vaultSecretsIntegrationAws.python.md

vaultSecretsIntegrationAws Submodule

Constructs

VaultSecretsIntegrationAws

Represents a {@link https://registry.terraform.io/providers/hashicorp/hcp/0.101.0/docs/resources/vault_secrets_integration_aws hcp_vault_secrets_integration_aws}.

Initializers

from cdktf_cdktf_provider_hcp import vault_secrets_integration_aws

vaultSecretsIntegrationAws.VaultSecretsIntegrationAws(
  scope: Construct,
  id: str,
  connection: typing.Union[SSHProvisionerConnection, WinrmProvisionerConnection] = None,
  count: typing.Union[typing.Union[int, float], TerraformCount] = None,
  depends_on: typing.List[ITerraformDependable] = None,
  for_each: ITerraformIterator = None,
  lifecycle: TerraformResourceLifecycle = None,
  provider: TerraformProvider = None,
  provisioners: typing.List[typing.Union[FileProvisioner, LocalExecProvisioner, RemoteExecProvisioner]] = None,
  capabilities: typing.List[str],
  name: str,
  access_keys: VaultSecretsIntegrationAwsAccessKeysA = None,
  federated_workload_identity: VaultSecretsIntegrationAwsFederatedWorkloadIdentityA = None,
  project_id: str = None
)

Name	Type	Description
scope	constructs.Construct	The scope in which to define this construct.
id	str	The scoped construct ID.
connection	typing.Union[cdktf.SSHProvisionerConnection, cdktf.WinrmProvisionerConnection]	No description.
count	typing.Union[typing.Union[int, float], cdktf.TerraformCount]	No description.
depends_on	typing.List[cdktf.ITerraformDependable]	No description.
for_each	cdktf.ITerraformIterator	No description.
lifecycle	cdktf.TerraformResourceLifecycle	No description.
provider	cdktf.TerraformProvider	No description.
provisioners	typing.List[typing.Union[cdktf.FileProvisioner, cdktf.LocalExecProvisioner, cdktf.RemoteExecProvisioner]]	No description.
capabilities	typing.List[str]	Capabilities enabled for the integration. See the Vault Secrets documentation for the list of supported capabilities per provider.
name	str	The Vault Secrets integration name.
access_keys	VaultSecretsIntegrationAwsAccessKeysA	AWS IAM key pair used to authenticate against the target AWS account. Cannot be used with federated_workload_identity.
federated_workload_identity	VaultSecretsIntegrationAwsFederatedWorkloadIdentityA	(Recommended) Federated identity configuration to authenticate against the target AWS account. Cannot be used with access_keys.
project_id	str	HCP project ID that owns the HCP Vault Secrets integration. Inferred from the provider configuration if omitted.

---

scope^Required

• Type: constructs.Construct

The scope in which to define this construct.

---

id^Required

• Type: str

The scoped construct ID.

Must be unique amongst siblings in the same scope

---

connection^Optional

• Type: typing.Union[cdktf.SSHProvisionerConnection, cdktf.WinrmProvisionerConnection]

---

count^Optional

• Type: typing.Union[typing.Union[int, float], cdktf.TerraformCount]

---

depends_on^Optional

• Type: typing.List[cdktf.ITerraformDependable]

---

for_each^Optional

• Type: cdktf.ITerraformIterator

---

lifecycle^Optional

• Type: cdktf.TerraformResourceLifecycle

---

provider^Optional

• Type: cdktf.TerraformProvider

---

provisioners^Optional

• Type: typing.List[typing.Union[cdktf.FileProvisioner, cdktf.LocalExecProvisioner, cdktf.RemoteExecProvisioner]]

---

capabilities^Required

• Type: typing.List[str]

Capabilities enabled for the integration. See the Vault Secrets documentation for the list of supported capabilities per provider.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/hcp/0.101.0/docs/resources/vault_secrets_integration_aws#capabilities VaultSecretsIntegrationAws#capabilities}

---

name^Required

• Type: str

The Vault Secrets integration name.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/hcp/0.101.0/docs/resources/vault_secrets_integration_aws#name VaultSecretsIntegrationAws#name}

---

access_keys^Optional

• Type: VaultSecretsIntegrationAwsAccessKeysA

AWS IAM key pair used to authenticate against the target AWS account. Cannot be used with federated_workload_identity.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/hcp/0.101.0/docs/resources/vault_secrets_integration_aws#access_keys VaultSecretsIntegrationAws#access_keys}

---

federated_workload_identity^Optional

• Type: VaultSecretsIntegrationAwsFederatedWorkloadIdentityA

(Recommended) Federated identity configuration to authenticate against the target AWS account. Cannot be used with access_keys.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/hcp/0.101.0/docs/resources/vault_secrets_integration_aws#federated_workload_identity VaultSecretsIntegrationAws#federated_workload_identity}

---

project_id^Optional

• Type: str

HCP project ID that owns the HCP Vault Secrets integration. Inferred from the provider configuration if omitted.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/hcp/0.101.0/docs/resources/vault_secrets_integration_aws#project_id VaultSecretsIntegrationAws#project_id}

---

Methods

Name	Description
to_string	Returns a string representation of this construct.
add_override	No description.
override_logical_id	Overrides the auto-generated logical ID with a specific ID.
reset_override_logical_id	Resets a previously passed logical Id to use the auto-generated logical id again.
to_hcl_terraform	No description.
to_metadata	No description.
to_terraform	Adds this resource to the terraform JSON output.
add_move_target	Adds a user defined moveTarget string to this resource to be later used in .moveTo(moveTarget) to resolve the location of the move.
get_any_map_attribute	No description.
get_boolean_attribute	No description.
get_boolean_map_attribute	No description.
get_list_attribute	No description.
get_number_attribute	No description.
get_number_list_attribute	No description.
get_number_map_attribute	No description.
get_string_attribute	No description.
get_string_map_attribute	No description.
has_resource_move	No description.
import_from	No description.
interpolation_for_attribute	No description.
move_from_id	Move the resource corresponding to "id" to this resource.
move_to	Moves this resource to the target resource given by moveTarget.
move_to_id	Moves this resource to the resource corresponding to "id".
put_access_keys	No description.
put_federated_workload_identity	No description.
reset_access_keys	No description.
reset_federated_workload_identity	No description.
reset_project_id	No description.

---

to_string

def to_string() -> str

Returns a string representation of this construct.

add_override

def add_override(
  path: str,
  value: typing.Any
) -> None

path^Required

• Type: str

---

value^Required

• Type: typing.Any

---

override_logical_id

def override_logical_id(
  new_logical_id: str
) -> None

Overrides the auto-generated logical ID with a specific ID.

new_logical_id^Required

• Type: str

The new logical ID to use for this stack element.

---

reset_override_logical_id

def reset_override_logical_id() -> None

Resets a previously passed logical Id to use the auto-generated logical id again.

to_hcl_terraform

def to_hcl_terraform() -> typing.Any

to_metadata

def to_metadata() -> typing.Any

to_terraform

def to_terraform() -> typing.Any

Adds this resource to the terraform JSON output.

add_move_target

def add_move_target(
  move_target: str
) -> None

Adds a user defined moveTarget string to this resource to be later used in .moveTo(moveTarget) to resolve the location of the move.

move_target^Required

• Type: str

The string move target that will correspond to this resource.

---

get_any_map_attribute

def get_any_map_attribute(
  terraform_attribute: str
) -> typing.Mapping[typing.Any]

terraform_attribute^Required

• Type: str

---

get_boolean_attribute

def get_boolean_attribute(
  terraform_attribute: str
) -> IResolvable

terraform_attribute^Required

• Type: str

---

get_boolean_map_attribute

def get_boolean_map_attribute(
  terraform_attribute: str
) -> typing.Mapping[bool]

terraform_attribute^Required

• Type: str

---

get_list_attribute

def get_list_attribute(
  terraform_attribute: str
) -> typing.List[str]

terraform_attribute^Required

• Type: str

---

get_number_attribute

def get_number_attribute(
  terraform_attribute: str
) -> typing.Union[int, float]

terraform_attribute^Required

• Type: str

---

get_number_list_attribute

def get_number_list_attribute(
  terraform_attribute: str
) -> typing.List[typing.Union[int, float]]

terraform_attribute^Required

• Type: str

---

get_number_map_attribute

def get_number_map_attribute(
  terraform_attribute: str
) -> typing.Mapping[typing.Union[int, float]]

terraform_attribute^Required

• Type: str

---

get_string_attribute

def get_string_attribute(
  terraform_attribute: str
) -> str

terraform_attribute^Required

• Type: str

---

get_string_map_attribute

def get_string_map_attribute(
  terraform_attribute: str
) -> typing.Mapping[str]

terraform_attribute^Required

• Type: str

---

has_resource_move

def has_resource_move() -> typing.Union[TerraformResourceMoveByTarget, TerraformResourceMoveById]

import_from

def import_from(
  id: str,
  provider: TerraformProvider = None
) -> None

id^Required

• Type: str

---

provider^Optional

• Type: cdktf.TerraformProvider

---

interpolation_for_attribute

def interpolation_for_attribute(
  terraform_attribute: str
) -> IResolvable

terraform_attribute^Required

• Type: str

---

move_from_id

def move_from_id(
  id: str
) -> None

Move the resource corresponding to "id" to this resource.

Note that the resource being moved from must be marked as moved using it's instance function.

id^Required

• Type: str

Full id of resource being moved from, e.g. "aws_s3_bucket.example".

---

move_to

def move_to(
  move_target: str,
  index: typing.Union[str, typing.Union[int, float]] = None
) -> None

Moves this resource to the target resource given by moveTarget.

move_target^Required

• Type: str

The previously set user defined string set by .addMoveTarget() corresponding to the resource to move to.

---

index^Optional

• Type: typing.Union[str, typing.Union[int, float]]

Optional The index corresponding to the key the resource is to appear in the foreach of a resource to move to.

---

move_to_id

def move_to_id(
  id: str
) -> None

Moves this resource to the resource corresponding to "id".

id^Required

• Type: str

Full id of resource to move to, e.g. "aws_s3_bucket.example".

---

put_access_keys

def put_access_keys(
  access_key_id: str,
  secret_access_key: str
) -> None

access_key_id^Required

• Type: str

Key ID used with the secret key to authenticate against the target AWS account.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/hcp/0.101.0/docs/resources/vault_secrets_integration_aws#access_key_id VaultSecretsIntegrationAws#access_key_id}

---

secret_access_key^Required

• Type: str

Secret key used with the key ID to authenticate against the target AWS account.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/hcp/0.101.0/docs/resources/vault_secrets_integration_aws#secret_access_key VaultSecretsIntegrationAws#secret_access_key}

---

put_federated_workload_identity

def put_federated_workload_identity(
  audience: str,
  role_arn: str
) -> None

audience^Required

• Type: str

Audience configured on the AWS IAM identity provider to federate access with HCP.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/hcp/0.101.0/docs/resources/vault_secrets_integration_aws#audience VaultSecretsIntegrationAws#audience}

---

role_arn^Required

• Type: str

AWS IAM role ARN the integration will assume to carry operations for the appropriate capabilities.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/hcp/0.101.0/docs/resources/vault_secrets_integration_aws#role_arn VaultSecretsIntegrationAws#role_arn}

---

reset_access_keys

def reset_access_keys() -> None

reset_federated_workload_identity

def reset_federated_workload_identity() -> None

reset_project_id

def reset_project_id() -> None

Static Functions

Name	Description
is_construct	Checks if x is a construct.
is_terraform_element	No description.
is_terraform_resource	No description.
generate_config_for_import	Generates CDKTF code for importing a VaultSecretsIntegrationAws resource upon running "cdktf plan ".

---

is_construct

from cdktf_cdktf_provider_hcp import vault_secrets_integration_aws

vaultSecretsIntegrationAws.VaultSecretsIntegrationAws.is_construct(
  x: typing.Any
)

Checks if x is a construct.

Use this method instead of instanceof to properly detect Construct instances, even when the construct library is symlinked.

Explanation: in JavaScript, multiple copies of the constructs library on disk are seen as independent, completely different libraries. As a consequence, the class Construct in each copy of the constructs library is seen as a different class, and an instance of one class will not test as instanceof the other class. npm install will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the constructs library can be accidentally installed, and instanceof will behave unpredictably. It is safest to avoid using instanceof, and using this type-testing method instead.

x^Required

• Type: typing.Any

Any object.

---

is_terraform_element

from cdktf_cdktf_provider_hcp import vault_secrets_integration_aws

vaultSecretsIntegrationAws.VaultSecretsIntegrationAws.is_terraform_element(
  x: typing.Any
)

x^Required

• Type: typing.Any

---

is_terraform_resource

from cdktf_cdktf_provider_hcp import vault_secrets_integration_aws

vaultSecretsIntegrationAws.VaultSecretsIntegrationAws.is_terraform_resource(
  x: typing.Any
)

x^Required

• Type: typing.Any

---

generate_config_for_import

from cdktf_cdktf_provider_hcp import vault_secrets_integration_aws

vaultSecretsIntegrationAws.VaultSecretsIntegrationAws.generate_config_for_import(
  scope: Construct,
  import_to_id: str,
  import_from_id: str,
  provider: TerraformProvider = None
)

Generates CDKTF code for importing a VaultSecretsIntegrationAws resource upon running "cdktf plan ".

scope^Required

• Type: constructs.Construct

The scope in which to define this construct.

---

import_to_id^Required

• Type: str

The construct id used in the generated config for the VaultSecretsIntegrationAws to import.

---

import_from_id^Required

• Type: str

The id of the existing VaultSecretsIntegrationAws that should be imported.

Refer to the {@link https://registry.terraform.io/providers/hashicorp/hcp/0.101.0/docs/resources/vault_secrets_integration_aws#import import section} in the documentation of this resource for the id to use

---

provider^Optional

• Type: cdktf.TerraformProvider

? Optional instance of the provider where the VaultSecretsIntegrationAws to import is found.

---

Properties

Name	Type	Description
node	constructs.Node	The tree node.
cdktf_stack	cdktf.TerraformStack	No description.
fqn	str	No description.
friendly_unique_id	str	No description.
terraform_meta_arguments	typing.Mapping[typing.Any]	No description.
terraform_resource_type	str	No description.
terraform_generator_metadata	cdktf.TerraformProviderGeneratorMetadata	No description.
connection	typing.Union[cdktf.SSHProvisionerConnection, cdktf.WinrmProvisionerConnection]	No description.
count	typing.Union[typing.Union[int, float], cdktf.TerraformCount]	No description.
depends_on	typing.List[str]	No description.
for_each	cdktf.ITerraformIterator	No description.
lifecycle	cdktf.TerraformResourceLifecycle	No description.
provider	cdktf.TerraformProvider	No description.
provisioners	typing.List[typing.Union[cdktf.FileProvisioner, cdktf.LocalExecProvisioner, cdktf.RemoteExecProvisioner]]	No description.
access_keys	VaultSecretsIntegrationAwsAccessKeysAOutputReference	No description.
federated_workload_identity	VaultSecretsIntegrationAwsFederatedWorkloadIdentityAOutputReference	No description.
organization_id	str	No description.
resource_id	str	No description.
resource_name	str	No description.
access_keys_input	typing.Union[cdktf.IResolvable, VaultSecretsIntegrationAwsAccessKeysA]	No description.
capabilities_input	typing.List[str]	No description.
federated_workload_identity_input	typing.Union[cdktf.IResolvable, VaultSecretsIntegrationAwsFederatedWorkloadIdentityA]	No description.
name_input	str	No description.
project_id_input	str	No description.
capabilities	typing.List[str]	No description.
name	str	No description.
project_id	str	No description.

---

node^Required

node: Node

• Type: constructs.Node

The tree node.

---

cdktf_stack^Required

cdktf_stack: TerraformStack

• Type: cdktf.TerraformStack

---

fqn^Required

fqn: str

• Type: str

---

friendly_unique_id^Required

friendly_unique_id: str

• Type: str

---

terraform_meta_arguments^Required

terraform_meta_arguments: typing.Mapping[typing.Any]

• Type: typing.Mapping[typing.Any]

---

terraform_resource_type^Required

terraform_resource_type: str

• Type: str

---

terraform_generator_metadata^Optional

terraform_generator_metadata: TerraformProviderGeneratorMetadata

• Type: cdktf.TerraformProviderGeneratorMetadata

---

connection^Optional

connection: typing.Union[SSHProvisionerConnection, WinrmProvisionerConnection]

• Type: typing.Union[cdktf.SSHProvisionerConnection, cdktf.WinrmProvisionerConnection]

---

count^Optional

count: typing.Union[typing.Union[int, float], TerraformCount]

• Type: typing.Union[typing.Union[int, float], cdktf.TerraformCount]

---

depends_on^Optional

depends_on: typing.List[str]

• Type: typing.List[str]

---

for_each^Optional

for_each: ITerraformIterator

• Type: cdktf.ITerraformIterator

---

lifecycle^Optional

lifecycle: TerraformResourceLifecycle

• Type: cdktf.TerraformResourceLifecycle

---

provider^Optional

provider: TerraformProvider

• Type: cdktf.TerraformProvider

---

provisioners^Optional

provisioners: typing.List[typing.Union[FileProvisioner, LocalExecProvisioner, RemoteExecProvisioner]]

• Type: typing.List[typing.Union[cdktf.FileProvisioner, cdktf.LocalExecProvisioner, cdktf.RemoteExecProvisioner]]

---

access_keys^Required

access_keys: VaultSecretsIntegrationAwsAccessKeysAOutputReference

• Type: VaultSecretsIntegrationAwsAccessKeysAOutputReference

---

federated_workload_identity^Required

federated_workload_identity: VaultSecretsIntegrationAwsFederatedWorkloadIdentityAOutputReference

• Type: VaultSecretsIntegrationAwsFederatedWorkloadIdentityAOutputReference

---

organization_id^Required

organization_id: str

• Type: str

---

resource_id^Required

resource_id: str

• Type: str

---

resource_name^Required

resource_name: str

• Type: str

---

access_keys_input^Optional

access_keys_input: typing.Union[IResolvable, VaultSecretsIntegrationAwsAccessKeysA]

• Type: typing.Union[cdktf.IResolvable, VaultSecretsIntegrationAwsAccessKeysA]

---

capabilities_input^Optional

capabilities_input: typing.List[str]

• Type: typing.List[str]

---

federated_workload_identity_input^Optional

federated_workload_identity_input: typing.Union[IResolvable, VaultSecretsIntegrationAwsFederatedWorkloadIdentityA]

• Type: typing.Union[cdktf.IResolvable, VaultSecretsIntegrationAwsFederatedWorkloadIdentityA]

---

name_input^Optional

name_input: str

• Type: str

---

project_id_input^Optional

project_id_input: str

• Type: str

---

capabilities^Required

capabilities: typing.List[str]

• Type: typing.List[str]

---

name^Required

name: str

• Type: str

---

project_id^Required

project_id: str

• Type: str

---

Constants

Name	Type	Description
tfResourceType	str	No description.

---

tfResourceType^Required

tfResourceType: str

• Type: str

---

Structs

VaultSecretsIntegrationAwsAccessKeysA

Initializer

from cdktf_cdktf_provider_hcp import vault_secrets_integration_aws

vaultSecretsIntegrationAws.VaultSecretsIntegrationAwsAccessKeysA(
  access_key_id: str,
  secret_access_key: str
)

Properties

Name	Type	Description
access_key_id	str	Key ID used with the secret key to authenticate against the target AWS account.
secret_access_key	str	Secret key used with the key ID to authenticate against the target AWS account.

---

access_key_id^Required

access_key_id: str

• Type: str

Key ID used with the secret key to authenticate against the target AWS account.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/hcp/0.101.0/docs/resources/vault_secrets_integration_aws#access_key_id VaultSecretsIntegrationAws#access_key_id}

---

secret_access_key^Required

secret_access_key: str

• Type: str

Secret key used with the key ID to authenticate against the target AWS account.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/hcp/0.101.0/docs/resources/vault_secrets_integration_aws#secret_access_key VaultSecretsIntegrationAws#secret_access_key}

---

VaultSecretsIntegrationAwsConfig

Initializer

from cdktf_cdktf_provider_hcp import vault_secrets_integration_aws

vaultSecretsIntegrationAws.VaultSecretsIntegrationAwsConfig(
  connection: typing.Union[SSHProvisionerConnection, WinrmProvisionerConnection] = None,
  count: typing.Union[typing.Union[int, float], TerraformCount] = None,
  depends_on: typing.List[ITerraformDependable] = None,
  for_each: ITerraformIterator = None,
  lifecycle: TerraformResourceLifecycle = None,
  provider: TerraformProvider = None,
  provisioners: typing.List[typing.Union[FileProvisioner, LocalExecProvisioner, RemoteExecProvisioner]] = None,
  capabilities: typing.List[str],
  name: str,
  access_keys: VaultSecretsIntegrationAwsAccessKeysA = None,
  federated_workload_identity: VaultSecretsIntegrationAwsFederatedWorkloadIdentityA = None,
  project_id: str = None
)

Properties

Name	Type	Description
connection	typing.Union[cdktf.SSHProvisionerConnection, cdktf.WinrmProvisionerConnection]	No description.
count	typing.Union[typing.Union[int, float], cdktf.TerraformCount]	No description.
depends_on	typing.List[cdktf.ITerraformDependable]	No description.
for_each	cdktf.ITerraformIterator	No description.
lifecycle	cdktf.TerraformResourceLifecycle	No description.
provider	cdktf.TerraformProvider	No description.
provisioners	typing.List[typing.Union[cdktf.FileProvisioner, cdktf.LocalExecProvisioner, cdktf.RemoteExecProvisioner]]	No description.
capabilities	typing.List[str]	Capabilities enabled for the integration. See the Vault Secrets documentation for the list of supported capabilities per provider.
name	str	The Vault Secrets integration name.
access_keys	VaultSecretsIntegrationAwsAccessKeysA	AWS IAM key pair used to authenticate against the target AWS account. Cannot be used with federated_workload_identity.
federated_workload_identity	VaultSecretsIntegrationAwsFederatedWorkloadIdentityA	(Recommended) Federated identity configuration to authenticate against the target AWS account. Cannot be used with access_keys.
project_id	str	HCP project ID that owns the HCP Vault Secrets integration. Inferred from the provider configuration if omitted.

---

connection^Optional

connection: typing.Union[SSHProvisionerConnection, WinrmProvisionerConnection]

• Type: typing.Union[cdktf.SSHProvisionerConnection, cdktf.WinrmProvisionerConnection]

---

count^Optional

count: typing.Union[typing.Union[int, float], TerraformCount]

• Type: typing.Union[typing.Union[int, float], cdktf.TerraformCount]

---

depends_on^Optional

depends_on: typing.List[ITerraformDependable]

• Type: typing.List[cdktf.ITerraformDependable]

---

for_each^Optional

for_each: ITerraformIterator

• Type: cdktf.ITerraformIterator

---

lifecycle^Optional

lifecycle: TerraformResourceLifecycle

• Type: cdktf.TerraformResourceLifecycle

---

provider^Optional

provider: TerraformProvider

• Type: cdktf.TerraformProvider

---

provisioners^Optional

provisioners: typing.List[typing.Union[FileProvisioner, LocalExecProvisioner, RemoteExecProvisioner]]

• Type: typing.List[typing.Union[cdktf.FileProvisioner, cdktf.LocalExecProvisioner, cdktf.RemoteExecProvisioner]]

---

capabilities^Required

capabilities: typing.List[str]

• Type: typing.List[str]

Capabilities enabled for the integration. See the Vault Secrets documentation for the list of supported capabilities per provider.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/hcp/0.101.0/docs/resources/vault_secrets_integration_aws#capabilities VaultSecretsIntegrationAws#capabilities}

---

name^Required

name: str

• Type: str

The Vault Secrets integration name.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/hcp/0.101.0/docs/resources/vault_secrets_integration_aws#name VaultSecretsIntegrationAws#name}

---

access_keys^Optional

access_keys: VaultSecretsIntegrationAwsAccessKeysA

• Type: VaultSecretsIntegrationAwsAccessKeysA

AWS IAM key pair used to authenticate against the target AWS account. Cannot be used with federated_workload_identity.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/hcp/0.101.0/docs/resources/vault_secrets_integration_aws#access_keys VaultSecretsIntegrationAws#access_keys}

---

federated_workload_identity^Optional

federated_workload_identity: VaultSecretsIntegrationAwsFederatedWorkloadIdentityA

• Type: VaultSecretsIntegrationAwsFederatedWorkloadIdentityA

(Recommended) Federated identity configuration to authenticate against the target AWS account. Cannot be used with access_keys.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/hcp/0.101.0/docs/resources/vault_secrets_integration_aws#federated_workload_identity VaultSecretsIntegrationAws#federated_workload_identity}

---

project_id^Optional

project_id: str

• Type: str

HCP project ID that owns the HCP Vault Secrets integration. Inferred from the provider configuration if omitted.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/hcp/0.101.0/docs/resources/vault_secrets_integration_aws#project_id VaultSecretsIntegrationAws#project_id}

---

VaultSecretsIntegrationAwsFederatedWorkloadIdentityA

Initializer

from cdktf_cdktf_provider_hcp import vault_secrets_integration_aws

vaultSecretsIntegrationAws.VaultSecretsIntegrationAwsFederatedWorkloadIdentityA(
  audience: str,
  role_arn: str
)

Properties

Name	Type	Description
audience	str	Audience configured on the AWS IAM identity provider to federate access with HCP.
role_arn	str	AWS IAM role ARN the integration will assume to carry operations for the appropriate capabilities.

---

audience^Required

audience: str

• Type: str

Audience configured on the AWS IAM identity provider to federate access with HCP.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/hcp/0.101.0/docs/resources/vault_secrets_integration_aws#audience VaultSecretsIntegrationAws#audience}

---

role_arn^Required

role_arn: str

• Type: str

AWS IAM role ARN the integration will assume to carry operations for the appropriate capabilities.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/hcp/0.101.0/docs/resources/vault_secrets_integration_aws#role_arn VaultSecretsIntegrationAws#role_arn}

---

Classes

VaultSecretsIntegrationAwsAccessKeysAOutputReference

Initializers

from cdktf_cdktf_provider_hcp import vault_secrets_integration_aws

vaultSecretsIntegrationAws.VaultSecretsIntegrationAwsAccessKeysAOutputReference(
  terraform_resource: IInterpolatingParent,
  terraform_attribute: str
)

Name	Type	Description
terraform_resource	cdktf.IInterpolatingParent	The parent resource.
terraform_attribute	str	The attribute on the parent resource this class is referencing.

---

terraform_resource^Required

• Type: cdktf.IInterpolatingParent

The parent resource.

---

terraform_attribute^Required

• Type: str

The attribute on the parent resource this class is referencing.

---

Methods

Name	Description
compute_fqn	No description.
get_any_map_attribute	No description.
get_boolean_attribute	No description.
get_boolean_map_attribute	No description.
get_list_attribute	No description.
get_number_attribute	No description.
get_number_list_attribute	No description.
get_number_map_attribute	No description.
get_string_attribute	No description.
get_string_map_attribute	No description.
interpolation_for_attribute	No description.
resolve	Produce the Token's value at resolution time.
to_string	Return a string representation of this resolvable object.

---

compute_fqn

def compute_fqn() -> str

get_any_map_attribute

def get_any_map_attribute(
  terraform_attribute: str
) -> typing.Mapping[typing.Any]

terraform_attribute^Required

• Type: str

---

get_boolean_attribute

def get_boolean_attribute(
  terraform_attribute: str
) -> IResolvable

terraform_attribute^Required

• Type: str

---

get_boolean_map_attribute

def get_boolean_map_attribute(
  terraform_attribute: str
) -> typing.Mapping[bool]

terraform_attribute^Required

• Type: str

---

get_list_attribute

def get_list_attribute(
  terraform_attribute: str
) -> typing.List[str]

terraform_attribute^Required

• Type: str

---

get_number_attribute

def get_number_attribute(
  terraform_attribute: str
) -> typing.Union[int, float]

terraform_attribute^Required

• Type: str

---

get_number_list_attribute

def get_number_list_attribute(
  terraform_attribute: str
) -> typing.List[typing.Union[int, float]]

terraform_attribute^Required

• Type: str

---

get_number_map_attribute

def get_number_map_attribute(
  terraform_attribute: str
) -> typing.Mapping[typing.Union[int, float]]

terraform_attribute^Required

• Type: str

---

get_string_attribute

def get_string_attribute(
  terraform_attribute: str
) -> str

terraform_attribute^Required

• Type: str

---

get_string_map_attribute

def get_string_map_attribute(
  terraform_attribute: str
) -> typing.Mapping[str]

terraform_attribute^Required

• Type: str

---

interpolation_for_attribute

def interpolation_for_attribute(
  property: str
) -> IResolvable

property^Required

• Type: str

---

resolve

def resolve(
  _context: IResolveContext
) -> typing.Any

Produce the Token's value at resolution time.

_context^Required

• Type: cdktf.IResolveContext

---

to_string

def to_string() -> str

Return a string representation of this resolvable object.

Returns a reversible string representation.

Properties

Name	Type	Description
creation_stack	typing.List[str]	The creation stack of this resolvable which will be appended to errors thrown during resolution.
fqn	str	No description.
access_key_id_input	str	No description.
secret_access_key_input	str	No description.
access_key_id	str	No description.
secret_access_key	str	No description.
internal_value	typing.Union[cdktf.IResolvable, VaultSecretsIntegrationAwsAccessKeysA]	No description.

---

creation_stack^Required

creation_stack: typing.List[str]

• Type: typing.List[str]

The creation stack of this resolvable which will be appended to errors thrown during resolution.

If this returns an empty array the stack will not be attached.

---

fqn^Required

fqn: str

• Type: str

---

access_key_id_input^Optional

access_key_id_input: str

• Type: str

---

secret_access_key_input^Optional

secret_access_key_input: str

• Type: str

---

access_key_id^Required

access_key_id: str

• Type: str

---

secret_access_key^Required

secret_access_key: str

• Type: str

---

internal_value^Optional

internal_value: typing.Union[IResolvable, VaultSecretsIntegrationAwsAccessKeysA]

• Type: typing.Union[cdktf.IResolvable, VaultSecretsIntegrationAwsAccessKeysA]

---

VaultSecretsIntegrationAwsFederatedWorkloadIdentityAOutputReference

Initializers

from cdktf_cdktf_provider_hcp import vault_secrets_integration_aws

vaultSecretsIntegrationAws.VaultSecretsIntegrationAwsFederatedWorkloadIdentityAOutputReference(
  terraform_resource: IInterpolatingParent,
  terraform_attribute: str
)

Name	Type	Description
terraform_resource	cdktf.IInterpolatingParent	The parent resource.
terraform_attribute	str	The attribute on the parent resource this class is referencing.

---

terraform_resource^Required

• Type: cdktf.IInterpolatingParent

The parent resource.

---

terraform_attribute^Required

• Type: str

The attribute on the parent resource this class is referencing.

---

Methods

Name	Description
compute_fqn	No description.
get_any_map_attribute	No description.
get_boolean_attribute	No description.
get_boolean_map_attribute	No description.
get_list_attribute	No description.
get_number_attribute	No description.
get_number_list_attribute	No description.
get_number_map_attribute	No description.
get_string_attribute	No description.
get_string_map_attribute	No description.
interpolation_for_attribute	No description.
resolve	Produce the Token's value at resolution time.
to_string	Return a string representation of this resolvable object.

---

compute_fqn

def compute_fqn() -> str

get_any_map_attribute

def get_any_map_attribute(
  terraform_attribute: str
) -> typing.Mapping[typing.Any]

terraform_attribute^Required

• Type: str

---

get_boolean_attribute

def get_boolean_attribute(
  terraform_attribute: str
) -> IResolvable

terraform_attribute^Required

• Type: str

---

get_boolean_map_attribute

def get_boolean_map_attribute(
  terraform_attribute: str
) -> typing.Mapping[bool]

terraform_attribute^Required

• Type: str

---

get_list_attribute

def get_list_attribute(
  terraform_attribute: str
) -> typing.List[str]

terraform_attribute^Required

• Type: str

---

get_number_attribute

def get_number_attribute(
  terraform_attribute: str
) -> typing.Union[int, float]

terraform_attribute^Required

• Type: str

---

get_number_list_attribute

def get_number_list_attribute(
  terraform_attribute: str
) -> typing.List[typing.Union[int, float]]

terraform_attribute^Required

• Type: str

---

get_number_map_attribute

def get_number_map_attribute(
  terraform_attribute: str
) -> typing.Mapping[typing.Union[int, float]]

terraform_attribute^Required

• Type: str

---

get_string_attribute

def get_string_attribute(
  terraform_attribute: str
) -> str

terraform_attribute^Required

• Type: str

---

get_string_map_attribute

def get_string_map_attribute(
  terraform_attribute: str
) -> typing.Mapping[str]

terraform_attribute^Required

• Type: str

---

interpolation_for_attribute

def interpolation_for_attribute(
  property: str
) -> IResolvable

property^Required

• Type: str

---

resolve

def resolve(
  _context: IResolveContext
) -> typing.Any

Produce the Token's value at resolution time.

_context^Required

• Type: cdktf.IResolveContext

---

to_string

def to_string() -> str

Return a string representation of this resolvable object.

Returns a reversible string representation.

Properties

Name	Type	Description
creation_stack	typing.List[str]	The creation stack of this resolvable which will be appended to errors thrown during resolution.
fqn	str	No description.
audience_input	str	No description.
role_arn_input	str	No description.
audience	str	No description.
role_arn	str	No description.
internal_value	typing.Union[cdktf.IResolvable, VaultSecretsIntegrationAwsFederatedWorkloadIdentityA]	No description.

---

creation_stack^Required

creation_stack: typing.List[str]

• Type: typing.List[str]

The creation stack of this resolvable which will be appended to errors thrown during resolution.

If this returns an empty array the stack will not be attached.

---

fqn^Required

fqn: str

• Type: str

---

audience_input^Optional

audience_input: str

• Type: str

---

role_arn_input^Optional

role_arn_input: str

• Type: str

---

audience^Required

audience: str

• Type: str

---

role_arn^Required

role_arn: str

• Type: str

---

internal_value^Optional

internal_value: typing.Union[IResolvable, VaultSecretsIntegrationAwsFederatedWorkloadIdentityA]

• Type: typing.Union[cdktf.IResolvable, VaultSecretsIntegrationAwsFederatedWorkloadIdentityA]

---