomadAccessTokenResult(interface{}(vault.GetNomadAccessTokenOutput(ctx, vault.GetNomadAccessTokenOutputArgs{
				Backend: backend,
				Role:    role,
			}, nil))), nil
		}).(vault.GetNomadAccessTokenResultOutput)
		return nil
	})
}
Copy
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Vault = Pulumi.Vault;

return await Deployment.RunAsync(() => 
{
    var config = new Vault.NomadSecretBackend("config", new()
    {
        Backend = "nomad",
        Description = "test description",
        DefaultLeaseTtlSeconds = 3600,
        MaxLeaseTtlSeconds = 7200,
        Address = "https://127.0.0.1:4646",
        Token = "ae20ceaa-...",
    });

    var test = new Vault.NomadSecretRole("test", new()
    {
        Backend = config.Backend,
        Role = "test",
        Type = "client",
        Policies = new[]
        {
            "readonly",
        },
    });

    var token = Vault.GetNomadAccessToken.Invoke(new()
    {
        Backend = config.Backend,
        Role = test.Role,
    });

});
Copy
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.vault.NomadSecretBackend;
import com.pulumi.vault.NomadSecretBackendArgs;
import com.pulumi.vault.NomadSecretRole;
import com.pulumi.vault.NomadSecretRoleArgs;
import com.pulumi.vault.VaultFunctions;
import com.pulumi.vault.inputs.GetNomadAccessTokenArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var config = new NomadSecretBackend("config", NomadSecretBackendArgs.builder()
            .backend("nomad")
            .description("test description")
            .defaultLeaseTtlSeconds("3600")
            .maxLeaseTtlSeconds("7200")
            .address("https://127.0.0.1:4646")
            .token("ae20ceaa-...")
            .build());

        var test = new NomadSecretRole("test", NomadSecretRoleArgs.builder()
            .backend(config.backend())
            .role("test")
            .type("client")
            .policies("readonly")
            .build());

        final var token = VaultFunctions.getNomadAccessToken(GetNomadAccessTokenArgs.builder()
            .backend(config.backend())
            .role(test.role())
            .build());

    }
}
Copy
resources:
  config:
    type: vault:NomadSecretBackend
    properties:
      backend: nomad
      description: test description
      defaultLeaseTtlSeconds: '3600'
      maxLeaseTtlSeconds: '7200'
      address: https://127.0.0.1:4646
      token: ae20ceaa-...
  test:
    type: vault:NomadSecretRole
    properties:
      backend: ${config.backend}
      role: test
      type: client
      policies:
        - readonly
variables:
  token:
    fn::invoke:
      function: vault:getNomadAccessToken
      arguments:
        backend: ${config.backend}
        role: ${test.role}
Copy

Using getNomadAccessToken

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getNomadAccessToken(args: GetNomadAccessTokenArgs, opts?: InvokeOptions): Promise<GetNomadAccessTokenResult>
function getNomadAccessTokenOutput(args: GetNomadAccessTokenOutputArgs, opts?: InvokeOptions): Output<GetNomadAccessTokenResult>
Copy
def get_nomad_access_token(backend: Optional[str] = None,
                           namespace: Optional[str] = None,
                           role: Optional[str] = None,
                           opts: Optional[InvokeOptions] = None) -> GetNomadAccessTokenResult
def get_nomad_access_token_output(backend: Optional[pulumi.Input[str]] = None,
                           namespace: Optional[pulumi.Input[str]] = None,
                           role: Optional[pulumi.Input[str]] = None,
                           opts: Optional[InvokeOptions] = None) -> Output[GetNomadAccessTokenResult]
Copy
func GetNomadAccessToken(ctx *Context, args *GetNomadAccessTokenArgs, opts ...InvokeOption) (*GetNomadAccessTokenResult, error)
func GetNomadAccessTokenOutput(ctx *Context, args *GetNomadAccessTokenOutputArgs, opts ...InvokeOption) GetNomadAccessTokenResultOutput
Copy

> Note: This function is named GetNomadAccessToken in the Go SDK.

public static class GetNomadAccessToken 
{
    public static Task<GetNomadAccessTokenResult> InvokeAsync(GetNomadAccessTokenArgs args, InvokeOptions? opts = null)
    public static Output<GetNomadAccessTokenResult> Invoke(GetNomadAccessTokenInvokeArgs args, InvokeOptions? opts = null)
}
Copy
public static CompletableFuture<GetNomadAccessTokenResult> getNomadAccessToken(GetNomadAccessTokenArgs args, InvokeOptions options)
public static Output<GetNomadAccessTokenResult> getNomadAccessToken(GetNomadAccessTokenArgs args, InvokeOptions options)
Copy
fn::invoke:
  function: vault:index/getNomadAccessToken:getNomadAccessToken
  arguments:
    # arguments dictionary
Copy

The following arguments are supported:

Backend This property is required. string
The path to the Nomad secret backend to read credentials from, with no leading or trailing /s.
Role
This property is required.
Changes to this property will trigger replacement.
string
The name of the Nomad secret backend role to generate a token for, with no leading or trailing /s.
Namespace Changes to this property will trigger replacement. string
The namespace of the target resource. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.
Backend This property is required. string
The path to the Nomad secret backend to read credentials from, with no leading or trailing /s.
Role
This property is required.
Changes to this property will trigger replacement.
string
The name of the Nomad secret backend role to generate a token for, with no leading or trailing /s.
Namespace Changes to this property will trigger replacement. string
The namespace of the target resource. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.
backend This property is required. String
The path to the Nomad secret backend to read credentials from, with no leading or trailing /s.
role
This property is required.
Changes to this property will trigger replacement.
String
The name of the Nomad secret backend role to generate a token for, with no leading or trailing /s.
namespace Changes to this property will trigger replacement. String
The namespace of the target resource. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.
backend This property is required. string
The path to the Nomad secret backend to read credentials from, with no leading or trailing /s.
role
This property is required.
Changes to this property will trigger replacement.
string
The name of the Nomad secret backend role to generate a token for, with no leading or trailing /s.
namespace Changes to this property will trigger replacement. string
The namespace of the target resource. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.
backend This property is required. str
The path to the Nomad secret backend to read credentials from, with no leading or trailing /s.
role
This property is required.
Changes to this property will trigger replacement.
str
The name of the Nomad secret backend role to generate a token for, with no leading or trailing /s.
namespace Changes to this property will trigger replacement. str
The namespace of the target resource. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.
backend This property is required. String
The path to the Nomad secret backend to read credentials from, with no leading or trailing /s.
role
This property is required.
Changes to this property will trigger replacement.
String
The name of the Nomad secret backend role to generate a token for, with no leading or trailing /s.
namespace Changes to this property will trigger replacement. String
The namespace of the target resource. The value should not contain leading or trailing forward slashes. The namespace is always relative to the provider's configured namespace. Available only for Vault Enterprise.

getNomadAccessToken Result

The following output properties are available:

AccessorId string
The public identifier for a specific token. It can be used to look up information about a token or to revoke a token.
Backend string
Id string
The provider-assigned unique ID for this managed resource.
Role string
SecretId string
The token to be used when making requests to Nomad and should be kept private.
Namespace string
AccessorId string
The public identifier for a specific token. It can be used to look up information about a token or to revoke a token.
Backend string
Id string
The provider-assigned unique ID for this managed resource.
Role string
SecretId string
The token to be used when making requests to Nomad and should be kept private.
Namespace string
accessorId String
The public identifier for a specific token. It can be used to look up information about a token or to revoke a token.
backend String
id String
The provider-assigned unique ID for this managed resource.
role String
secretId String
The token to be used when making requests to Nomad and should be kept private.
namespace String
accessorId string
The public identifier for a specific token. It can be used to look up information about a token or to revoke a token.
backend string
id string
The provider-assigned unique ID for this managed resource.
role string
secretId string
The token to be used when making requests to Nomad and should be kept private.
namespace string
accessor_id str
The public identifier for a specific token. It can be used to look up information about a token or to revoke a token.
backend str
id str
The provider-assigned unique ID for this managed resource.
role str
secret_id str
The token to be used when making requests to Nomad and should be kept private.
namespace str
accessorId String
The public identifier for a specific token. It can be used to look up information about a token or to revoke a token.
backend String
id String
The provider-assigned unique ID for this managed resource.
role String
secretId String
The token to be used when making requests to Nomad and should be kept private.
namespace String

Package Details

Repository
Vault pulumi/pulumi-vault
License
Apache-2.0
Notes
This Pulumi package is based on the vault Terraform Provider.
HashiCorp Vault v6.6.0 published on Thursday, Mar 13, 2025 by Pulumi
pulumi/pulumi-vault