hvac · jeffwecan · Feb 5, 2021 · Jan 29, 2021 · Feb 2, 2021
@@ -1623,7 +1623,7 @@ def get_kubernetes_configuration(self, mount_point='kubernetes'):
         return self._adapter.get(url)
 
     def create_kubernetes_role(self, name, bound_service_account_names, bound_service_account_namespaces, ttl="",
-                               max_ttl="", period="", policies=None, mount_point='kubernetes'):
+                               max_ttl="", period="", policies=None, mount_point='kubernetes', token_type=""):
         """POST /auth/<mount_point>/role/:name
 
         :param name: Name of the role.
@@ -1646,6 +1646,7 @@ def create_kubernetes_role(self, name, bound_service_account_names, bound_servic
         :type policies: list.
         :param mount_point: The "path" the k8s auth backend was mounted on. Vault currently defaults to "kubernetes".
         :type mount_point: str.
+        :type token_type: str.
         :return: Will be an empty body with a 204 status code upon success
         :rtype: requests.Response.
         """
@@ -1661,6 +1662,9 @@ def create_kubernetes_role(self, name, bound_service_account_names, bound_servic
             'period': period,
             'policies': policies,
         }
+        if token_type:
+            params['token_type'] = token_type
+
         url = 'v1/auth/{0}/role/{1}'.format(mount_point, name)
         return self._adapter.post(url, json=params)