ldap

package
v3.7.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 12, 2021 License: Apache-2.0 Imports: 7 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type FullNameMapper 

type FullNameMapper struct {
	pulumi.CustomResourceState

	// The name of the LDAP attribute containing the user's full name.
	LdapFullNameAttribute pulumi.StringOutput `pulumi:"ldapFullNameAttribute"`
	// The ID of the LDAP user federation provider to attach this mapper to.
	LdapUserFederationId pulumi.StringOutput `pulumi:"ldapUserFederationId"`
	// Display name of this mapper when displayed in the console.
	Name pulumi.StringOutput `pulumi:"name"`
	// When `true`, updates to a user within Keycloak will not be written back to LDAP. Defaults to `false`.
	ReadOnly pulumi.BoolPtrOutput `pulumi:"readOnly"`
	// The realm that this LDAP mapper will exist in.
	RealmId pulumi.StringOutput `pulumi:"realmId"`
	// When `true`, this mapper will only be used to write updates to LDAP. Defaults to `false`.
	WriteOnly pulumi.BoolPtrOutput `pulumi:"writeOnly"`
}

Allows for creating and managing full name mappers for Keycloak users federated via LDAP.

The LDAP full name mapper can map a user's full name from an LDAP attribute to the first and last name attributes of a Keycloak user.

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-keycloak/sdk/v3/go/keycloak"
"github.com/pulumi/pulumi-keycloak/sdk/v3/go/keycloak/ldap"
"github.com/pulumi/pulumi/sdk/v2/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		realm, err := keycloak.NewRealm(ctx, "realm", &keycloak.RealmArgs{
			Realm:   pulumi.String("my-realm"),
			Enabled: pulumi.Bool(true),
		})
		if err != nil {
			return err
		}
		ldapUserFederation, err := ldap.NewUserFederation(ctx, "ldapUserFederation", &ldap.UserFederationArgs{
			RealmId:               realm.ID(),
			UsernameLdapAttribute: pulumi.String("cn"),
			RdnLdapAttribute:      pulumi.String("cn"),
			UuidLdapAttribute:     pulumi.String("entryDN"),
			UserObjectClasses: pulumi.StringArray{
				pulumi.String("simpleSecurityObject"),
				pulumi.String("organizationalRole"),
			},
			ConnectionUrl:  pulumi.String("ldap://openldap"),
			UsersDn:        pulumi.String("dc=example,dc=org"),
			BindDn:         pulumi.String("cn=admin,dc=example,dc=org"),
			BindCredential: pulumi.String("admin"),
		})
		if err != nil {
			return err
		}
		_, err = ldap.NewFullNameMapper(ctx, "ldapFullNameMapper", &ldap.FullNameMapperArgs{
			RealmId:               realm.ID(),
			LdapUserFederationId:  ldapUserFederation.ID(),
			LdapFullNameAttribute: pulumi.String("cn"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

LDAP mappers can be imported using the format `{{realm_id}}/{{ldap_user_federation_id}}/{{ldap_mapper_id}}`. The ID of the LDAP user federation provider and the mapper can be found within the Keycloak GUI, and they are typically GUIDs. Examplebash

```sh 

$ pulumi import keycloak:ldap/fullNameMapper:FullNameMapper ldap_full_name_mapper my-realm/af2a6ca3-e4d7-49c3-b08b-1b3c70b4b860/3d923ece-1a91-4bf7-adaf-3b82f2a12b67

```

func GetFullNameMapper 

func GetFullNameMapper(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *FullNameMapperState, opts ...pulumi.ResourceOption) (*FullNameMapper, error)

GetFullNameMapper gets an existing FullNameMapper resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewFullNameMapper 

func NewFullNameMapper(ctx *pulumi.Context,
	name string, args *FullNameMapperArgs, opts ...pulumi.ResourceOption) (*FullNameMapper, error)

NewFullNameMapper registers a new resource with the given unique name, arguments, and options.

func (*FullNameMapper) ElementType added in v3.1.1 

func (*FullNameMapper) ElementType() reflect.Type

func (*FullNameMapper) ToFullNameMapperOutput added in v3.1.1 

func (i *FullNameMapper) ToFullNameMapperOutput() FullNameMapperOutput

func (*FullNameMapper) ToFullNameMapperOutputWithContext added in v3.1.1 

func (i *FullNameMapper) ToFullNameMapperOutputWithContext(ctx context.Context) FullNameMapperOutput

func (*FullNameMapper) ToFullNameMapperPtrOutput added in v3.4.1 

func (i *FullNameMapper) ToFullNameMapperPtrOutput() FullNameMapperPtrOutput

func (*FullNameMapper) ToFullNameMapperPtrOutputWithContext added in v3.4.1 

func (i *FullNameMapper) ToFullNameMapperPtrOutputWithContext(ctx context.Context) FullNameMapperPtrOutput

type FullNameMapperArgs 

type FullNameMapperArgs struct {
	// The name of the LDAP attribute containing the user's full name.
	LdapFullNameAttribute pulumi.StringInput
	// The ID of the LDAP user federation provider to attach this mapper to.
	LdapUserFederationId pulumi.StringInput
	// Display name of this mapper when displayed in the console.
	Name pulumi.StringPtrInput
	// When `true`, updates to a user within Keycloak will not be written back to LDAP. Defaults to `false`.
	ReadOnly pulumi.BoolPtrInput
	// The realm that this LDAP mapper will exist in.
	RealmId pulumi.StringInput
	// When `true`, this mapper will only be used to write updates to LDAP. Defaults to `false`.
	WriteOnly pulumi.BoolPtrInput
}

The set of arguments for constructing a FullNameMapper resource.

func (FullNameMapperArgs) ElementType 

func (FullNameMapperArgs) ElementType() reflect.Type

type FullNameMapperArray added in v3.4.1 

type FullNameMapperArray []FullNameMapperInput

func (FullNameMapperArray) ElementType added in v3.4.1 

func (FullNameMapperArray) ElementType() reflect.Type

func (FullNameMapperArray) ToFullNameMapperArrayOutput added in v3.4.1 

func (i FullNameMapperArray) ToFullNameMapperArrayOutput() FullNameMapperArrayOutput

func (FullNameMapperArray) ToFullNameMapperArrayOutputWithContext added in v3.4.1 

func (i FullNameMapperArray) ToFullNameMapperArrayOutputWithContext(ctx context.Context) FullNameMapperArrayOutput

type FullNameMapperArrayInput added in v3.4.1 

type FullNameMapperArrayInput interface {
	pulumi.Input

	ToFullNameMapperArrayOutput() FullNameMapperArrayOutput
	ToFullNameMapperArrayOutputWithContext(context.Context) FullNameMapperArrayOutput
}

FullNameMapperArrayInput is an input type that accepts FullNameMapperArray and FullNameMapperArrayOutput values. You can construct a concrete instance of `FullNameMapperArrayInput` via: 

FullNameMapperArray{ FullNameMapperArgs{...} }

type FullNameMapperArrayOutput added in v3.4.1 

type FullNameMapperArrayOutput struct{ *pulumi.OutputState }

func (FullNameMapperArrayOutput) ElementType added in v3.4.1 

func (FullNameMapperArrayOutput) ElementType() reflect.Type

func (FullNameMapperArrayOutput) Index added in v3.4.1 

func (o FullNameMapperArrayOutput) Index(i pulumi.IntInput) FullNameMapperOutput

func (FullNameMapperArrayOutput) ToFullNameMapperArrayOutput added in v3.4.1 

func (o FullNameMapperArrayOutput) ToFullNameMapperArrayOutput() FullNameMapperArrayOutput

func (FullNameMapperArrayOutput) ToFullNameMapperArrayOutputWithContext added in v3.4.1 

func (o FullNameMapperArrayOutput) ToFullNameMapperArrayOutputWithContext(ctx context.Context) FullNameMapperArrayOutput

type FullNameMapperInput added in v3.1.1 

type FullNameMapperInput interface {
	pulumi.Input

	ToFullNameMapperOutput() FullNameMapperOutput
	ToFullNameMapperOutputWithContext(ctx context.Context) FullNameMapperOutput
}

type FullNameMapperMap added in v3.4.1 

type FullNameMapperMap map[string]FullNameMapperInput

func (FullNameMapperMap) ElementType added in v3.4.1 

func (FullNameMapperMap) ElementType() reflect.Type

func (FullNameMapperMap) ToFullNameMapperMapOutput added in v3.4.1 

func (i FullNameMapperMap) ToFullNameMapperMapOutput() FullNameMapperMapOutput

func (FullNameMapperMap) ToFullNameMapperMapOutputWithContext added in v3.4.1 

func (i FullNameMapperMap) ToFullNameMapperMapOutputWithContext(ctx context.Context) FullNameMapperMapOutput

type FullNameMapperMapInput added in v3.4.1 

type FullNameMapperMapInput interface {
	pulumi.Input

	ToFullNameMapperMapOutput() FullNameMapperMapOutput
	ToFullNameMapperMapOutputWithContext(context.Context) FullNameMapperMapOutput
}

FullNameMapperMapInput is an input type that accepts FullNameMapperMap and FullNameMapperMapOutput values. You can construct a concrete instance of `FullNameMapperMapInput` via: 

FullNameMapperMap{ "key": FullNameMapperArgs{...} }

type FullNameMapperMapOutput added in v3.4.1 

type FullNameMapperMapOutput struct{ *pulumi.OutputState }

func (FullNameMapperMapOutput) ElementType added in v3.4.1 

func (FullNameMapperMapOutput) ElementType() reflect.Type

func (FullNameMapperMapOutput) MapIndex added in v3.4.1 

func (o FullNameMapperMapOutput) MapIndex(k pulumi.StringInput) FullNameMapperOutput

func (FullNameMapperMapOutput) ToFullNameMapperMapOutput added in v3.4.1 

func (o FullNameMapperMapOutput) ToFullNameMapperMapOutput() FullNameMapperMapOutput

func (FullNameMapperMapOutput) ToFullNameMapperMapOutputWithContext added in v3.4.1 

func (o FullNameMapperMapOutput) ToFullNameMapperMapOutputWithContext(ctx context.Context) FullNameMapperMapOutput

type FullNameMapperOutput added in v3.1.1 

type FullNameMapperOutput struct {
	*pulumi.OutputState
}

func (FullNameMapperOutput) ElementType added in v3.1.1 

func (FullNameMapperOutput) ElementType() reflect.Type

func (FullNameMapperOutput) ToFullNameMapperOutput added in v3.1.1 

func (o FullNameMapperOutput) ToFullNameMapperOutput() FullNameMapperOutput

func (FullNameMapperOutput) ToFullNameMapperOutputWithContext added in v3.1.1 

func (o FullNameMapperOutput) ToFullNameMapperOutputWithContext(ctx context.Context) FullNameMapperOutput

func (FullNameMapperOutput) ToFullNameMapperPtrOutput added in v3.4.1 

func (o FullNameMapperOutput) ToFullNameMapperPtrOutput() FullNameMapperPtrOutput

func (FullNameMapperOutput) ToFullNameMapperPtrOutputWithContext added in v3.4.1 

func (o FullNameMapperOutput) ToFullNameMapperPtrOutputWithContext(ctx context.Context) FullNameMapperPtrOutput

type FullNameMapperPtrInput added in v3.4.1 

type FullNameMapperPtrInput interface {
	pulumi.Input

	ToFullNameMapperPtrOutput() FullNameMapperPtrOutput
	ToFullNameMapperPtrOutputWithContext(ctx context.Context) FullNameMapperPtrOutput
}

type FullNameMapperPtrOutput added in v3.4.1 

type FullNameMapperPtrOutput struct {
	*pulumi.OutputState
}

func (FullNameMapperPtrOutput) ElementType added in v3.4.1 

func (FullNameMapperPtrOutput) ElementType() reflect.Type

func (FullNameMapperPtrOutput) ToFullNameMapperPtrOutput added in v3.4.1 

func (o FullNameMapperPtrOutput) ToFullNameMapperPtrOutput() FullNameMapperPtrOutput

func (FullNameMapperPtrOutput) ToFullNameMapperPtrOutputWithContext added in v3.4.1 

func (o FullNameMapperPtrOutput) ToFullNameMapperPtrOutputWithContext(ctx context.Context) FullNameMapperPtrOutput

type FullNameMapperState 

type FullNameMapperState struct {
	// The name of the LDAP attribute containing the user's full name.
	LdapFullNameAttribute pulumi.StringPtrInput
	// The ID of the LDAP user federation provider to attach this mapper to.
	LdapUserFederationId pulumi.StringPtrInput
	// Display name of this mapper when displayed in the console.
	Name pulumi.StringPtrInput
	// When `true`, updates to a user within Keycloak will not be written back to LDAP. Defaults to `false`.
	ReadOnly pulumi.BoolPtrInput
	// The realm that this LDAP mapper will exist in.
	RealmId pulumi.StringPtrInput
	// When `true`, this mapper will only be used to write updates to LDAP. Defaults to `false`.
	WriteOnly pulumi.BoolPtrInput
}

func (FullNameMapperState) ElementType 

func (FullNameMapperState) ElementType() reflect.Type

type GroupMapper 

type GroupMapper struct {
	pulumi.CustomResourceState

	// When `true`, groups that no longer exist within LDAP will be dropped in Keycloak during sync. Defaults to `false`.
	DropNonExistingGroupsDuringSync pulumi.BoolPtrOutput `pulumi:"dropNonExistingGroupsDuringSync"`
	// The name of the LDAP attribute that is used in group objects for the name and RDN of the group. Typically `cn`.
	GroupNameLdapAttribute pulumi.StringOutput `pulumi:"groupNameLdapAttribute"`
	// List of strings representing the object classes for the group. Must contain at least one.
	GroupObjectClasses pulumi.StringArrayOutput `pulumi:"groupObjectClasses"`
	// When specified, adds an additional custom filter to be used when querying for groups. Must start with `(` and end with `)`.
	GroupsLdapFilter pulumi.StringPtrOutput `pulumi:"groupsLdapFilter"`
	// Keycloak group path the LDAP groups are added to. For example if value `/Applications/App1` is used, then LDAP groups will be available in Keycloak under group `App1`, which is the child of top level group `Applications`. The configured group path must already exist in Keycloak when creating this mapper.
	GroupsPath pulumi.StringOutput `pulumi:"groupsPath"`
	// When `true`, missing groups in the hierarchy will be ignored.
	IgnoreMissingGroups pulumi.BoolPtrOutput `pulumi:"ignoreMissingGroups"`
	// The LDAP DN where groups can be found.
	LdapGroupsDn pulumi.StringOutput `pulumi:"ldapGroupsDn"`
	// The ID of the LDAP user federation provider to attach this mapper to.
	LdapUserFederationId pulumi.StringOutput `pulumi:"ldapUserFederationId"`
	// Array of strings representing attributes on the LDAP group which will be mapped to attributes on the Keycloak group.
	MappedGroupAttributes pulumi.StringArrayOutput `pulumi:"mappedGroupAttributes"`
	// Specifies the name of the LDAP attribute on the LDAP user that contains the groups the user is a member of. Defaults to `memberOf`.
	MemberofLdapAttribute pulumi.StringPtrOutput `pulumi:"memberofLdapAttribute"`
	// Can be one of `DN` or `UID`. Defaults to `DN`.
	MembershipAttributeType pulumi.StringPtrOutput `pulumi:"membershipAttributeType"`
	// The name of the LDAP attribute that is used for membership mappings.
	MembershipLdapAttribute pulumi.StringOutput `pulumi:"membershipLdapAttribute"`
	// The name of the LDAP attribute on a user that is used for membership mappings.
	MembershipUserLdapAttribute pulumi.StringOutput `pulumi:"membershipUserLdapAttribute"`
	// Can be one of `READ_ONLY`, `LDAP_ONLY` or `IMPORT`. Defaults to `READ_ONLY`.
	Mode pulumi.StringPtrOutput `pulumi:"mode"`
	// Display name of this mapper when displayed in the console.
	Name pulumi.StringOutput `pulumi:"name"`
	// When `true`, group inheritance will be propagated from LDAP to Keycloak. When `false`, all LDAP groups will be propagated as top level groups within Keycloak.
	PreserveGroupInheritance pulumi.BoolPtrOutput `pulumi:"preserveGroupInheritance"`
	// The realm that this LDAP mapper will exist in.
	RealmId pulumi.StringOutput `pulumi:"realmId"`
	// Can be one of `LOAD_GROUPS_BY_MEMBER_ATTRIBUTE`, `GET_GROUPS_FROM_USER_MEMBEROF_ATTRIBUTE`, or `LOAD_GROUPS_BY_MEMBER_ATTRIBUTE_RECURSIVELY`. Defaults to `LOAD_GROUPS_BY_MEMBER_ATTRIBUTE`.
	UserRolesRetrieveStrategy pulumi.StringPtrOutput `pulumi:"userRolesRetrieveStrategy"`
}

Allows for creating and managing group mappers for Keycloak users federated via LDAP.

The LDAP group mapper can be used to map an LDAP user's groups from some DN to Keycloak groups. This group mapper will also create the groups within Keycloak if they do not already exist.

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-keycloak/sdk/v3/go/keycloak"
"github.com/pulumi/pulumi-keycloak/sdk/v3/go/keycloak/ldap"
"github.com/pulumi/pulumi/sdk/v2/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		realm, err := keycloak.NewRealm(ctx, "realm", &keycloak.RealmArgs{
			Realm:   pulumi.String("my-realm"),
			Enabled: pulumi.Bool(true),
		})
		if err != nil {
			return err
		}
		ldapUserFederation, err := ldap.NewUserFederation(ctx, "ldapUserFederation", &ldap.UserFederationArgs{
			RealmId:               realm.ID(),
			UsernameLdapAttribute: pulumi.String("cn"),
			RdnLdapAttribute:      pulumi.String("cn"),
			UuidLdapAttribute:     pulumi.String("entryDN"),
			UserObjectClasses: pulumi.StringArray{
				pulumi.String("simpleSecurityObject"),
				pulumi.String("organizationalRole"),
			},
			ConnectionUrl:  pulumi.String("ldap://openldap"),
			UsersDn:        pulumi.String("dc=example,dc=org"),
			BindDn:         pulumi.String("cn=admin,dc=example,dc=org"),
			BindCredential: pulumi.String("admin"),
		})
		if err != nil {
			return err
		}
		_, err = ldap.NewGroupMapper(ctx, "ldapGroupMapper", &ldap.GroupMapperArgs{
			RealmId:                realm.ID(),
			LdapUserFederationId:   ldapUserFederation.ID(),
			LdapGroupsDn:           pulumi.String("dc=example,dc=org"),
			GroupNameLdapAttribute: pulumi.String("cn"),
			GroupObjectClasses: pulumi.StringArray{
				pulumi.String("groupOfNames"),
			},
			MembershipAttributeType:     pulumi.String("DN"),
			MembershipLdapAttribute:     pulumi.String("member"),
			MembershipUserLdapAttribute: pulumi.String("cn"),
			MemberofLdapAttribute:       pulumi.String("memberOf"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

LDAP mappers can be imported using the format `{{realm_id}}/{{ldap_user_federation_id}}/{{ldap_mapper_id}}`. The ID of the LDAP user federation provider and the mapper can be found within the Keycloak GUI, and they are typically GUIDs. Examplebash

```sh 

$ pulumi import keycloak:ldap/groupMapper:GroupMapper ldap_group_mapper my-realm/af2a6ca3-e4d7-49c3-b08b-1b3c70b4b860/3d923ece-1a91-4bf7-adaf-3b82f2a12b67

```

func GetGroupMapper 

func GetGroupMapper(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *GroupMapperState, opts ...pulumi.ResourceOption) (*GroupMapper, error)

GetGroupMapper gets an existing GroupMapper resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewGroupMapper 

func NewGroupMapper(ctx *pulumi.Context,
	name string, args *GroupMapperArgs, opts ...pulumi.ResourceOption) (*GroupMapper, error)

NewGroupMapper registers a new resource with the given unique name, arguments, and options.

func (*GroupMapper) ElementType added in v3.1.1 

func (*GroupMapper) ElementType() reflect.Type

func (*GroupMapper) ToGroupMapperOutput added in v3.1.1 

func (i *GroupMapper) ToGroupMapperOutput() GroupMapperOutput

func (*GroupMapper) ToGroupMapperOutputWithContext added in v3.1.1 

func (i *GroupMapper) ToGroupMapperOutputWithContext(ctx context.Context) GroupMapperOutput

func (*GroupMapper) ToGroupMapperPtrOutput added in v3.4.1 

func (i *GroupMapper) ToGroupMapperPtrOutput() GroupMapperPtrOutput

func (*GroupMapper) ToGroupMapperPtrOutputWithContext added in v3.4.1 

func (i *GroupMapper) ToGroupMapperPtrOutputWithContext(ctx context.Context) GroupMapperPtrOutput

type GroupMapperArgs 

type GroupMapperArgs struct {
	// When `true`, groups that no longer exist within LDAP will be dropped in Keycloak during sync. Defaults to `false`.
	DropNonExistingGroupsDuringSync pulumi.BoolPtrInput
	// The name of the LDAP attribute that is used in group objects for the name and RDN of the group. Typically `cn`.
	GroupNameLdapAttribute pulumi.StringInput
	// List of strings representing the object classes for the group. Must contain at least one.
	GroupObjectClasses pulumi.StringArrayInput
	// When specified, adds an additional custom filter to be used when querying for groups. Must start with `(` and end with `)`.
	GroupsLdapFilter pulumi.StringPtrInput
	// Keycloak group path the LDAP groups are added to. For example if value `/Applications/App1` is used, then LDAP groups will be available in Keycloak under group `App1`, which is the child of top level group `Applications`. The configured group path must already exist in Keycloak when creating this mapper.
	GroupsPath pulumi.StringPtrInput
	// When `true`, missing groups in the hierarchy will be ignored.
	IgnoreMissingGroups pulumi.BoolPtrInput
	// The LDAP DN where groups can be found.
	LdapGroupsDn pulumi.StringInput
	// The ID of the LDAP user federation provider to attach this mapper to.
	LdapUserFederationId pulumi.StringInput
	// Array of strings representing attributes on the LDAP group which will be mapped to attributes on the Keycloak group.
	MappedGroupAttributes pulumi.StringArrayInput
	// Specifies the name of the LDAP attribute on the LDAP user that contains the groups the user is a member of. Defaults to `memberOf`.
	MemberofLdapAttribute pulumi.StringPtrInput
	// Can be one of `DN` or `UID`. Defaults to `DN`.
	MembershipAttributeType pulumi.StringPtrInput
	// The name of the LDAP attribute that is used for membership mappings.
	MembershipLdapAttribute pulumi.StringInput
	// The name of the LDAP attribute on a user that is used for membership mappings.
	MembershipUserLdapAttribute pulumi.StringInput
	// Can be one of `READ_ONLY`, `LDAP_ONLY` or `IMPORT`. Defaults to `READ_ONLY`.
	Mode pulumi.StringPtrInput
	// Display name of this mapper when displayed in the console.
	Name pulumi.StringPtrInput
	// When `true`, group inheritance will be propagated from LDAP to Keycloak. When `false`, all LDAP groups will be propagated as top level groups within Keycloak.
	PreserveGroupInheritance pulumi.BoolPtrInput
	// The realm that this LDAP mapper will exist in.
	RealmId pulumi.StringInput
	// Can be one of `LOAD_GROUPS_BY_MEMBER_ATTRIBUTE`, `GET_GROUPS_FROM_USER_MEMBEROF_ATTRIBUTE`, or `LOAD_GROUPS_BY_MEMBER_ATTRIBUTE_RECURSIVELY`. Defaults to `LOAD_GROUPS_BY_MEMBER_ATTRIBUTE`.
	UserRolesRetrieveStrategy pulumi.StringPtrInput
}

The set of arguments for constructing a GroupMapper resource.

func (GroupMapperArgs) ElementType 

func (GroupMapperArgs) ElementType() reflect.Type

type GroupMapperArray added in v3.4.1 

type GroupMapperArray []GroupMapperInput

func (GroupMapperArray) ElementType added in v3.4.1 

func (GroupMapperArray) ElementType() reflect.Type

func (GroupMapperArray) ToGroupMapperArrayOutput added in v3.4.1 

func (i GroupMapperArray) ToGroupMapperArrayOutput() GroupMapperArrayOutput

func (GroupMapperArray) ToGroupMapperArrayOutputWithContext added in v3.4.1 

func (i GroupMapperArray) ToGroupMapperArrayOutputWithContext(ctx context.Context) GroupMapperArrayOutput

type GroupMapperArrayInput added in v3.4.1 

type GroupMapperArrayInput interface {
	pulumi.Input

	ToGroupMapperArrayOutput() GroupMapperArrayOutput
	ToGroupMapperArrayOutputWithContext(context.Context) GroupMapperArrayOutput
}

GroupMapperArrayInput is an input type that accepts GroupMapperArray and GroupMapperArrayOutput values. You can construct a concrete instance of `GroupMapperArrayInput` via: 

GroupMapperArray{ GroupMapperArgs{...} }

type GroupMapperArrayOutput added in v3.4.1 

type GroupMapperArrayOutput struct{ *pulumi.OutputState }

func (GroupMapperArrayOutput) ElementType added in v3.4.1 

func (GroupMapperArrayOutput) ElementType() reflect.Type

func (GroupMapperArrayOutput) Index added in v3.4.1 

func (o GroupMapperArrayOutput) Index(i pulumi.IntInput) GroupMapperOutput

func (GroupMapperArrayOutput) ToGroupMapperArrayOutput added in v3.4.1 

func (o GroupMapperArrayOutput) ToGroupMapperArrayOutput() GroupMapperArrayOutput

func (GroupMapperArrayOutput) ToGroupMapperArrayOutputWithContext added in v3.4.1 

func (o GroupMapperArrayOutput) ToGroupMapperArrayOutputWithContext(ctx context.Context) GroupMapperArrayOutput

type GroupMapperInput added in v3.1.1 

type GroupMapperInput interface {
	pulumi.Input

	ToGroupMapperOutput() GroupMapperOutput
	ToGroupMapperOutputWithContext(ctx context.Context) GroupMapperOutput
}

type GroupMapperMap added in v3.4.1 

type GroupMapperMap map[string]GroupMapperInput

func (GroupMapperMap) ElementType added in v3.4.1 

func (GroupMapperMap) ElementType() reflect.Type

func (GroupMapperMap) ToGroupMapperMapOutput added in v3.4.1 

func (i GroupMapperMap) ToGroupMapperMapOutput() GroupMapperMapOutput

func (GroupMapperMap) ToGroupMapperMapOutputWithContext added in v3.4.1 

func (i GroupMapperMap) ToGroupMapperMapOutputWithContext(ctx context.Context) GroupMapperMapOutput

type GroupMapperMapInput added in v3.4.1 

type GroupMapperMapInput interface {
	pulumi.Input

	ToGroupMapperMapOutput() GroupMapperMapOutput
	ToGroupMapperMapOutputWithContext(context.Context) GroupMapperMapOutput
}

GroupMapperMapInput is an input type that accepts GroupMapperMap and GroupMapperMapOutput values. You can construct a concrete instance of `GroupMapperMapInput` via: 

GroupMapperMap{ "key": GroupMapperArgs{...} }

type GroupMapperMapOutput added in v3.4.1 

type GroupMapperMapOutput struct{ *pulumi.OutputState }

func (GroupMapperMapOutput) ElementType added in v3.4.1 

func (GroupMapperMapOutput) ElementType() reflect.Type

func (GroupMapperMapOutput) MapIndex added in v3.4.1 

func (o GroupMapperMapOutput) MapIndex(k pulumi.StringInput) GroupMapperOutput

func (GroupMapperMapOutput) ToGroupMapperMapOutput added in v3.4.1 

func (o GroupMapperMapOutput) ToGroupMapperMapOutput() GroupMapperMapOutput

func (GroupMapperMapOutput) ToGroupMapperMapOutputWithContext added in v3.4.1 

func (o GroupMapperMapOutput) ToGroupMapperMapOutputWithContext(ctx context.Context) GroupMapperMapOutput

type GroupMapperOutput added in v3.1.1 

type GroupMapperOutput struct {
	*pulumi.OutputState
}

func (GroupMapperOutput) ElementType added in v3.1.1 

func (GroupMapperOutput) ElementType() reflect.Type

func (GroupMapperOutput) ToGroupMapperOutput added in v3.1.1 

func (o GroupMapperOutput) ToGroupMapperOutput() GroupMapperOutput

func (GroupMapperOutput) ToGroupMapperOutputWithContext added in v3.1.1 

func (o GroupMapperOutput) ToGroupMapperOutputWithContext(ctx context.Context) GroupMapperOutput

func (GroupMapperOutput) ToGroupMapperPtrOutput added in v3.4.1 

func (o GroupMapperOutput) ToGroupMapperPtrOutput() GroupMapperPtrOutput

func (GroupMapperOutput) ToGroupMapperPtrOutputWithContext added in v3.4.1 

func (o GroupMapperOutput) ToGroupMapperPtrOutputWithContext(ctx context.Context) GroupMapperPtrOutput

type GroupMapperPtrInput added in v3.4.1 

type GroupMapperPtrInput interface {
	pulumi.Input

	ToGroupMapperPtrOutput() GroupMapperPtrOutput
	ToGroupMapperPtrOutputWithContext(ctx context.Context) GroupMapperPtrOutput
}

type GroupMapperPtrOutput added in v3.4.1 

type GroupMapperPtrOutput struct {
	*pulumi.OutputState
}

func (GroupMapperPtrOutput) ElementType added in v3.4.1 

func (GroupMapperPtrOutput) ElementType() reflect.Type

func (GroupMapperPtrOutput) ToGroupMapperPtrOutput added in v3.4.1 

func (o GroupMapperPtrOutput) ToGroupMapperPtrOutput() GroupMapperPtrOutput

func (GroupMapperPtrOutput) ToGroupMapperPtrOutputWithContext added in v3.4.1 

func (o GroupMapperPtrOutput) ToGroupMapperPtrOutputWithContext(ctx context.Context) GroupMapperPtrOutput

type GroupMapperState 

type GroupMapperState struct {
	// When `true`, groups that no longer exist within LDAP will be dropped in Keycloak during sync. Defaults to `false`.
	DropNonExistingGroupsDuringSync pulumi.BoolPtrInput
	// The name of the LDAP attribute that is used in group objects for the name and RDN of the group. Typically `cn`.
	GroupNameLdapAttribute pulumi.StringPtrInput
	// List of strings representing the object classes for the group. Must contain at least one.
	GroupObjectClasses pulumi.StringArrayInput
	// When specified, adds an additional custom filter to be used when querying for groups. Must start with `(` and end with `)`.
	GroupsLdapFilter pulumi.StringPtrInput
	// Keycloak group path the LDAP groups are added to. For example if value `/Applications/App1` is used, then LDAP groups will be available in Keycloak under group `App1`, which is the child of top level group `Applications`. The configured group path must already exist in Keycloak when creating this mapper.
	GroupsPath pulumi.StringPtrInput
	// When `true`, missing groups in the hierarchy will be ignored.
	IgnoreMissingGroups pulumi.BoolPtrInput
	// The LDAP DN where groups can be found.
	LdapGroupsDn pulumi.StringPtrInput
	// The ID of the LDAP user federation provider to attach this mapper to.
	LdapUserFederationId pulumi.StringPtrInput
	// Array of strings representing attributes on the LDAP group which will be mapped to attributes on the Keycloak group.
	MappedGroupAttributes pulumi.StringArrayInput
	// Specifies the name of the LDAP attribute on the LDAP user that contains the groups the user is a member of. Defaults to `memberOf`.
	MemberofLdapAttribute pulumi.StringPtrInput
	// Can be one of `DN` or `UID`. Defaults to `DN`.
	MembershipAttributeType pulumi.StringPtrInput
	// The name of the LDAP attribute that is used for membership mappings.
	MembershipLdapAttribute pulumi.StringPtrInput
	// The name of the LDAP attribute on a user that is used for membership mappings.
	MembershipUserLdapAttribute pulumi.StringPtrInput
	// Can be one of `READ_ONLY`, `LDAP_ONLY` or `IMPORT`. Defaults to `READ_ONLY`.
	Mode pulumi.StringPtrInput
	// Display name of this mapper when displayed in the console.
	Name pulumi.StringPtrInput
	// When `true`, group inheritance will be propagated from LDAP to Keycloak. When `false`, all LDAP groups will be propagated as top level groups within Keycloak.
	PreserveGroupInheritance pulumi.BoolPtrInput
	// The realm that this LDAP mapper will exist in.
	RealmId pulumi.StringPtrInput
	// Can be one of `LOAD_GROUPS_BY_MEMBER_ATTRIBUTE`, `GET_GROUPS_FROM_USER_MEMBEROF_ATTRIBUTE`, or `LOAD_GROUPS_BY_MEMBER_ATTRIBUTE_RECURSIVELY`. Defaults to `LOAD_GROUPS_BY_MEMBER_ATTRIBUTE`.
	UserRolesRetrieveStrategy pulumi.StringPtrInput
}

func (GroupMapperState) ElementType 

func (GroupMapperState) ElementType() reflect.Type

type HardcodedGroupMapper 

type HardcodedGroupMapper struct {
	pulumi.CustomResourceState

	// Group to grant to user.
	Group pulumi.StringOutput `pulumi:"group"`
	// The ldap user federation provider to attach this mapper to.
	LdapUserFederationId pulumi.StringOutput `pulumi:"ldapUserFederationId"`
	// Display name of the mapper when displayed in the console.
	Name pulumi.StringOutput `pulumi:"name"`
	// The realm in which the ldap user federation provider exists.
	RealmId pulumi.StringOutput `pulumi:"realmId"`
}

func GetHardcodedGroupMapper 

func GetHardcodedGroupMapper(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *HardcodedGroupMapperState, opts ...pulumi.ResourceOption) (*HardcodedGroupMapper, error)

GetHardcodedGroupMapper gets an existing HardcodedGroupMapper resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewHardcodedGroupMapper 

func NewHardcodedGroupMapper(ctx *pulumi.Context,
	name string, args *HardcodedGroupMapperArgs, opts ...pulumi.ResourceOption) (*HardcodedGroupMapper, error)

NewHardcodedGroupMapper registers a new resource with the given unique name, arguments, and options.

func (*HardcodedGroupMapper) ElementType added in v3.1.1 

func (*HardcodedGroupMapper) ElementType() reflect.Type

func (*HardcodedGroupMapper) ToHardcodedGroupMapperOutput added in v3.1.1 

func (i *HardcodedGroupMapper) ToHardcodedGroupMapperOutput() HardcodedGroupMapperOutput

func (*HardcodedGroupMapper) ToHardcodedGroupMapperOutputWithContext added in v3.1.1 

func (i *HardcodedGroupMapper) ToHardcodedGroupMapperOutputWithContext(ctx context.Context) HardcodedGroupMapperOutput

func (*HardcodedGroupMapper) ToHardcodedGroupMapperPtrOutput added in v3.4.1 

func (i *HardcodedGroupMapper) ToHardcodedGroupMapperPtrOutput() HardcodedGroupMapperPtrOutput

func (*HardcodedGroupMapper) ToHardcodedGroupMapperPtrOutputWithContext added in v3.4.1 

func (i *HardcodedGroupMapper) ToHardcodedGroupMapperPtrOutputWithContext(ctx context.Context) HardcodedGroupMapperPtrOutput

type HardcodedGroupMapperArgs 

type HardcodedGroupMapperArgs struct {
	// Group to grant to user.
	Group pulumi.StringInput
	// The ldap user federation provider to attach this mapper to.
	LdapUserFederationId pulumi.StringInput
	// Display name of the mapper when displayed in the console.
	Name pulumi.StringPtrInput
	// The realm in which the ldap user federation provider exists.
	RealmId pulumi.StringInput
}

The set of arguments for constructing a HardcodedGroupMapper resource.

func (HardcodedGroupMapperArgs) ElementType 

func (HardcodedGroupMapperArgs) ElementType() reflect.Type

type HardcodedGroupMapperArray added in v3.4.1 

type HardcodedGroupMapperArray []HardcodedGroupMapperInput

func (HardcodedGroupMapperArray) ElementType added in v3.4.1 

func (HardcodedGroupMapperArray) ElementType() reflect.Type

func (HardcodedGroupMapperArray) ToHardcodedGroupMapperArrayOutput added in v3.4.1 

func (i HardcodedGroupMapperArray) ToHardcodedGroupMapperArrayOutput() HardcodedGroupMapperArrayOutput

func (HardcodedGroupMapperArray) ToHardcodedGroupMapperArrayOutputWithContext added in v3.4.1 

func (i HardcodedGroupMapperArray) ToHardcodedGroupMapperArrayOutputWithContext(ctx context.Context) HardcodedGroupMapperArrayOutput

type HardcodedGroupMapperArrayInput added in v3.4.1 

type HardcodedGroupMapperArrayInput interface {
	pulumi.Input

	ToHardcodedGroupMapperArrayOutput() HardcodedGroupMapperArrayOutput
	ToHardcodedGroupMapperArrayOutputWithContext(context.Context) HardcodedGroupMapperArrayOutput
}

HardcodedGroupMapperArrayInput is an input type that accepts HardcodedGroupMapperArray and HardcodedGroupMapperArrayOutput values. You can construct a concrete instance of `HardcodedGroupMapperArrayInput` via: 

HardcodedGroupMapperArray{ HardcodedGroupMapperArgs{...} }

type HardcodedGroupMapperArrayOutput added in v3.4.1 

type HardcodedGroupMapperArrayOutput struct{ *pulumi.OutputState }

func (HardcodedGroupMapperArrayOutput) ElementType added in v3.4.1 

func (HardcodedGroupMapperArrayOutput) ElementType() reflect.Type

func (HardcodedGroupMapperArrayOutput) Index added in v3.4.1 

func (o HardcodedGroupMapperArrayOutput) Index(i pulumi.IntInput) HardcodedGroupMapperOutput

func (HardcodedGroupMapperArrayOutput) ToHardcodedGroupMapperArrayOutput added in v3.4.1 

func (o HardcodedGroupMapperArrayOutput) ToHardcodedGroupMapperArrayOutput() HardcodedGroupMapperArrayOutput

func (HardcodedGroupMapperArrayOutput) ToHardcodedGroupMapperArrayOutputWithContext added in v3.4.1 

func (o HardcodedGroupMapperArrayOutput) ToHardcodedGroupMapperArrayOutputWithContext(ctx context.Context) HardcodedGroupMapperArrayOutput

type HardcodedGroupMapperInput added in v3.1.1 

type HardcodedGroupMapperInput interface {
	pulumi.Input

	ToHardcodedGroupMapperOutput() HardcodedGroupMapperOutput
	ToHardcodedGroupMapperOutputWithContext(ctx context.Context) HardcodedGroupMapperOutput
}

type HardcodedGroupMapperMap added in v3.4.1 

type HardcodedGroupMapperMap map[string]HardcodedGroupMapperInput

func (HardcodedGroupMapperMap) ElementType added in v3.4.1 

func (HardcodedGroupMapperMap) ElementType() reflect.Type

func (HardcodedGroupMapperMap) ToHardcodedGroupMapperMapOutput added in v3.4.1 

func (i HardcodedGroupMapperMap) ToHardcodedGroupMapperMapOutput() HardcodedGroupMapperMapOutput

func (HardcodedGroupMapperMap) ToHardcodedGroupMapperMapOutputWithContext added in v3.4.1 

func (i HardcodedGroupMapperMap) ToHardcodedGroupMapperMapOutputWithContext(ctx context.Context) HardcodedGroupMapperMapOutput

type HardcodedGroupMapperMapInput added in v3.4.1 

type HardcodedGroupMapperMapInput interface {
	pulumi.Input

	ToHardcodedGroupMapperMapOutput() HardcodedGroupMapperMapOutput
	ToHardcodedGroupMapperMapOutputWithContext(context.Context) HardcodedGroupMapperMapOutput
}

HardcodedGroupMapperMapInput is an input type that accepts HardcodedGroupMapperMap and HardcodedGroupMapperMapOutput values. You can construct a concrete instance of `HardcodedGroupMapperMapInput` via: 

HardcodedGroupMapperMap{ "key": HardcodedGroupMapperArgs{...} }

type HardcodedGroupMapperMapOutput added in v3.4.1 

type HardcodedGroupMapperMapOutput struct{ *pulumi.OutputState }

func (HardcodedGroupMapperMapOutput) ElementType added in v3.4.1 

func (HardcodedGroupMapperMapOutput) ElementType() reflect.Type

func (HardcodedGroupMapperMapOutput) MapIndex added in v3.4.1 

func (o HardcodedGroupMapperMapOutput) MapIndex(k pulumi.StringInput) HardcodedGroupMapperOutput

func (HardcodedGroupMapperMapOutput) ToHardcodedGroupMapperMapOutput added in v3.4.1 

func (o HardcodedGroupMapperMapOutput) ToHardcodedGroupMapperMapOutput() HardcodedGroupMapperMapOutput

func (HardcodedGroupMapperMapOutput) ToHardcodedGroupMapperMapOutputWithContext added in v3.4.1 

func (o HardcodedGroupMapperMapOutput) ToHardcodedGroupMapperMapOutputWithContext(ctx context.Context) HardcodedGroupMapperMapOutput

type HardcodedGroupMapperOutput added in v3.1.1 

type HardcodedGroupMapperOutput struct {
	*pulumi.OutputState
}

func (HardcodedGroupMapperOutput) ElementType added in v3.1.1 

func (HardcodedGroupMapperOutput) ElementType() reflect.Type

func (HardcodedGroupMapperOutput) ToHardcodedGroupMapperOutput added in v3.1.1 

func (o HardcodedGroupMapperOutput) ToHardcodedGroupMapperOutput() HardcodedGroupMapperOutput

func (HardcodedGroupMapperOutput) ToHardcodedGroupMapperOutputWithContext added in v3.1.1 

func (o HardcodedGroupMapperOutput) ToHardcodedGroupMapperOutputWithContext(ctx context.Context) HardcodedGroupMapperOutput

func (HardcodedGroupMapperOutput) ToHardcodedGroupMapperPtrOutput added in v3.4.1 

func (o HardcodedGroupMapperOutput) ToHardcodedGroupMapperPtrOutput() HardcodedGroupMapperPtrOutput

func (HardcodedGroupMapperOutput) ToHardcodedGroupMapperPtrOutputWithContext added in v3.4.1 

func (o HardcodedGroupMapperOutput) ToHardcodedGroupMapperPtrOutputWithContext(ctx context.Context) HardcodedGroupMapperPtrOutput

type HardcodedGroupMapperPtrInput added in v3.4.1 

type HardcodedGroupMapperPtrInput interface {
	pulumi.Input

	ToHardcodedGroupMapperPtrOutput() HardcodedGroupMapperPtrOutput
	ToHardcodedGroupMapperPtrOutputWithContext(ctx context.Context) HardcodedGroupMapperPtrOutput
}

type HardcodedGroupMapperPtrOutput added in v3.4.1 

type HardcodedGroupMapperPtrOutput struct {
	*pulumi.OutputState
}

func (HardcodedGroupMapperPtrOutput) ElementType added in v3.4.1 

func (HardcodedGroupMapperPtrOutput) ElementType() reflect.Type

func (HardcodedGroupMapperPtrOutput) ToHardcodedGroupMapperPtrOutput added in v3.4.1 

func (o HardcodedGroupMapperPtrOutput) ToHardcodedGroupMapperPtrOutput() HardcodedGroupMapperPtrOutput

func (HardcodedGroupMapperPtrOutput) ToHardcodedGroupMapperPtrOutputWithContext added in v3.4.1 

func (o HardcodedGroupMapperPtrOutput) ToHardcodedGroupMapperPtrOutputWithContext(ctx context.Context) HardcodedGroupMapperPtrOutput

type HardcodedGroupMapperState 

type HardcodedGroupMapperState struct {
	// Group to grant to user.
	Group pulumi.StringPtrInput
	// The ldap user federation provider to attach this mapper to.
	LdapUserFederationId pulumi.StringPtrInput
	// Display name of the mapper when displayed in the console.
	Name pulumi.StringPtrInput
	// The realm in which the ldap user federation provider exists.
	RealmId pulumi.StringPtrInput
}

func (HardcodedGroupMapperState) ElementType 

func (HardcodedGroupMapperState) ElementType() reflect.Type

type HardcodedRoleMapper 

type HardcodedRoleMapper struct {
	pulumi.CustomResourceState

	// The ID of the LDAP user federation provider to attach this mapper to.
	LdapUserFederationId pulumi.StringOutput `pulumi:"ldapUserFederationId"`
	// Display name of this mapper when displayed in the console.
	Name pulumi.StringOutput `pulumi:"name"`
	// The realm that this LDAP mapper will exist in.
	RealmId pulumi.StringOutput `pulumi:"realmId"`
	// The name of the role which should be assigned to the users. Client roles should use the format `{{client_id}}.{{client_role_name}}`.
	Role pulumi.StringOutput `pulumi:"role"`
}

Allows for creating and managing hardcoded role mappers for Keycloak users federated via LDAP.

The LDAP hardcoded role mapper will grant a specified Keycloak role to each Keycloak user linked with LDAP.

## Example Usage ### Realm Role)

```go package main

import ( 

"github.com/pulumi/pulumi-keycloak/sdk/v3/go/keycloak"
"github.com/pulumi/pulumi-keycloak/sdk/v3/go/keycloak/ldap"
"github.com/pulumi/pulumi/sdk/v2/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		realm, err := keycloak.NewRealm(ctx, "realm", &keycloak.RealmArgs{
			Realm:   pulumi.String("my-realm"),
			Enabled: pulumi.Bool(true),
		})
		if err != nil {
			return err
		}
		ldapUserFederation, err := ldap.NewUserFederation(ctx, "ldapUserFederation", &ldap.UserFederationArgs{
			RealmId:               realm.ID(),
			UsernameLdapAttribute: pulumi.String("cn"),
			RdnLdapAttribute:      pulumi.String("cn"),
			UuidLdapAttribute:     pulumi.String("entryDN"),
			UserObjectClasses: pulumi.StringArray{
				pulumi.String("simpleSecurityObject"),
				pulumi.String("organizationalRole"),
			},
			ConnectionUrl:  pulumi.String("ldap://openldap"),
			UsersDn:        pulumi.String("dc=example,dc=org"),
			BindDn:         pulumi.String("cn=admin,dc=example,dc=org"),
			BindCredential: pulumi.String("admin"),
		})
		if err != nil {
			return err
		}
		realmAdminRole, err := keycloak.NewRole(ctx, "realmAdminRole", &keycloak.RoleArgs{
			RealmId:     realm.ID(),
			Description: pulumi.String("My Realm Role"),
		})
		if err != nil {
			return err
		}
		_, err = ldap.NewHardcodedRoleMapper(ctx, "assignAdminRoleToAllUsers", &ldap.HardcodedRoleMapperArgs{
			RealmId:              realm.ID(),
			LdapUserFederationId: ldapUserFederation.ID(),
			Role:                 realmAdminRole.Name,
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Client Role)

```go package main

import ( 

"fmt"

"github.com/pulumi/pulumi-keycloak/sdk/v3/go/keycloak"
"github.com/pulumi/pulumi-keycloak/sdk/v3/go/keycloak/ldap"
"github.com/pulumi/pulumi-keycloak/sdk/v3/go/keycloak/openid"
"github.com/pulumi/pulumi/sdk/v2/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		realm, err := keycloak.NewRealm(ctx, "realm", &keycloak.RealmArgs{
			Realm:   pulumi.String("my-realm"),
			Enabled: pulumi.Bool(true),
		})
		if err != nil {
			return err
		}
		ldapUserFederation, err := ldap.NewUserFederation(ctx, "ldapUserFederation", &ldap.UserFederationArgs{
			RealmId:               realm.ID(),
			UsernameLdapAttribute: pulumi.String("cn"),
			RdnLdapAttribute:      pulumi.String("cn"),
			UuidLdapAttribute:     pulumi.String("entryDN"),
			UserObjectClasses: pulumi.StringArray{
				pulumi.String("simpleSecurityObject"),
				pulumi.String("organizationalRole"),
			},
			ConnectionUrl:  pulumi.String("ldap://openldap"),
			UsersDn:        pulumi.String("dc=example,dc=org"),
			BindDn:         pulumi.String("cn=admin,dc=example,dc=org"),
			BindCredential: pulumi.String("admin"),
		})
		if err != nil {
			return err
		}
		_, err = ldap.NewHardcodedRoleMapper(ctx, "assignAdminRoleToAllUsers", &ldap.HardcodedRoleMapperArgs{
			RealmId:              realm.ID(),
			LdapUserFederationId: ldapUserFederation.ID(),
			Role: pulumi.All(realmManagement, createClient).ApplyT(func(_args []interface{}) (string, error) {
				realmManagement := _args[0].(openid.LookupClientResult)
				createClient := _args[1].(keycloak.LookupRoleResult)
				return fmt.Sprintf("%v%v%v", realmManagement.ClientId, ".", createClient.Name), nil
			}).(pulumi.StringOutput),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

LDAP mappers can be imported using the format `{{realm_id}}/{{ldap_user_federation_id}}/{{ldap_mapper_id}}`. The ID of the LDAP user federation provider and the mapper can be found within the Keycloak GUI, and they are typically GUIDs. Examplebash

```sh 

$ pulumi import keycloak:ldap/hardcodedRoleMapper:HardcodedRoleMapper assign_admin_role_to_all_users my-realm/af2a6ca3-e4d7-49c3-b08b-1b3c70b4b860/3d923ece-1a91-4bf7-adaf-3b82f2a12b67

```

func GetHardcodedRoleMapper 

func GetHardcodedRoleMapper(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *HardcodedRoleMapperState, opts ...pulumi.ResourceOption) (*HardcodedRoleMapper, error)

GetHardcodedRoleMapper gets an existing HardcodedRoleMapper resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewHardcodedRoleMapper 

func NewHardcodedRoleMapper(ctx *pulumi.Context,
	name string, args *HardcodedRoleMapperArgs, opts ...pulumi.ResourceOption) (*HardcodedRoleMapper, error)

NewHardcodedRoleMapper registers a new resource with the given unique name, arguments, and options.

func (*HardcodedRoleMapper) ElementType added in v3.1.1 

func (*HardcodedRoleMapper) ElementType() reflect.Type

func (*HardcodedRoleMapper) ToHardcodedRoleMapperOutput added in v3.1.1 

func (i *HardcodedRoleMapper) ToHardcodedRoleMapperOutput() HardcodedRoleMapperOutput

func (*HardcodedRoleMapper) ToHardcodedRoleMapperOutputWithContext added in v3.1.1 

func (i *HardcodedRoleMapper) ToHardcodedRoleMapperOutputWithContext(ctx context.Context) HardcodedRoleMapperOutput

func (*HardcodedRoleMapper) ToHardcodedRoleMapperPtrOutput added in v3.4.1 

func (i *HardcodedRoleMapper) ToHardcodedRoleMapperPtrOutput() HardcodedRoleMapperPtrOutput

func (*HardcodedRoleMapper) ToHardcodedRoleMapperPtrOutputWithContext added in v3.4.1 

func (i *HardcodedRoleMapper) ToHardcodedRoleMapperPtrOutputWithContext(ctx context.Context) HardcodedRoleMapperPtrOutput

type HardcodedRoleMapperArgs 

type HardcodedRoleMapperArgs struct {
	// The ID of the LDAP user federation provider to attach this mapper to.
	LdapUserFederationId pulumi.StringInput
	// Display name of this mapper when displayed in the console.
	Name pulumi.StringPtrInput
	// The realm that this LDAP mapper will exist in.
	RealmId pulumi.StringInput
	// The name of the role which should be assigned to the users. Client roles should use the format `{{client_id}}.{{client_role_name}}`.
	Role pulumi.StringInput
}

The set of arguments for constructing a HardcodedRoleMapper resource.

func (HardcodedRoleMapperArgs) ElementType 

func (HardcodedRoleMapperArgs) ElementType() reflect.Type

type HardcodedRoleMapperArray added in v3.4.1 

type HardcodedRoleMapperArray []HardcodedRoleMapperInput

func (HardcodedRoleMapperArray) ElementType added in v3.4.1 

func (HardcodedRoleMapperArray) ElementType() reflect.Type

func (HardcodedRoleMapperArray) ToHardcodedRoleMapperArrayOutput added in v3.4.1 

func (i HardcodedRoleMapperArray) ToHardcodedRoleMapperArrayOutput() HardcodedRoleMapperArrayOutput

func (HardcodedRoleMapperArray) ToHardcodedRoleMapperArrayOutputWithContext added in v3.4.1 

func (i HardcodedRoleMapperArray) ToHardcodedRoleMapperArrayOutputWithContext(ctx context.Context) HardcodedRoleMapperArrayOutput

type HardcodedRoleMapperArrayInput added in v3.4.1 

type HardcodedRoleMapperArrayInput interface {
	pulumi.Input

	ToHardcodedRoleMapperArrayOutput() HardcodedRoleMapperArrayOutput
	ToHardcodedRoleMapperArrayOutputWithContext(context.Context) HardcodedRoleMapperArrayOutput
}

HardcodedRoleMapperArrayInput is an input type that accepts HardcodedRoleMapperArray and HardcodedRoleMapperArrayOutput values. You can construct a concrete instance of `HardcodedRoleMapperArrayInput` via: 

HardcodedRoleMapperArray{ HardcodedRoleMapperArgs{...} }

type HardcodedRoleMapperArrayOutput added in v3.4.1 

type HardcodedRoleMapperArrayOutput struct{ *pulumi.OutputState }

func (HardcodedRoleMapperArrayOutput) ElementType added in v3.4.1 

func (HardcodedRoleMapperArrayOutput) ElementType() reflect.Type

func (HardcodedRoleMapperArrayOutput) Index added in v3.4.1 

func (o HardcodedRoleMapperArrayOutput) Index(i pulumi.IntInput) HardcodedRoleMapperOutput

func (HardcodedRoleMapperArrayOutput) ToHardcodedRoleMapperArrayOutput added in v3.4.1 

func (o HardcodedRoleMapperArrayOutput) ToHardcodedRoleMapperArrayOutput() HardcodedRoleMapperArrayOutput

func (HardcodedRoleMapperArrayOutput) ToHardcodedRoleMapperArrayOutputWithContext added in v3.4.1 

func (o HardcodedRoleMapperArrayOutput) ToHardcodedRoleMapperArrayOutputWithContext(ctx context.Context) HardcodedRoleMapperArrayOutput

type HardcodedRoleMapperInput added in v3.1.1 

type HardcodedRoleMapperInput interface {
	pulumi.Input

	ToHardcodedRoleMapperOutput() HardcodedRoleMapperOutput
	ToHardcodedRoleMapperOutputWithContext(ctx context.Context) HardcodedRoleMapperOutput
}

type HardcodedRoleMapperMap added in v3.4.1 

type HardcodedRoleMapperMap map[string]HardcodedRoleMapperInput

func (HardcodedRoleMapperMap) ElementType added in v3.4.1 

func (HardcodedRoleMapperMap) ElementType() reflect.Type

func (HardcodedRoleMapperMap) ToHardcodedRoleMapperMapOutput added in v3.4.1 

func (i HardcodedRoleMapperMap) ToHardcodedRoleMapperMapOutput() HardcodedRoleMapperMapOutput

func (HardcodedRoleMapperMap) ToHardcodedRoleMapperMapOutputWithContext added in v3.4.1 

func (i HardcodedRoleMapperMap) ToHardcodedRoleMapperMapOutputWithContext(ctx context.Context) HardcodedRoleMapperMapOutput

type HardcodedRoleMapperMapInput added in v3.4.1 

type HardcodedRoleMapperMapInput interface {
	pulumi.Input

	ToHardcodedRoleMapperMapOutput() HardcodedRoleMapperMapOutput
	ToHardcodedRoleMapperMapOutputWithContext(context.Context) HardcodedRoleMapperMapOutput
}

HardcodedRoleMapperMapInput is an input type that accepts HardcodedRoleMapperMap and HardcodedRoleMapperMapOutput values. You can construct a concrete instance of `HardcodedRoleMapperMapInput` via: 

HardcodedRoleMapperMap{ "key": HardcodedRoleMapperArgs{...} }

type HardcodedRoleMapperMapOutput added in v3.4.1 

type HardcodedRoleMapperMapOutput struct{ *pulumi.OutputState }

func (HardcodedRoleMapperMapOutput) ElementType added in v3.4.1 

func (HardcodedRoleMapperMapOutput) ElementType() reflect.Type

func (HardcodedRoleMapperMapOutput) MapIndex added in v3.4.1 

func (o HardcodedRoleMapperMapOutput) MapIndex(k pulumi.StringInput) HardcodedRoleMapperOutput

func (HardcodedRoleMapperMapOutput) ToHardcodedRoleMapperMapOutput added in v3.4.1 

func (o HardcodedRoleMapperMapOutput) ToHardcodedRoleMapperMapOutput() HardcodedRoleMapperMapOutput

func (HardcodedRoleMapperMapOutput) ToHardcodedRoleMapperMapOutputWithContext added in v3.4.1 

func (o HardcodedRoleMapperMapOutput) ToHardcodedRoleMapperMapOutputWithContext(ctx context.Context) HardcodedRoleMapperMapOutput

type HardcodedRoleMapperOutput added in v3.1.1 

type HardcodedRoleMapperOutput struct {
	*pulumi.OutputState
}

func (HardcodedRoleMapperOutput) ElementType added in v3.1.1 

func (HardcodedRoleMapperOutput) ElementType() reflect.Type

func (HardcodedRoleMapperOutput) ToHardcodedRoleMapperOutput added in v3.1.1 

func (o HardcodedRoleMapperOutput) ToHardcodedRoleMapperOutput() HardcodedRoleMapperOutput

func (HardcodedRoleMapperOutput) ToHardcodedRoleMapperOutputWithContext added in v3.1.1 

func (o HardcodedRoleMapperOutput) ToHardcodedRoleMapperOutputWithContext(ctx context.Context) HardcodedRoleMapperOutput

func (HardcodedRoleMapperOutput) ToHardcodedRoleMapperPtrOutput added in v3.4.1 

func (o HardcodedRoleMapperOutput) ToHardcodedRoleMapperPtrOutput() HardcodedRoleMapperPtrOutput

func (HardcodedRoleMapperOutput) ToHardcodedRoleMapperPtrOutputWithContext added in v3.4.1 

func (o HardcodedRoleMapperOutput) ToHardcodedRoleMapperPtrOutputWithContext(ctx context.Context) HardcodedRoleMapperPtrOutput

type HardcodedRoleMapperPtrInput added in v3.4.1 

type HardcodedRoleMapperPtrInput interface {
	pulumi.Input

	ToHardcodedRoleMapperPtrOutput() HardcodedRoleMapperPtrOutput
	ToHardcodedRoleMapperPtrOutputWithContext(ctx context.Context) HardcodedRoleMapperPtrOutput
}

type HardcodedRoleMapperPtrOutput added in v3.4.1 

type HardcodedRoleMapperPtrOutput struct {
	*pulumi.OutputState
}

func (HardcodedRoleMapperPtrOutput) ElementType added in v3.4.1 

func (HardcodedRoleMapperPtrOutput) ElementType() reflect.Type

func (HardcodedRoleMapperPtrOutput) ToHardcodedRoleMapperPtrOutput added in v3.4.1 

func (o HardcodedRoleMapperPtrOutput) ToHardcodedRoleMapperPtrOutput() HardcodedRoleMapperPtrOutput

func (HardcodedRoleMapperPtrOutput) ToHardcodedRoleMapperPtrOutputWithContext added in v3.4.1 

func (o HardcodedRoleMapperPtrOutput) ToHardcodedRoleMapperPtrOutputWithContext(ctx context.Context) HardcodedRoleMapperPtrOutput

type HardcodedRoleMapperState 

type HardcodedRoleMapperState struct {
	// The ID of the LDAP user federation provider to attach this mapper to.
	LdapUserFederationId pulumi.StringPtrInput
	// Display name of this mapper when displayed in the console.
	Name pulumi.StringPtrInput
	// The realm that this LDAP mapper will exist in.
	RealmId pulumi.StringPtrInput
	// The name of the role which should be assigned to the users. Client roles should use the format `{{client_id}}.{{client_role_name}}`.
	Role pulumi.StringPtrInput
}

func (HardcodedRoleMapperState) ElementType 

func (HardcodedRoleMapperState) ElementType() reflect.Type

type MsadLdsUserAccountControlMapper 

type MsadLdsUserAccountControlMapper struct {
	pulumi.CustomResourceState

	// The ID of the LDAP user federation provider to attach this mapper to.
	LdapUserFederationId pulumi.StringOutput `pulumi:"ldapUserFederationId"`
	// Display name of this mapper when displayed in the console.
	Name pulumi.StringOutput `pulumi:"name"`
	// The realm that this LDAP mapper will exist in.
	RealmId pulumi.StringOutput `pulumi:"realmId"`
}

Allows for creating and managing MSAD-LDS user account control mappers for Keycloak users federated via LDAP.

The MSAD-LDS (Microsoft Active Directory Lightweight Directory Service) user account control mapper is specific to LDAP user federation providers that are pulling from AD-LDS, and it can propagate AD-LDS user state to Keycloak in order to enforce settings like expired passwords or disabled accounts.

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-keycloak/sdk/v3/go/keycloak"
"github.com/pulumi/pulumi-keycloak/sdk/v3/go/keycloak/ldap"
"github.com/pulumi/pulumi/sdk/v2/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		realm, err := keycloak.NewRealm(ctx, "realm", &keycloak.RealmArgs{
			Realm:   pulumi.String("my-realm"),
			Enabled: pulumi.Bool(true),
		})
		if err != nil {
			return err
		}
		ldapUserFederation, err := ldap.NewUserFederation(ctx, "ldapUserFederation", &ldap.UserFederationArgs{
			RealmId:               realm.ID(),
			UsernameLdapAttribute: pulumi.String("cn"),
			RdnLdapAttribute:      pulumi.String("cn"),
			UuidLdapAttribute:     pulumi.String("objectGUID"),
			UserObjectClasses: pulumi.StringArray{
				pulumi.String("person"),
				pulumi.String("organizationalPerson"),
				pulumi.String("user"),
			},
			ConnectionUrl:  pulumi.String("ldap://my-ad-server"),
			UsersDn:        pulumi.String("dc=example,dc=org"),
			BindDn:         pulumi.String("cn=admin,dc=example,dc=org"),
			BindCredential: pulumi.String("admin"),
		})
		if err != nil {
			return err
		}
		_, err = ldap.NewMsadLdsUserAccountControlMapper(ctx, "msadLdsUserAccountControlMapper", &ldap.MsadLdsUserAccountControlMapperArgs{
			RealmId:              realm.ID(),
			LdapUserFederationId: ldapUserFederation.ID(),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

LDAP mappers can be imported using the format `{{realm_id}}/{{ldap_user_federation_id}}/{{ldap_mapper_id}}`. The ID of the LDAP user federation provider and the mapper can be found within the Keycloak GUI, and they are typically GUIDs. Examplebash

```sh 

$ pulumi import keycloak:ldap/msadLdsUserAccountControlMapper:MsadLdsUserAccountControlMapper msad_lds_user_account_control_mapper my-realm/af2a6ca3-e4d7-49c3-b08b-1b3c70b4b860/3d923ece-1a91-4bf7-adaf-3b82f2a12b67

```

func GetMsadLdsUserAccountControlMapper 

func GetMsadLdsUserAccountControlMapper(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *MsadLdsUserAccountControlMapperState, opts ...pulumi.ResourceOption) (*MsadLdsUserAccountControlMapper, error)

GetMsadLdsUserAccountControlMapper gets an existing MsadLdsUserAccountControlMapper resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewMsadLdsUserAccountControlMapper 

func NewMsadLdsUserAccountControlMapper(ctx *pulumi.Context,
	name string, args *MsadLdsUserAccountControlMapperArgs, opts ...pulumi.ResourceOption) (*MsadLdsUserAccountControlMapper, error)

NewMsadLdsUserAccountControlMapper registers a new resource with the given unique name, arguments, and options.

func (*MsadLdsUserAccountControlMapper) ElementType added in v3.1.1 

func (*MsadLdsUserAccountControlMapper) ElementType() reflect.Type

func (*MsadLdsUserAccountControlMapper) ToMsadLdsUserAccountControlMapperOutput added in v3.1.1 

func (i *MsadLdsUserAccountControlMapper) ToMsadLdsUserAccountControlMapperOutput() MsadLdsUserAccountControlMapperOutput

func (*MsadLdsUserAccountControlMapper) ToMsadLdsUserAccountControlMapperOutputWithContext added in v3.1.1 

func (i *MsadLdsUserAccountControlMapper) ToMsadLdsUserAccountControlMapperOutputWithContext(ctx context.Context) MsadLdsUserAccountControlMapperOutput

func (*MsadLdsUserAccountControlMapper) ToMsadLdsUserAccountControlMapperPtrOutput added in v3.4.1 

func (i *MsadLdsUserAccountControlMapper) ToMsadLdsUserAccountControlMapperPtrOutput() MsadLdsUserAccountControlMapperPtrOutput

func (*MsadLdsUserAccountControlMapper) ToMsadLdsUserAccountControlMapperPtrOutputWithContext added in v3.4.1 

func (i *MsadLdsUserAccountControlMapper) ToMsadLdsUserAccountControlMapperPtrOutputWithContext(ctx context.Context) MsadLdsUserAccountControlMapperPtrOutput

type MsadLdsUserAccountControlMapperArgs 

type MsadLdsUserAccountControlMapperArgs struct {
	// The ID of the LDAP user federation provider to attach this mapper to.
	LdapUserFederationId pulumi.StringInput
	// Display name of this mapper when displayed in the console.
	Name pulumi.StringPtrInput
	// The realm that this LDAP mapper will exist in.
	RealmId pulumi.StringInput
}

The set of arguments for constructing a MsadLdsUserAccountControlMapper resource.

func (MsadLdsUserAccountControlMapperArgs) ElementType 

func (MsadLdsUserAccountControlMapperArgs) ElementType() reflect.Type

type MsadLdsUserAccountControlMapperArray added in v3.4.1 

type MsadLdsUserAccountControlMapperArray []MsadLdsUserAccountControlMapperInput

func (MsadLdsUserAccountControlMapperArray) ElementType added in v3.4.1 

func (MsadLdsUserAccountControlMapperArray) ElementType() reflect.Type

func (MsadLdsUserAccountControlMapperArray) ToMsadLdsUserAccountControlMapperArrayOutput added in v3.4.1 

func (i MsadLdsUserAccountControlMapperArray) ToMsadLdsUserAccountControlMapperArrayOutput() MsadLdsUserAccountControlMapperArrayOutput

func (MsadLdsUserAccountControlMapperArray) ToMsadLdsUserAccountControlMapperArrayOutputWithContext added in v3.4.1 

func (i MsadLdsUserAccountControlMapperArray) ToMsadLdsUserAccountControlMapperArrayOutputWithContext(ctx context.Context) MsadLdsUserAccountControlMapperArrayOutput

type MsadLdsUserAccountControlMapperArrayInput added in v3.4.1 

type MsadLdsUserAccountControlMapperArrayInput interface {
	pulumi.Input

	ToMsadLdsUserAccountControlMapperArrayOutput() MsadLdsUserAccountControlMapperArrayOutput
	ToMsadLdsUserAccountControlMapperArrayOutputWithContext(context.Context) MsadLdsUserAccountControlMapperArrayOutput
}

MsadLdsUserAccountControlMapperArrayInput is an input type that accepts MsadLdsUserAccountControlMapperArray and MsadLdsUserAccountControlMapperArrayOutput values. You can construct a concrete instance of `MsadLdsUserAccountControlMapperArrayInput` via: 

MsadLdsUserAccountControlMapperArray{ MsadLdsUserAccountControlMapperArgs{...} }

type MsadLdsUserAccountControlMapperArrayOutput added in v3.4.1 

type MsadLdsUserAccountControlMapperArrayOutput struct{ *pulumi.OutputState }

func (MsadLdsUserAccountControlMapperArrayOutput) ElementType added in v3.4.1 

func (MsadLdsUserAccountControlMapperArrayOutput) ElementType() reflect.Type

func (MsadLdsUserAccountControlMapperArrayOutput) Index added in v3.4.1 

func (o MsadLdsUserAccountControlMapperArrayOutput) Index(i pulumi.IntInput) MsadLdsUserAccountControlMapperOutput

func (MsadLdsUserAccountControlMapperArrayOutput) ToMsadLdsUserAccountControlMapperArrayOutput added in v3.4.1 

func (o MsadLdsUserAccountControlMapperArrayOutput) ToMsadLdsUserAccountControlMapperArrayOutput() MsadLdsUserAccountControlMapperArrayOutput

func (MsadLdsUserAccountControlMapperArrayOutput) ToMsadLdsUserAccountControlMapperArrayOutputWithContext added in v3.4.1 

func (o MsadLdsUserAccountControlMapperArrayOutput) ToMsadLdsUserAccountControlMapperArrayOutputWithContext(ctx context.Context) MsadLdsUserAccountControlMapperArrayOutput

type MsadLdsUserAccountControlMapperInput added in v3.1.1 

type MsadLdsUserAccountControlMapperInput interface {
	pulumi.Input

	ToMsadLdsUserAccountControlMapperOutput() MsadLdsUserAccountControlMapperOutput
	ToMsadLdsUserAccountControlMapperOutputWithContext(ctx context.Context) MsadLdsUserAccountControlMapperOutput
}

type MsadLdsUserAccountControlMapperMap added in v3.4.1 

type MsadLdsUserAccountControlMapperMap map[string]MsadLdsUserAccountControlMapperInput

func (MsadLdsUserAccountControlMapperMap) ElementType added in v3.4.1 

func (MsadLdsUserAccountControlMapperMap) ElementType() reflect.Type

func (MsadLdsUserAccountControlMapperMap) ToMsadLdsUserAccountControlMapperMapOutput added in v3.4.1 

func (i MsadLdsUserAccountControlMapperMap) ToMsadLdsUserAccountControlMapperMapOutput() MsadLdsUserAccountControlMapperMapOutput

func (MsadLdsUserAccountControlMapperMap) ToMsadLdsUserAccountControlMapperMapOutputWithContext added in v3.4.1 

func (i MsadLdsUserAccountControlMapperMap) ToMsadLdsUserAccountControlMapperMapOutputWithContext(ctx context.Context) MsadLdsUserAccountControlMapperMapOutput

type MsadLdsUserAccountControlMapperMapInput added in v3.4.1 

type MsadLdsUserAccountControlMapperMapInput interface {
	pulumi.Input

	ToMsadLdsUserAccountControlMapperMapOutput() MsadLdsUserAccountControlMapperMapOutput
	ToMsadLdsUserAccountControlMapperMapOutputWithContext(context.Context) MsadLdsUserAccountControlMapperMapOutput
}

MsadLdsUserAccountControlMapperMapInput is an input type that accepts MsadLdsUserAccountControlMapperMap and MsadLdsUserAccountControlMapperMapOutput values. You can construct a concrete instance of `MsadLdsUserAccountControlMapperMapInput` via: 

MsadLdsUserAccountControlMapperMap{ "key": MsadLdsUserAccountControlMapperArgs{...} }

type MsadLdsUserAccountControlMapperMapOutput added in v3.4.1 

type MsadLdsUserAccountControlMapperMapOutput struct{ *pulumi.OutputState }

func (MsadLdsUserAccountControlMapperMapOutput) ElementType added in v3.4.1 

func (MsadLdsUserAccountControlMapperMapOutput) ElementType() reflect.Type

func (MsadLdsUserAccountControlMapperMapOutput) MapIndex added in v3.4.1 

func (o MsadLdsUserAccountControlMapperMapOutput) MapIndex(k pulumi.StringInput) MsadLdsUserAccountControlMapperOutput

func (MsadLdsUserAccountControlMapperMapOutput) ToMsadLdsUserAccountControlMapperMapOutput added in v3.4.1 

func (o MsadLdsUserAccountControlMapperMapOutput) ToMsadLdsUserAccountControlMapperMapOutput() MsadLdsUserAccountControlMapperMapOutput

func (MsadLdsUserAccountControlMapperMapOutput) ToMsadLdsUserAccountControlMapperMapOutputWithContext added in v3.4.1 

func (o MsadLdsUserAccountControlMapperMapOutput) ToMsadLdsUserAccountControlMapperMapOutputWithContext(ctx context.Context) MsadLdsUserAccountControlMapperMapOutput

type MsadLdsUserAccountControlMapperOutput added in v3.1.1 

type MsadLdsUserAccountControlMapperOutput struct {
	*pulumi.OutputState
}

func (MsadLdsUserAccountControlMapperOutput) ElementType added in v3.1.1 

func (MsadLdsUserAccountControlMapperOutput) ElementType() reflect.Type

func (MsadLdsUserAccountControlMapperOutput) ToMsadLdsUserAccountControlMapperOutput added in v3.1.1 

func (o MsadLdsUserAccountControlMapperOutput) ToMsadLdsUserAccountControlMapperOutput() MsadLdsUserAccountControlMapperOutput

func (MsadLdsUserAccountControlMapperOutput) ToMsadLdsUserAccountControlMapperOutputWithContext added in v3.1.1 

func (o MsadLdsUserAccountControlMapperOutput) ToMsadLdsUserAccountControlMapperOutputWithContext(ctx context.Context) MsadLdsUserAccountControlMapperOutput

func (MsadLdsUserAccountControlMapperOutput) ToMsadLdsUserAccountControlMapperPtrOutput added in v3.4.1 

func (o MsadLdsUserAccountControlMapperOutput) ToMsadLdsUserAccountControlMapperPtrOutput() MsadLdsUserAccountControlMapperPtrOutput

func (MsadLdsUserAccountControlMapperOutput) ToMsadLdsUserAccountControlMapperPtrOutputWithContext added in v3.4.1 

func (o MsadLdsUserAccountControlMapperOutput) ToMsadLdsUserAccountControlMapperPtrOutputWithContext(ctx context.Context) MsadLdsUserAccountControlMapperPtrOutput

type MsadLdsUserAccountControlMapperPtrInput added in v3.4.1 

type MsadLdsUserAccountControlMapperPtrInput interface {
	pulumi.Input

	ToMsadLdsUserAccountControlMapperPtrOutput() MsadLdsUserAccountControlMapperPtrOutput
	ToMsadLdsUserAccountControlMapperPtrOutputWithContext(ctx context.Context) MsadLdsUserAccountControlMapperPtrOutput
}

type MsadLdsUserAccountControlMapperPtrOutput added in v3.4.1 

type MsadLdsUserAccountControlMapperPtrOutput struct {
	*pulumi.OutputState
}

func (MsadLdsUserAccountControlMapperPtrOutput) ElementType added in v3.4.1 

func (MsadLdsUserAccountControlMapperPtrOutput) ElementType() reflect.Type

func (MsadLdsUserAccountControlMapperPtrOutput) ToMsadLdsUserAccountControlMapperPtrOutput added in v3.4.1 

func (o MsadLdsUserAccountControlMapperPtrOutput) ToMsadLdsUserAccountControlMapperPtrOutput() MsadLdsUserAccountControlMapperPtrOutput

func (MsadLdsUserAccountControlMapperPtrOutput) ToMsadLdsUserAccountControlMapperPtrOutputWithContext added in v3.4.1 

func (o MsadLdsUserAccountControlMapperPtrOutput) ToMsadLdsUserAccountControlMapperPtrOutputWithContext(ctx context.Context) MsadLdsUserAccountControlMapperPtrOutput

type MsadLdsUserAccountControlMapperState 

type MsadLdsUserAccountControlMapperState struct {
	// The ID of the LDAP user federation provider to attach this mapper to.
	LdapUserFederationId pulumi.StringPtrInput
	// Display name of this mapper when displayed in the console.
	Name pulumi.StringPtrInput
	// The realm that this LDAP mapper will exist in.
	RealmId pulumi.StringPtrInput
}

func (MsadLdsUserAccountControlMapperState) ElementType 

func (MsadLdsUserAccountControlMapperState) ElementType() reflect.Type

type MsadUserAccountControlMapper 

type MsadUserAccountControlMapper struct {
	pulumi.CustomResourceState

	// When `true`, advanced password policies, such as password hints and previous password history will be used when writing new passwords to AD. Defaults to `false`.
	LdapPasswordPolicyHintsEnabled pulumi.BoolPtrOutput `pulumi:"ldapPasswordPolicyHintsEnabled"`
	// The ID of the LDAP user federation provider to attach this mapper to.
	LdapUserFederationId pulumi.StringOutput `pulumi:"ldapUserFederationId"`
	// Display name of this mapper when displayed in the console.
	Name pulumi.StringOutput `pulumi:"name"`
	// The realm that this LDAP mapper will exist in.
	RealmId pulumi.StringOutput `pulumi:"realmId"`
}

Allows for creating and managing MSAD user account control mappers for Keycloak users federated via LDAP.

The MSAD (Microsoft Active Directory) user account control mapper is specific to LDAP user federation providers that are pulling from AD, and it can propagate AD user state to Keycloak in order to enforce settings like expired passwords or disabled accounts.

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-keycloak/sdk/v3/go/keycloak"
"github.com/pulumi/pulumi-keycloak/sdk/v3/go/keycloak/ldap"
"github.com/pulumi/pulumi/sdk/v2/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		realm, err := keycloak.NewRealm(ctx, "realm", &keycloak.RealmArgs{
			Realm:   pulumi.String("my-realm"),
			Enabled: pulumi.Bool(true),
		})
		if err != nil {
			return err
		}
		ldapUserFederation, err := ldap.NewUserFederation(ctx, "ldapUserFederation", &ldap.UserFederationArgs{
			RealmId:               realm.ID(),
			UsernameLdapAttribute: pulumi.String("cn"),
			RdnLdapAttribute:      pulumi.String("cn"),
			UuidLdapAttribute:     pulumi.String("objectGUID"),
			UserObjectClasses: pulumi.StringArray{
				pulumi.String("person"),
				pulumi.String("organizationalPerson"),
				pulumi.String("user"),
			},
			ConnectionUrl:  pulumi.String("ldap://my-ad-server"),
			UsersDn:        pulumi.String("dc=example,dc=org"),
			BindDn:         pulumi.String("cn=admin,dc=example,dc=org"),
			BindCredential: pulumi.String("admin"),
		})
		if err != nil {
			return err
		}
		_, err = ldap.NewMsadUserAccountControlMapper(ctx, "msadUserAccountControlMapper", &ldap.MsadUserAccountControlMapperArgs{
			RealmId:              realm.ID(),
			LdapUserFederationId: ldapUserFederation.ID(),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

LDAP mappers can be imported using the format `{{realm_id}}/{{ldap_user_federation_id}}/{{ldap_mapper_id}}`. The ID of the LDAP user federation provider and the mapper can be found within the Keycloak GUI, and they are typically GUIDs. Examplebash

```sh 

$ pulumi import keycloak:ldap/msadUserAccountControlMapper:MsadUserAccountControlMapper msad_user_account_control_mapper my-realm/af2a6ca3-e4d7-49c3-b08b-1b3c70b4b860/3d923ece-1a91-4bf7-adaf-3b82f2a12b67

```

func GetMsadUserAccountControlMapper 

func GetMsadUserAccountControlMapper(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *MsadUserAccountControlMapperState, opts ...pulumi.ResourceOption) (*MsadUserAccountControlMapper, error)

GetMsadUserAccountControlMapper gets an existing MsadUserAccountControlMapper resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewMsadUserAccountControlMapper 

func NewMsadUserAccountControlMapper(ctx *pulumi.Context,
	name string, args *MsadUserAccountControlMapperArgs, opts ...pulumi.ResourceOption) (*MsadUserAccountControlMapper, error)

NewMsadUserAccountControlMapper registers a new resource with the given unique name, arguments, and options.

func (*MsadUserAccountControlMapper) ElementType added in v3.1.1 

func (*MsadUserAccountControlMapper) ElementType() reflect.Type

func (*MsadUserAccountControlMapper) ToMsadUserAccountControlMapperOutput added in v3.1.1 

func (i *MsadUserAccountControlMapper) ToMsadUserAccountControlMapperOutput() MsadUserAccountControlMapperOutput

func (*MsadUserAccountControlMapper) ToMsadUserAccountControlMapperOutputWithContext added in v3.1.1 

func (i *MsadUserAccountControlMapper) ToMsadUserAccountControlMapperOutputWithContext(ctx context.Context) MsadUserAccountControlMapperOutput

func (*MsadUserAccountControlMapper) ToMsadUserAccountControlMapperPtrOutput added in v3.4.1 

func (i *MsadUserAccountControlMapper) ToMsadUserAccountControlMapperPtrOutput() MsadUserAccountControlMapperPtrOutput

func (*MsadUserAccountControlMapper) ToMsadUserAccountControlMapperPtrOutputWithContext added in v3.4.1 

func (i *MsadUserAccountControlMapper) ToMsadUserAccountControlMapperPtrOutputWithContext(ctx context.Context) MsadUserAccountControlMapperPtrOutput

type MsadUserAccountControlMapperArgs 

type MsadUserAccountControlMapperArgs struct {
	// When `true`, advanced password policies, such as password hints and previous password history will be used when writing new passwords to AD. Defaults to `false`.
	LdapPasswordPolicyHintsEnabled pulumi.BoolPtrInput
	// The ID of the LDAP user federation provider to attach this mapper to.
	LdapUserFederationId pulumi.StringInput
	// Display name of this mapper when displayed in the console.
	Name pulumi.StringPtrInput
	// The realm that this LDAP mapper will exist in.
	RealmId pulumi.StringInput
}

The set of arguments for constructing a MsadUserAccountControlMapper resource.

func (MsadUserAccountControlMapperArgs) ElementType 

func (MsadUserAccountControlMapperArgs) ElementType() reflect.Type

type MsadUserAccountControlMapperArray added in v3.4.1 

type MsadUserAccountControlMapperArray []MsadUserAccountControlMapperInput

func (MsadUserAccountControlMapperArray) ElementType added in v3.4.1 

func (MsadUserAccountControlMapperArray) ElementType() reflect.Type

func (MsadUserAccountControlMapperArray) ToMsadUserAccountControlMapperArrayOutput added in v3.4.1 

func (i MsadUserAccountControlMapperArray) ToMsadUserAccountControlMapperArrayOutput() MsadUserAccountControlMapperArrayOutput

func (MsadUserAccountControlMapperArray) ToMsadUserAccountControlMapperArrayOutputWithContext added in v3.4.1 

func (i MsadUserAccountControlMapperArray) ToMsadUserAccountControlMapperArrayOutputWithContext(ctx context.Context) MsadUserAccountControlMapperArrayOutput

type MsadUserAccountControlMapperArrayInput added in v3.4.1 

type MsadUserAccountControlMapperArrayInput interface {
	pulumi.Input

	ToMsadUserAccountControlMapperArrayOutput() MsadUserAccountControlMapperArrayOutput
	ToMsadUserAccountControlMapperArrayOutputWithContext(context.Context) MsadUserAccountControlMapperArrayOutput
}

MsadUserAccountControlMapperArrayInput is an input type that accepts MsadUserAccountControlMapperArray and MsadUserAccountControlMapperArrayOutput values. You can construct a concrete instance of `MsadUserAccountControlMapperArrayInput` via: 

MsadUserAccountControlMapperArray{ MsadUserAccountControlMapperArgs{...} }

type MsadUserAccountControlMapperArrayOutput added in v3.4.1 

type MsadUserAccountControlMapperArrayOutput struct{ *pulumi.OutputState }

func (MsadUserAccountControlMapperArrayOutput) ElementType added in v3.4.1 

func (MsadUserAccountControlMapperArrayOutput) ElementType() reflect.Type

func (MsadUserAccountControlMapperArrayOutput) Index added in v3.4.1 

func (o MsadUserAccountControlMapperArrayOutput) Index(i pulumi.IntInput) MsadUserAccountControlMapperOutput

func (MsadUserAccountControlMapperArrayOutput) ToMsadUserAccountControlMapperArrayOutput added in v3.4.1 

func (o MsadUserAccountControlMapperArrayOutput) ToMsadUserAccountControlMapperArrayOutput() MsadUserAccountControlMapperArrayOutput

func (MsadUserAccountControlMapperArrayOutput) ToMsadUserAccountControlMapperArrayOutputWithContext added in v3.4.1 

func (o MsadUserAccountControlMapperArrayOutput) ToMsadUserAccountControlMapperArrayOutputWithContext(ctx context.Context) MsadUserAccountControlMapperArrayOutput

type MsadUserAccountControlMapperInput added in v3.1.1 

type MsadUserAccountControlMapperInput interface {
	pulumi.Input

	ToMsadUserAccountControlMapperOutput() MsadUserAccountControlMapperOutput
	ToMsadUserAccountControlMapperOutputWithContext(ctx context.Context) MsadUserAccountControlMapperOutput
}

type MsadUserAccountControlMapperMap added in v3.4.1 

type MsadUserAccountControlMapperMap map[string]MsadUserAccountControlMapperInput

func (MsadUserAccountControlMapperMap) ElementType added in v3.4.1 

func (MsadUserAccountControlMapperMap) ElementType() reflect.Type

func (MsadUserAccountControlMapperMap) ToMsadUserAccountControlMapperMapOutput added in v3.4.1 

func (i MsadUserAccountControlMapperMap) ToMsadUserAccountControlMapperMapOutput() MsadUserAccountControlMapperMapOutput

func (MsadUserAccountControlMapperMap) ToMsadUserAccountControlMapperMapOutputWithContext added in v3.4.1 

func (i MsadUserAccountControlMapperMap) ToMsadUserAccountControlMapperMapOutputWithContext(ctx context.Context) MsadUserAccountControlMapperMapOutput

type MsadUserAccountControlMapperMapInput added in v3.4.1 

type MsadUserAccountControlMapperMapInput interface {
	pulumi.Input

	ToMsadUserAccountControlMapperMapOutput() MsadUserAccountControlMapperMapOutput
	ToMsadUserAccountControlMapperMapOutputWithContext(context.Context) MsadUserAccountControlMapperMapOutput
}

MsadUserAccountControlMapperMapInput is an input type that accepts MsadUserAccountControlMapperMap and MsadUserAccountControlMapperMapOutput values. You can construct a concrete instance of `MsadUserAccountControlMapperMapInput` via: 

MsadUserAccountControlMapperMap{ "key": MsadUserAccountControlMapperArgs{...} }

type MsadUserAccountControlMapperMapOutput added in v3.4.1 

type MsadUserAccountControlMapperMapOutput struct{ *pulumi.OutputState }

func (MsadUserAccountControlMapperMapOutput) ElementType added in v3.4.1 

func (MsadUserAccountControlMapperMapOutput) ElementType() reflect.Type

func (MsadUserAccountControlMapperMapOutput) MapIndex added in v3.4.1 

func (o MsadUserAccountControlMapperMapOutput) MapIndex(k pulumi.StringInput) MsadUserAccountControlMapperOutput

func (MsadUserAccountControlMapperMapOutput) ToMsadUserAccountControlMapperMapOutput added in v3.4.1 

func (o MsadUserAccountControlMapperMapOutput) ToMsadUserAccountControlMapperMapOutput() MsadUserAccountControlMapperMapOutput

func (MsadUserAccountControlMapperMapOutput) ToMsadUserAccountControlMapperMapOutputWithContext added in v3.4.1 

func (o MsadUserAccountControlMapperMapOutput) ToMsadUserAccountControlMapperMapOutputWithContext(ctx context.Context) MsadUserAccountControlMapperMapOutput

type MsadUserAccountControlMapperOutput added in v3.1.1 

type MsadUserAccountControlMapperOutput struct {
	*pulumi.OutputState
}

func (MsadUserAccountControlMapperOutput) ElementType added in v3.1.1 

func (MsadUserAccountControlMapperOutput) ElementType() reflect.Type

func (MsadUserAccountControlMapperOutput) ToMsadUserAccountControlMapperOutput added in v3.1.1 

func (o MsadUserAccountControlMapperOutput) ToMsadUserAccountControlMapperOutput() MsadUserAccountControlMapperOutput

func (MsadUserAccountControlMapperOutput) ToMsadUserAccountControlMapperOutputWithContext added in v3.1.1 

func (o MsadUserAccountControlMapperOutput) ToMsadUserAccountControlMapperOutputWithContext(ctx context.Context) MsadUserAccountControlMapperOutput

func (MsadUserAccountControlMapperOutput) ToMsadUserAccountControlMapperPtrOutput added in v3.4.1 

func (o MsadUserAccountControlMapperOutput) ToMsadUserAccountControlMapperPtrOutput() MsadUserAccountControlMapperPtrOutput

func (MsadUserAccountControlMapperOutput) ToMsadUserAccountControlMapperPtrOutputWithContext added in v3.4.1 

func (o MsadUserAccountControlMapperOutput) ToMsadUserAccountControlMapperPtrOutputWithContext(ctx context.Context) MsadUserAccountControlMapperPtrOutput

type MsadUserAccountControlMapperPtrInput added in v3.4.1 

type MsadUserAccountControlMapperPtrInput interface {
	pulumi.Input

	ToMsadUserAccountControlMapperPtrOutput() MsadUserAccountControlMapperPtrOutput
	ToMsadUserAccountControlMapperPtrOutputWithContext(ctx context.Context) MsadUserAccountControlMapperPtrOutput
}

type MsadUserAccountControlMapperPtrOutput added in v3.4.1 

type MsadUserAccountControlMapperPtrOutput struct {
	*pulumi.OutputState
}

func (MsadUserAccountControlMapperPtrOutput) ElementType added in v3.4.1 

func (MsadUserAccountControlMapperPtrOutput) ElementType() reflect.Type

func (MsadUserAccountControlMapperPtrOutput) ToMsadUserAccountControlMapperPtrOutput added in v3.4.1 

func (o MsadUserAccountControlMapperPtrOutput) ToMsadUserAccountControlMapperPtrOutput() MsadUserAccountControlMapperPtrOutput

func (MsadUserAccountControlMapperPtrOutput) ToMsadUserAccountControlMapperPtrOutputWithContext added in v3.4.1 

func (o MsadUserAccountControlMapperPtrOutput) ToMsadUserAccountControlMapperPtrOutputWithContext(ctx context.Context) MsadUserAccountControlMapperPtrOutput

type MsadUserAccountControlMapperState 

type MsadUserAccountControlMapperState struct {
	// When `true`, advanced password policies, such as password hints and previous password history will be used when writing new passwords to AD. Defaults to `false`.
	LdapPasswordPolicyHintsEnabled pulumi.BoolPtrInput
	// The ID of the LDAP user federation provider to attach this mapper to.
	LdapUserFederationId pulumi.StringPtrInput
	// Display name of this mapper when displayed in the console.
	Name pulumi.StringPtrInput
	// The realm that this LDAP mapper will exist in.
	RealmId pulumi.StringPtrInput
}

func (MsadUserAccountControlMapperState) ElementType 

func (MsadUserAccountControlMapperState) ElementType() reflect.Type

type RoleMapper 

type RoleMapper struct {
	pulumi.CustomResourceState

	ClientId    pulumi.StringPtrOutput `pulumi:"clientId"`
	LdapRolesDn pulumi.StringOutput    `pulumi:"ldapRolesDn"`
	// The ldap user federation provider to attach this mapper to.
	LdapUserFederationId        pulumi.StringOutput    `pulumi:"ldapUserFederationId"`
	MemberofLdapAttribute       pulumi.StringPtrOutput `pulumi:"memberofLdapAttribute"`
	MembershipAttributeType     pulumi.StringPtrOutput `pulumi:"membershipAttributeType"`
	MembershipLdapAttribute     pulumi.StringOutput    `pulumi:"membershipLdapAttribute"`
	MembershipUserLdapAttribute pulumi.StringOutput    `pulumi:"membershipUserLdapAttribute"`
	Mode                        pulumi.StringPtrOutput `pulumi:"mode"`
	// Display name of the mapper when displayed in the console.
	Name pulumi.StringOutput `pulumi:"name"`
	// The realm in which the ldap user federation provider exists.
	RealmId                   pulumi.StringOutput      `pulumi:"realmId"`
	RoleNameLdapAttribute     pulumi.StringOutput      `pulumi:"roleNameLdapAttribute"`
	RoleObjectClasses         pulumi.StringArrayOutput `pulumi:"roleObjectClasses"`
	RolesLdapFilter           pulumi.StringPtrOutput   `pulumi:"rolesLdapFilter"`
	UseRealmRolesMapping      pulumi.BoolPtrOutput     `pulumi:"useRealmRolesMapping"`
	UserRolesRetrieveStrategy pulumi.StringPtrOutput   `pulumi:"userRolesRetrieveStrategy"`
}

func GetRoleMapper 

func GetRoleMapper(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *RoleMapperState, opts ...pulumi.ResourceOption) (*RoleMapper, error)

GetRoleMapper gets an existing RoleMapper resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewRoleMapper 

func NewRoleMapper(ctx *pulumi.Context,
	name string, args *RoleMapperArgs, opts ...pulumi.ResourceOption) (*RoleMapper, error)

NewRoleMapper registers a new resource with the given unique name, arguments, and options.

func (*RoleMapper) ElementType added in v3.1.1 

func (*RoleMapper) ElementType() reflect.Type

func (*RoleMapper) ToRoleMapperOutput added in v3.1.1 

func (i *RoleMapper) ToRoleMapperOutput() RoleMapperOutput

func (*RoleMapper) ToRoleMapperOutputWithContext added in v3.1.1 

func (i *RoleMapper) ToRoleMapperOutputWithContext(ctx context.Context) RoleMapperOutput

func (*RoleMapper) ToRoleMapperPtrOutput added in v3.4.1 

func (i *RoleMapper) ToRoleMapperPtrOutput() RoleMapperPtrOutput

func (*RoleMapper) ToRoleMapperPtrOutputWithContext added in v3.4.1 

func (i *RoleMapper) ToRoleMapperPtrOutputWithContext(ctx context.Context) RoleMapperPtrOutput

type RoleMapperArgs 

type RoleMapperArgs struct {
	ClientId    pulumi.StringPtrInput
	LdapRolesDn pulumi.StringInput
	// The ldap user federation provider to attach this mapper to.
	LdapUserFederationId        pulumi.StringInput
	MemberofLdapAttribute       pulumi.StringPtrInput
	MembershipAttributeType     pulumi.StringPtrInput
	MembershipLdapAttribute     pulumi.StringInput
	MembershipUserLdapAttribute pulumi.StringInput
	Mode                        pulumi.StringPtrInput
	// Display name of the mapper when displayed in the console.
	Name pulumi.StringPtrInput
	// The realm in which the ldap user federation provider exists.
	RealmId                   pulumi.StringInput
	RoleNameLdapAttribute     pulumi.StringInput
	RoleObjectClasses         pulumi.StringArrayInput
	RolesLdapFilter           pulumi.StringPtrInput
	UseRealmRolesMapping      pulumi.BoolPtrInput
	UserRolesRetrieveStrategy pulumi.StringPtrInput
}

The set of arguments for constructing a RoleMapper resource.

func (RoleMapperArgs) ElementType 

func (RoleMapperArgs) ElementType() reflect.Type

type RoleMapperArray added in v3.4.1 

type RoleMapperArray []RoleMapperInput

func (RoleMapperArray) ElementType added in v3.4.1 

func (RoleMapperArray) ElementType() reflect.Type

func (RoleMapperArray) ToRoleMapperArrayOutput added in v3.4.1 

func (i RoleMapperArray) ToRoleMapperArrayOutput() RoleMapperArrayOutput

func (RoleMapperArray) ToRoleMapperArrayOutputWithContext added in v3.4.1 

func (i RoleMapperArray) ToRoleMapperArrayOutputWithContext(ctx context.Context) RoleMapperArrayOutput

type RoleMapperArrayInput added in v3.4.1 

type RoleMapperArrayInput interface {
	pulumi.Input

	ToRoleMapperArrayOutput() RoleMapperArrayOutput
	ToRoleMapperArrayOutputWithContext(context.Context) RoleMapperArrayOutput
}

RoleMapperArrayInput is an input type that accepts RoleMapperArray and RoleMapperArrayOutput values. You can construct a concrete instance of `RoleMapperArrayInput` via: 

RoleMapperArray{ RoleMapperArgs{...} }

type RoleMapperArrayOutput added in v3.4.1 

type RoleMapperArrayOutput struct{ *pulumi.OutputState }

func (RoleMapperArrayOutput) ElementType added in v3.4.1 

func (RoleMapperArrayOutput) ElementType() reflect.Type

func (RoleMapperArrayOutput) Index added in v3.4.1 

func (o RoleMapperArrayOutput) Index(i pulumi.IntInput) RoleMapperOutput

func (RoleMapperArrayOutput) ToRoleMapperArrayOutput added in v3.4.1 

func (o RoleMapperArrayOutput) ToRoleMapperArrayOutput() RoleMapperArrayOutput

func (RoleMapperArrayOutput) ToRoleMapperArrayOutputWithContext added in v3.4.1 

func (o RoleMapperArrayOutput) ToRoleMapperArrayOutputWithContext(ctx context.Context) RoleMapperArrayOutput

type RoleMapperInput added in v3.1.1 

type RoleMapperInput interface {
	pulumi.Input

	ToRoleMapperOutput() RoleMapperOutput
	ToRoleMapperOutputWithContext(ctx context.Context) RoleMapperOutput
}

type RoleMapperMap added in v3.4.1 

type RoleMapperMap map[string]RoleMapperInput

func (RoleMapperMap) ElementType added in v3.4.1 

func (RoleMapperMap) ElementType() reflect.Type

func (RoleMapperMap) ToRoleMapperMapOutput added in v3.4.1 

func (i RoleMapperMap) ToRoleMapperMapOutput() RoleMapperMapOutput

func (RoleMapperMap) ToRoleMapperMapOutputWithContext added in v3.4.1 

func (i RoleMapperMap) ToRoleMapperMapOutputWithContext(ctx context.Context) RoleMapperMapOutput

type RoleMapperMapInput added in v3.4.1 

type RoleMapperMapInput interface {
	pulumi.Input

	ToRoleMapperMapOutput() RoleMapperMapOutput
	ToRoleMapperMapOutputWithContext(context.Context) RoleMapperMapOutput
}

RoleMapperMapInput is an input type that accepts RoleMapperMap and RoleMapperMapOutput values. You can construct a concrete instance of `RoleMapperMapInput` via: 

RoleMapperMap{ "key": RoleMapperArgs{...} }

type RoleMapperMapOutput added in v3.4.1 

type RoleMapperMapOutput struct{ *pulumi.OutputState }

func (RoleMapperMapOutput) ElementType added in v3.4.1 

func (RoleMapperMapOutput) ElementType() reflect.Type

func (RoleMapperMapOutput) MapIndex added in v3.4.1 

func (o RoleMapperMapOutput) MapIndex(k pulumi.StringInput) RoleMapperOutput

func (RoleMapperMapOutput) ToRoleMapperMapOutput added in v3.4.1 

func (o RoleMapperMapOutput) ToRoleMapperMapOutput() RoleMapperMapOutput

func (RoleMapperMapOutput) ToRoleMapperMapOutputWithContext added in v3.4.1 

func (o RoleMapperMapOutput) ToRoleMapperMapOutputWithContext(ctx context.Context) RoleMapperMapOutput

type RoleMapperOutput added in v3.1.1 

type RoleMapperOutput struct {
	*pulumi.OutputState
}

func (RoleMapperOutput) ElementType added in v3.1.1 

func (RoleMapperOutput) ElementType() reflect.Type

func (RoleMapperOutput) ToRoleMapperOutput added in v3.1.1 

func (o RoleMapperOutput) ToRoleMapperOutput() RoleMapperOutput

func (RoleMapperOutput) ToRoleMapperOutputWithContext added in v3.1.1 

func (o RoleMapperOutput) ToRoleMapperOutputWithContext(ctx context.Context) RoleMapperOutput

func (RoleMapperOutput) ToRoleMapperPtrOutput added in v3.4.1 

func (o RoleMapperOutput) ToRoleMapperPtrOutput() RoleMapperPtrOutput

func (RoleMapperOutput) ToRoleMapperPtrOutputWithContext added in v3.4.1 

func (o RoleMapperOutput) ToRoleMapperPtrOutputWithContext(ctx context.Context) RoleMapperPtrOutput

type RoleMapperPtrInput added in v3.4.1 

type RoleMapperPtrInput interface {
	pulumi.Input

	ToRoleMapperPtrOutput() RoleMapperPtrOutput
	ToRoleMapperPtrOutputWithContext(ctx context.Context) RoleMapperPtrOutput
}

type RoleMapperPtrOutput added in v3.4.1 

type RoleMapperPtrOutput struct {
	*pulumi.OutputState
}

func (RoleMapperPtrOutput) ElementType added in v3.4.1 

func (RoleMapperPtrOutput) ElementType() reflect.Type

func (RoleMapperPtrOutput) ToRoleMapperPtrOutput added in v3.4.1 

func (o RoleMapperPtrOutput) ToRoleMapperPtrOutput() RoleMapperPtrOutput

func (RoleMapperPtrOutput) ToRoleMapperPtrOutputWithContext added in v3.4.1 

func (o RoleMapperPtrOutput) ToRoleMapperPtrOutputWithContext(ctx context.Context) RoleMapperPtrOutput

type RoleMapperState 

type RoleMapperState struct {
	ClientId    pulumi.StringPtrInput
	LdapRolesDn pulumi.StringPtrInput
	// The ldap user federation provider to attach this mapper to.
	LdapUserFederationId        pulumi.StringPtrInput
	MemberofLdapAttribute       pulumi.StringPtrInput
	MembershipAttributeType     pulumi.StringPtrInput
	MembershipLdapAttribute     pulumi.StringPtrInput
	MembershipUserLdapAttribute pulumi.StringPtrInput
	Mode                        pulumi.StringPtrInput
	// Display name of the mapper when displayed in the console.
	Name pulumi.StringPtrInput
	// The realm in which the ldap user federation provider exists.
	RealmId                   pulumi.StringPtrInput
	RoleNameLdapAttribute     pulumi.StringPtrInput
	RoleObjectClasses         pulumi.StringArrayInput
	RolesLdapFilter           pulumi.StringPtrInput
	UseRealmRolesMapping      pulumi.BoolPtrInput
	UserRolesRetrieveStrategy pulumi.StringPtrInput
}

func (RoleMapperState) ElementType 

func (RoleMapperState) ElementType() reflect.Type

type UserAttributeMapper 

type UserAttributeMapper struct {
	pulumi.CustomResourceState

	// When `true`, the value fetched from LDAP will override the value stored in Keycloak. Defaults to `false`.
	AlwaysReadValueFromLdap pulumi.BoolPtrOutput `pulumi:"alwaysReadValueFromLdap"`
	// When `true`, this attribute must exist in LDAP. Defaults to `false`.
	IsMandatoryInLdap pulumi.BoolPtrOutput `pulumi:"isMandatoryInLdap"`
	// Name of the mapped attribute on the LDAP object.
	LdapAttribute pulumi.StringOutput `pulumi:"ldapAttribute"`
	// The ID of the LDAP user federation provider to attach this mapper to.
	LdapUserFederationId pulumi.StringOutput `pulumi:"ldapUserFederationId"`
	// Display name of this mapper when displayed in the console.
	Name pulumi.StringOutput `pulumi:"name"`
	// When `true`, this attribute is not saved back to LDAP when the user attribute is updated in Keycloak. Defaults to `false`.
	ReadOnly pulumi.BoolPtrOutput `pulumi:"readOnly"`
	// The realm that this LDAP mapper will exist in.
	RealmId pulumi.StringOutput `pulumi:"realmId"`
	// Name of the user property or attribute you want to map the LDAP attribute into.
	UserModelAttribute pulumi.StringOutput `pulumi:"userModelAttribute"`
}

Allows for creating and managing user attribute mappers for Keycloak users federated via LDAP.

The LDAP user attribute mapper can be used to map a single LDAP attribute to an attribute on the Keycloak user model.

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-keycloak/sdk/v3/go/keycloak"
"github.com/pulumi/pulumi-keycloak/sdk/v3/go/keycloak/ldap"
"github.com/pulumi/pulumi/sdk/v2/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		realm, err := keycloak.NewRealm(ctx, "realm", &keycloak.RealmArgs{
			Realm:   pulumi.String("my-realm"),
			Enabled: pulumi.Bool(true),
		})
		if err != nil {
			return err
		}
		ldapUserFederation, err := ldap.NewUserFederation(ctx, "ldapUserFederation", &ldap.UserFederationArgs{
			RealmId:               realm.ID(),
			UsernameLdapAttribute: pulumi.String("cn"),
			RdnLdapAttribute:      pulumi.String("cn"),
			UuidLdapAttribute:     pulumi.String("entryDN"),
			UserObjectClasses: pulumi.StringArray{
				pulumi.String("simpleSecurityObject"),
				pulumi.String("organizationalRole"),
			},
			ConnectionUrl:  pulumi.String("ldap://openldap"),
			UsersDn:        pulumi.String("dc=example,dc=org"),
			BindDn:         pulumi.String("cn=admin,dc=example,dc=org"),
			BindCredential: pulumi.String("admin"),
		})
		if err != nil {
			return err
		}
		_, err = ldap.NewUserAttributeMapper(ctx, "ldapUserAttributeMapper", &ldap.UserAttributeMapperArgs{
			RealmId:              realm.ID(),
			LdapUserFederationId: ldapUserFederation.ID(),
			UserModelAttribute:   pulumi.String("foo"),
			LdapAttribute:        pulumi.String("bar"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

LDAP mappers can be imported using the format `{{realm_id}}/{{ldap_user_federation_id}}/{{ldap_mapper_id}}`. The ID of the LDAP user federation provider and the mapper can be found within the Keycloak GUI, and they are typically GUIDs. Examplebash

```sh 

$ pulumi import keycloak:ldap/userAttributeMapper:UserAttributeMapper ldap_user_attribute_mapper my-realm/af2a6ca3-e4d7-49c3-b08b-1b3c70b4b860/3d923ece-1a91-4bf7-adaf-3b82f2a12b67

```

func GetUserAttributeMapper 

func GetUserAttributeMapper(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *UserAttributeMapperState, opts ...pulumi.ResourceOption) (*UserAttributeMapper, error)

GetUserAttributeMapper gets an existing UserAttributeMapper resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewUserAttributeMapper 

func NewUserAttributeMapper(ctx *pulumi.Context,
	name string, args *UserAttributeMapperArgs, opts ...pulumi.ResourceOption) (*UserAttributeMapper, error)

NewUserAttributeMapper registers a new resource with the given unique name, arguments, and options.

func (*UserAttributeMapper) ElementType added in v3.1.1 

func (*UserAttributeMapper) ElementType() reflect.Type

func (*UserAttributeMapper) ToUserAttributeMapperOutput added in v3.1.1 

func (i *UserAttributeMapper) ToUserAttributeMapperOutput() UserAttributeMapperOutput

func (*UserAttributeMapper) ToUserAttributeMapperOutputWithContext added in v3.1.1 

func (i *UserAttributeMapper) ToUserAttributeMapperOutputWithContext(ctx context.Context) UserAttributeMapperOutput

func (*UserAttributeMapper) ToUserAttributeMapperPtrOutput added in v3.4.1 

func (i *UserAttributeMapper) ToUserAttributeMapperPtrOutput() UserAttributeMapperPtrOutput

func (*UserAttributeMapper) ToUserAttributeMapperPtrOutputWithContext added in v3.4.1 

func (i *UserAttributeMapper) ToUserAttributeMapperPtrOutputWithContext(ctx context.Context) UserAttributeMapperPtrOutput

type UserAttributeMapperArgs 

type UserAttributeMapperArgs struct {
	// When `true`, the value fetched from LDAP will override the value stored in Keycloak. Defaults to `false`.
	AlwaysReadValueFromLdap pulumi.BoolPtrInput
	// When `true`, this attribute must exist in LDAP. Defaults to `false`.
	IsMandatoryInLdap pulumi.BoolPtrInput
	// Name of the mapped attribute on the LDAP object.
	LdapAttribute pulumi.StringInput
	// The ID of the LDAP user federation provider to attach this mapper to.
	LdapUserFederationId pulumi.StringInput
	// Display name of this mapper when displayed in the console.
	Name pulumi.StringPtrInput
	// When `true`, this attribute is not saved back to LDAP when the user attribute is updated in Keycloak. Defaults to `false`.
	ReadOnly pulumi.BoolPtrInput
	// The realm that this LDAP mapper will exist in.
	RealmId pulumi.StringInput
	// Name of the user property or attribute you want to map the LDAP attribute into.
	UserModelAttribute pulumi.StringInput
}

The set of arguments for constructing a UserAttributeMapper resource.

func (UserAttributeMapperArgs) ElementType 

func (UserAttributeMapperArgs) ElementType() reflect.Type

type UserAttributeMapperArray added in v3.4.1 

type UserAttributeMapperArray []UserAttributeMapperInput

func (UserAttributeMapperArray) ElementType added in v3.4.1 

func (UserAttributeMapperArray) ElementType() reflect.Type

func (UserAttributeMapperArray) ToUserAttributeMapperArrayOutput added in v3.4.1 

func (i UserAttributeMapperArray) ToUserAttributeMapperArrayOutput() UserAttributeMapperArrayOutput

func (UserAttributeMapperArray) ToUserAttributeMapperArrayOutputWithContext added in v3.4.1 

func (i UserAttributeMapperArray) ToUserAttributeMapperArrayOutputWithContext(ctx context.Context) UserAttributeMapperArrayOutput

type UserAttributeMapperArrayInput added in v3.4.1 

type UserAttributeMapperArrayInput interface {
	pulumi.Input

	ToUserAttributeMapperArrayOutput() UserAttributeMapperArrayOutput
	ToUserAttributeMapperArrayOutputWithContext(context.Context) UserAttributeMapperArrayOutput
}

UserAttributeMapperArrayInput is an input type that accepts UserAttributeMapperArray and UserAttributeMapperArrayOutput values. You can construct a concrete instance of `UserAttributeMapperArrayInput` via: 

UserAttributeMapperArray{ UserAttributeMapperArgs{...} }

type UserAttributeMapperArrayOutput added in v3.4.1 

type UserAttributeMapperArrayOutput struct{ *pulumi.OutputState }

func (UserAttributeMapperArrayOutput) ElementType added in v3.4.1 

func (UserAttributeMapperArrayOutput) ElementType() reflect.Type

func (UserAttributeMapperArrayOutput) Index added in v3.4.1 

func (o UserAttributeMapperArrayOutput) Index(i pulumi.IntInput) UserAttributeMapperOutput

func (UserAttributeMapperArrayOutput) ToUserAttributeMapperArrayOutput added in v3.4.1 

func (o UserAttributeMapperArrayOutput) ToUserAttributeMapperArrayOutput() UserAttributeMapperArrayOutput

func (UserAttributeMapperArrayOutput) ToUserAttributeMapperArrayOutputWithContext added in v3.4.1 

func (o UserAttributeMapperArrayOutput) ToUserAttributeMapperArrayOutputWithContext(ctx context.Context) UserAttributeMapperArrayOutput

type UserAttributeMapperInput added in v3.1.1 

type UserAttributeMapperInput interface {
	pulumi.Input

	ToUserAttributeMapperOutput() UserAttributeMapperOutput
	ToUserAttributeMapperOutputWithContext(ctx context.Context) UserAttributeMapperOutput
}

type UserAttributeMapperMap added in v3.4.1 

type UserAttributeMapperMap map[string]UserAttributeMapperInput

func (UserAttributeMapperMap) ElementType added in v3.4.1 

func (UserAttributeMapperMap) ElementType() reflect.Type

func (UserAttributeMapperMap) ToUserAttributeMapperMapOutput added in v3.4.1 

func (i UserAttributeMapperMap) ToUserAttributeMapperMapOutput() UserAttributeMapperMapOutput

func (UserAttributeMapperMap) ToUserAttributeMapperMapOutputWithContext added in v3.4.1 

func (i UserAttributeMapperMap) ToUserAttributeMapperMapOutputWithContext(ctx context.Context) UserAttributeMapperMapOutput

type UserAttributeMapperMapInput added in v3.4.1 

type UserAttributeMapperMapInput interface {
	pulumi.Input

	ToUserAttributeMapperMapOutput() UserAttributeMapperMapOutput
	ToUserAttributeMapperMapOutputWithContext(context.Context) UserAttributeMapperMapOutput
}

UserAttributeMapperMapInput is an input type that accepts UserAttributeMapperMap and UserAttributeMapperMapOutput values. You can construct a concrete instance of `UserAttributeMapperMapInput` via: 

UserAttributeMapperMap{ "key": UserAttributeMapperArgs{...} }

type UserAttributeMapperMapOutput added in v3.4.1 

type UserAttributeMapperMapOutput struct{ *pulumi.OutputState }

func (UserAttributeMapperMapOutput) ElementType added in v3.4.1 

func (UserAttributeMapperMapOutput) ElementType() reflect.Type

func (UserAttributeMapperMapOutput) MapIndex added in v3.4.1 

func (o UserAttributeMapperMapOutput) MapIndex(k pulumi.StringInput) UserAttributeMapperOutput

func (UserAttributeMapperMapOutput) ToUserAttributeMapperMapOutput added in v3.4.1 

func (o UserAttributeMapperMapOutput) ToUserAttributeMapperMapOutput() UserAttributeMapperMapOutput

func (UserAttributeMapperMapOutput) ToUserAttributeMapperMapOutputWithContext added in v3.4.1 

func (o UserAttributeMapperMapOutput) ToUserAttributeMapperMapOutputWithContext(ctx context.Context) UserAttributeMapperMapOutput

type UserAttributeMapperOutput added in v3.1.1 

type UserAttributeMapperOutput struct {
	*pulumi.OutputState
}

func (UserAttributeMapperOutput) ElementType added in v3.1.1 

func (UserAttributeMapperOutput) ElementType() reflect.Type

func (UserAttributeMapperOutput) ToUserAttributeMapperOutput added in v3.1.1 

func (o UserAttributeMapperOutput) ToUserAttributeMapperOutput() UserAttributeMapperOutput

func (UserAttributeMapperOutput) ToUserAttributeMapperOutputWithContext added in v3.1.1 

func (o UserAttributeMapperOutput) ToUserAttributeMapperOutputWithContext(ctx context.Context) UserAttributeMapperOutput

func (UserAttributeMapperOutput) ToUserAttributeMapperPtrOutput added in v3.4.1 

func (o UserAttributeMapperOutput) ToUserAttributeMapperPtrOutput() UserAttributeMapperPtrOutput

func (UserAttributeMapperOutput) ToUserAttributeMapperPtrOutputWithContext added in v3.4.1 

func (o UserAttributeMapperOutput) ToUserAttributeMapperPtrOutputWithContext(ctx context.Context) UserAttributeMapperPtrOutput

type UserAttributeMapperPtrInput added in v3.4.1 

type UserAttributeMapperPtrInput interface {
	pulumi.Input

	ToUserAttributeMapperPtrOutput() UserAttributeMapperPtrOutput
	ToUserAttributeMapperPtrOutputWithContext(ctx context.Context) UserAttributeMapperPtrOutput
}

type UserAttributeMapperPtrOutput added in v3.4.1 

type UserAttributeMapperPtrOutput struct {
	*pulumi.OutputState
}

func (UserAttributeMapperPtrOutput) ElementType added in v3.4.1 

func (UserAttributeMapperPtrOutput) ElementType() reflect.Type

func (UserAttributeMapperPtrOutput) ToUserAttributeMapperPtrOutput added in v3.4.1 

func (o UserAttributeMapperPtrOutput) ToUserAttributeMapperPtrOutput() UserAttributeMapperPtrOutput

func (UserAttributeMapperPtrOutput) ToUserAttributeMapperPtrOutputWithContext added in v3.4.1 

func (o UserAttributeMapperPtrOutput) ToUserAttributeMapperPtrOutputWithContext(ctx context.Context) UserAttributeMapperPtrOutput

type UserAttributeMapperState 

type UserAttributeMapperState struct {
	// When `true`, the value fetched from LDAP will override the value stored in Keycloak. Defaults to `false`.
	AlwaysReadValueFromLdap pulumi.BoolPtrInput
	// When `true`, this attribute must exist in LDAP. Defaults to `false`.
	IsMandatoryInLdap pulumi.BoolPtrInput
	// Name of the mapped attribute on the LDAP object.
	LdapAttribute pulumi.StringPtrInput
	// The ID of the LDAP user federation provider to attach this mapper to.
	LdapUserFederationId pulumi.StringPtrInput
	// Display name of this mapper when displayed in the console.
	Name pulumi.StringPtrInput
	// When `true`, this attribute is not saved back to LDAP when the user attribute is updated in Keycloak. Defaults to `false`.
	ReadOnly pulumi.BoolPtrInput
	// The realm that this LDAP mapper will exist in.
	RealmId pulumi.StringPtrInput
	// Name of the user property or attribute you want to map the LDAP attribute into.
	UserModelAttribute pulumi.StringPtrInput
}

func (UserAttributeMapperState) ElementType 

func (UserAttributeMapperState) ElementType() reflect.Type

type UserFederation 

type UserFederation struct {
	pulumi.CustomResourceState

	// The number of users to sync within a single transaction. Defaults to `1000`.
	BatchSizeForSync pulumi.IntPtrOutput `pulumi:"batchSizeForSync"`
	// Password of LDAP admin. This attribute must be set if `bindDn` is set.
	BindCredential pulumi.StringPtrOutput `pulumi:"bindCredential"`
	// DN of LDAP admin, which will be used by Keycloak to access LDAP server. This attribute must be set if `bindCredential` is set.
	BindDn pulumi.StringPtrOutput `pulumi:"bindDn"`
	// A block containing the cache settings.
	Cache UserFederationCachePtrOutput `pulumi:"cache"`
	// **Deprecated** Can be one of `DEFAULT`, `EVICT_DAILY`, `EVICT_WEEKLY`, `MAX_LIFESPAN`, or `NO_CACHE`. Defaults to `DEFAULT`.
	//
	// Deprecated: use cache.policy instead
	CachePolicy pulumi.StringPtrOutput `pulumi:"cachePolicy"`
	// How frequently Keycloak should sync changed LDAP users, in seconds. Omit this property to disable periodic changed users sync.
	ChangedSyncPeriod pulumi.IntPtrOutput `pulumi:"changedSyncPeriod"`
	// LDAP connection timeout in the format of a [Go duration string](https://golang.org/pkg/time/#Duration.String).
	ConnectionTimeout pulumi.StringPtrOutput `pulumi:"connectionTimeout"`
	// Connection URL to the LDAP server.
	ConnectionUrl pulumi.StringOutput `pulumi:"connectionUrl"`
	// Additional LDAP filter for filtering searched users. Must begin with `(` and end with `)`.
	CustomUserSearchFilter pulumi.StringPtrOutput `pulumi:"customUserSearchFilter"`
	// Can be one of `READ_ONLY`, `WRITABLE`, or `UNSYNCED`. `UNSYNCED` allows user data to be imported but not synced back to LDAP. Defaults to `READ_ONLY`.
	EditMode pulumi.StringPtrOutput `pulumi:"editMode"`
	// When `false`, this provider will not be used when performing queries for users. Defaults to `true`.
	Enabled pulumi.BoolPtrOutput `pulumi:"enabled"`
	// How frequently Keycloak should sync all LDAP users, in seconds. Omit this property to disable periodic full sync.
	FullSyncPeriod pulumi.IntPtrOutput `pulumi:"fullSyncPeriod"`
	// When `true`, LDAP users will be imported into the Keycloak database. Defaults to `true`.
	ImportEnabled pulumi.BoolPtrOutput `pulumi:"importEnabled"`
	// A block containing the kerberos settings.
	Kerberos UserFederationKerberosPtrOutput `pulumi:"kerberos"`
	// Display name of the provider when displayed in the console.
	Name pulumi.StringOutput `pulumi:"name"`
	// When true, Keycloak assumes the LDAP server supports pagination. Defaults to `true`.
	Pagination pulumi.BoolPtrOutput `pulumi:"pagination"`
	// Priority of this provider when looking up users. Lower values are first. Defaults to `0`.
	Priority pulumi.IntPtrOutput `pulumi:"priority"`
	// Name of the LDAP attribute to use as the relative distinguished name.
	RdnLdapAttribute pulumi.StringOutput `pulumi:"rdnLdapAttribute"`
	// LDAP read timeout in the format of a [Go duration string](https://golang.org/pkg/time/#Duration.String).
	ReadTimeout pulumi.StringPtrOutput `pulumi:"readTimeout"`
	// The realm that this provider will provide user federation for.
	RealmId pulumi.StringOutput `pulumi:"realmId"`
	// Can be one of `ONE_LEVEL` or `SUBTREE`:
	// - `ONE_LEVEL`: Only search for users in the DN specified by `userDn`.
	// - `SUBTREE`: Search entire LDAP subtree.
	SearchScope pulumi.StringPtrOutput `pulumi:"searchScope"`
	// When `true`, newly created users will be synced back to LDAP. Defaults to `false`.
	SyncRegistrations pulumi.BoolPtrOutput `pulumi:"syncRegistrations"`
	// Can be one of `ALWAYS`, `ONLY_FOR_LDAPS`, or `NEVER`:
	UseTruststoreSpi pulumi.StringPtrOutput `pulumi:"useTruststoreSpi"`
	// Array of all values of LDAP objectClass attribute for users in LDAP. Must contain at least one.
	UserObjectClasses pulumi.StringArrayOutput `pulumi:"userObjectClasses"`
	// Name of the LDAP attribute to use as the Keycloak username.
	UsernameLdapAttribute pulumi.StringOutput `pulumi:"usernameLdapAttribute"`
	// Full DN of LDAP tree where your users are.
	UsersDn pulumi.StringOutput `pulumi:"usersDn"`
	// Name of the LDAP attribute to use as a unique object identifier for objects in LDAP.
	UuidLdapAttribute pulumi.StringOutput `pulumi:"uuidLdapAttribute"`
	// When `true`, Keycloak will validate passwords using the realm policy before updating it.
	ValidatePasswordPolicy pulumi.BoolPtrOutput `pulumi:"validatePasswordPolicy"`
	// Can be one of `OTHER`, `EDIRECTORY`, `AD`, `RHDS`, or `TIVOLI`. When this is selected in the GUI, it provides reasonable defaults for other fields. When used with the Keycloak API, this attribute does nothing, but is still required. Defaults to `OTHER`.
	Vendor pulumi.StringPtrOutput `pulumi:"vendor"`
}

Allows for creating and managing LDAP user federation providers within Keycloak.

Keycloak can use an LDAP user federation provider to federate users to Keycloak from a directory system such as LDAP or Active Directory. Federated users will exist within the realm and will be able to log in to clients. Federated users can have their attributes defined using mappers.

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-keycloak/sdk/v3/go/keycloak"
"github.com/pulumi/pulumi-keycloak/sdk/v3/go/keycloak/ldap"
"github.com/pulumi/pulumi/sdk/v2/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		realm, err := keycloak.NewRealm(ctx, "realm", &keycloak.RealmArgs{
			Realm:   pulumi.String("my-realm"),
			Enabled: pulumi.Bool(true),
		})
		if err != nil {
			return err
		}
		_, err = ldap.NewUserFederation(ctx, "ldapUserFederation", &ldap.UserFederationArgs{
			RealmId:               realm.ID(),
			Enabled:               pulumi.Bool(true),
			UsernameLdapAttribute: pulumi.String("cn"),
			RdnLdapAttribute:      pulumi.String("cn"),
			UuidLdapAttribute:     pulumi.String("entryDN"),
			UserObjectClasses: pulumi.StringArray{
				pulumi.String("simpleSecurityObject"),
				pulumi.String("organizationalRole"),
			},
			ConnectionUrl:     pulumi.String("ldap://openldap"),
			UsersDn:           pulumi.String("dc=example,dc=org"),
			BindDn:            pulumi.String("cn=admin,dc=example,dc=org"),
			BindCredential:    pulumi.String("admin"),
			ConnectionTimeout: pulumi.String("5s"),
			ReadTimeout:       pulumi.String("10s"),
			Kerberos: &ldap.UserFederationKerberosArgs{
				KerberosRealm:   pulumi.String("FOO.LOCAL"),
				ServerPrincipal: pulumi.String("HTTP/host.foo.com@FOO.LOCAL"),
				Keytab:          pulumi.String("/etc/host.keytab"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

LDAP user federation providers can be imported using the format `{{realm_id}}/{{ldap_user_federation_id}}`. The ID of the LDAP user federation provider can be found within the Keycloak GUI and is typically a GUIDbash

```sh 

$ pulumi import keycloak:ldap/userFederation:UserFederation ldap_user_federation my-realm/af2a6ca3-e4d7-49c3-b08b-1b3c70b4b860

```

func GetUserFederation 

func GetUserFederation(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *UserFederationState, opts ...pulumi.ResourceOption) (*UserFederation, error)

GetUserFederation gets an existing UserFederation resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewUserFederation 

func NewUserFederation(ctx *pulumi.Context,
	name string, args *UserFederationArgs, opts ...pulumi.ResourceOption) (*UserFederation, error)

NewUserFederation registers a new resource with the given unique name, arguments, and options.

func (*UserFederation) ElementType added in v3.1.1 

func (*UserFederation) ElementType() reflect.Type

func (*UserFederation) ToUserFederationOutput added in v3.1.1 

func (i *UserFederation) ToUserFederationOutput() UserFederationOutput

func (*UserFederation) ToUserFederationOutputWithContext added in v3.1.1 

func (i *UserFederation) ToUserFederationOutputWithContext(ctx context.Context) UserFederationOutput

func (*UserFederation) ToUserFederationPtrOutput added in v3.4.1 

func (i *UserFederation) ToUserFederationPtrOutput() UserFederationPtrOutput

func (*UserFederation) ToUserFederationPtrOutputWithContext added in v3.4.1 

func (i *UserFederation) ToUserFederationPtrOutputWithContext(ctx context.Context) UserFederationPtrOutput

type UserFederationArgs 

type UserFederationArgs struct {
	// The number of users to sync within a single transaction. Defaults to `1000`.
	BatchSizeForSync pulumi.IntPtrInput
	// Password of LDAP admin. This attribute must be set if `bindDn` is set.
	BindCredential pulumi.StringPtrInput
	// DN of LDAP admin, which will be used by Keycloak to access LDAP server. This attribute must be set if `bindCredential` is set.
	BindDn pulumi.StringPtrInput
	// A block containing the cache settings.
	Cache UserFederationCachePtrInput
	// **Deprecated** Can be one of `DEFAULT`, `EVICT_DAILY`, `EVICT_WEEKLY`, `MAX_LIFESPAN`, or `NO_CACHE`. Defaults to `DEFAULT`.
	//
	// Deprecated: use cache.policy instead
	CachePolicy pulumi.StringPtrInput
	// How frequently Keycloak should sync changed LDAP users, in seconds. Omit this property to disable periodic changed users sync.
	ChangedSyncPeriod pulumi.IntPtrInput
	// LDAP connection timeout in the format of a [Go duration string](https://golang.org/pkg/time/#Duration.String).
	ConnectionTimeout pulumi.StringPtrInput
	// Connection URL to the LDAP server.
	ConnectionUrl pulumi.StringInput
	// Additional LDAP filter for filtering searched users. Must begin with `(` and end with `)`.
	CustomUserSearchFilter pulumi.StringPtrInput
	// Can be one of `READ_ONLY`, `WRITABLE`, or `UNSYNCED`. `UNSYNCED` allows user data to be imported but not synced back to LDAP. Defaults to `READ_ONLY`.
	EditMode pulumi.StringPtrInput
	// When `false`, this provider will not be used when performing queries for users. Defaults to `true`.
	Enabled pulumi.BoolPtrInput
	// How frequently Keycloak should sync all LDAP users, in seconds. Omit this property to disable periodic full sync.
	FullSyncPeriod pulumi.IntPtrInput
	// When `true`, LDAP users will be imported into the Keycloak database. Defaults to `true`.
	ImportEnabled pulumi.BoolPtrInput
	// A block containing the kerberos settings.
	Kerberos UserFederationKerberosPtrInput
	// Display name of the provider when displayed in the console.
	Name pulumi.StringPtrInput
	// When true, Keycloak assumes the LDAP server supports pagination. Defaults to `true`.
	Pagination pulumi.BoolPtrInput
	// Priority of this provider when looking up users. Lower values are first. Defaults to `0`.
	Priority pulumi.IntPtrInput
	// Name of the LDAP attribute to use as the relative distinguished name.
	RdnLdapAttribute pulumi.StringInput
	// LDAP read timeout in the format of a [Go duration string](https://golang.org/pkg/time/#Duration.String).
	ReadTimeout pulumi.StringPtrInput
	// The realm that this provider will provide user federation for.
	RealmId pulumi.StringInput
	// Can be one of `ONE_LEVEL` or `SUBTREE`:
	// - `ONE_LEVEL`: Only search for users in the DN specified by `userDn`.
	// - `SUBTREE`: Search entire LDAP subtree.
	SearchScope pulumi.StringPtrInput
	// When `true`, newly created users will be synced back to LDAP. Defaults to `false`.
	SyncRegistrations pulumi.BoolPtrInput
	// Can be one of `ALWAYS`, `ONLY_FOR_LDAPS`, or `NEVER`:
	UseTruststoreSpi pulumi.StringPtrInput
	// Array of all values of LDAP objectClass attribute for users in LDAP. Must contain at least one.
	UserObjectClasses pulumi.StringArrayInput
	// Name of the LDAP attribute to use as the Keycloak username.
	UsernameLdapAttribute pulumi.StringInput
	// Full DN of LDAP tree where your users are.
	UsersDn pulumi.StringInput
	// Name of the LDAP attribute to use as a unique object identifier for objects in LDAP.
	UuidLdapAttribute pulumi.StringInput
	// When `true`, Keycloak will validate passwords using the realm policy before updating it.
	ValidatePasswordPolicy pulumi.BoolPtrInput
	// Can be one of `OTHER`, `EDIRECTORY`, `AD`, `RHDS`, or `TIVOLI`. When this is selected in the GUI, it provides reasonable defaults for other fields. When used with the Keycloak API, this attribute does nothing, but is still required. Defaults to `OTHER`.
	Vendor pulumi.StringPtrInput
}

The set of arguments for constructing a UserFederation resource.

func (UserFederationArgs) ElementType 

func (UserFederationArgs) ElementType() reflect.Type

type UserFederationArray added in v3.4.1 

type UserFederationArray []UserFederationInput

func (UserFederationArray) ElementType added in v3.4.1 

func (UserFederationArray) ElementType() reflect.Type

func (UserFederationArray) ToUserFederationArrayOutput added in v3.4.1 

func (i UserFederationArray) ToUserFederationArrayOutput() UserFederationArrayOutput

func (UserFederationArray) ToUserFederationArrayOutputWithContext added in v3.4.1 

func (i UserFederationArray) ToUserFederationArrayOutputWithContext(ctx context.Context) UserFederationArrayOutput

type UserFederationArrayInput added in v3.4.1 

type UserFederationArrayInput interface {
	pulumi.Input

	ToUserFederationArrayOutput() UserFederationArrayOutput
	ToUserFederationArrayOutputWithContext(context.Context) UserFederationArrayOutput
}

UserFederationArrayInput is an input type that accepts UserFederationArray and UserFederationArrayOutput values. You can construct a concrete instance of `UserFederationArrayInput` via: 

UserFederationArray{ UserFederationArgs{...} }

type UserFederationArrayOutput added in v3.4.1 

type UserFederationArrayOutput struct{ *pulumi.OutputState }

func (UserFederationArrayOutput) ElementType added in v3.4.1 

func (UserFederationArrayOutput) ElementType() reflect.Type

func (UserFederationArrayOutput) Index added in v3.4.1 

func (o UserFederationArrayOutput) Index(i pulumi.IntInput) UserFederationOutput

func (UserFederationArrayOutput) ToUserFederationArrayOutput added in v3.4.1 

func (o UserFederationArrayOutput) ToUserFederationArrayOutput() UserFederationArrayOutput

func (UserFederationArrayOutput) ToUserFederationArrayOutputWithContext added in v3.4.1 

func (o UserFederationArrayOutput) ToUserFederationArrayOutputWithContext(ctx context.Context) UserFederationArrayOutput

type UserFederationCache 

type UserFederationCache struct {
	// Minute of day the entry will become invalid on.
	EvictionDay *int `pulumi:"evictionDay"`
	// Hour of day the entry will become invalid on.
	EvictionHour   *int `pulumi:"evictionHour"`
	EvictionMinute *int `pulumi:"evictionMinute"`
	// Max lifespan of cache entry (duration string).
	MaxLifespan *string `pulumi:"maxLifespan"`
	// Can be one of `DEFAULT`, `EVICT_DAILY`, `EVICT_WEEKLY`, `MAX_LIFESPAN`, or `NO_CACHE`. Defaults to `DEFAULT`.
	Policy *string `pulumi:"policy"`
}

type UserFederationCacheArgs 

type UserFederationCacheArgs struct {
	// Minute of day the entry will become invalid on.
	EvictionDay pulumi.IntPtrInput `pulumi:"evictionDay"`
	// Hour of day the entry will become invalid on.
	EvictionHour   pulumi.IntPtrInput `pulumi:"evictionHour"`
	EvictionMinute pulumi.IntPtrInput `pulumi:"evictionMinute"`
	// Max lifespan of cache entry (duration string).
	MaxLifespan pulumi.StringPtrInput `pulumi:"maxLifespan"`
	// Can be one of `DEFAULT`, `EVICT_DAILY`, `EVICT_WEEKLY`, `MAX_LIFESPAN`, or `NO_CACHE`. Defaults to `DEFAULT`.
	Policy pulumi.StringPtrInput `pulumi:"policy"`
}

func (UserFederationCacheArgs) ElementType 

func (UserFederationCacheArgs) ElementType() reflect.Type

func (UserFederationCacheArgs) ToUserFederationCacheOutput 

func (i UserFederationCacheArgs) ToUserFederationCacheOutput() UserFederationCacheOutput

func (UserFederationCacheArgs) ToUserFederationCacheOutputWithContext 

func (i UserFederationCacheArgs) ToUserFederationCacheOutputWithContext(ctx context.Context) UserFederationCacheOutput

func (UserFederationCacheArgs) ToUserFederationCachePtrOutput 

func (i UserFederationCacheArgs) ToUserFederationCachePtrOutput() UserFederationCachePtrOutput

func (UserFederationCacheArgs) ToUserFederationCachePtrOutputWithContext 

func (i UserFederationCacheArgs) ToUserFederationCachePtrOutputWithContext(ctx context.Context) UserFederationCachePtrOutput

type UserFederationCacheInput 

type UserFederationCacheInput interface {
	pulumi.Input

	ToUserFederationCacheOutput() UserFederationCacheOutput
	ToUserFederationCacheOutputWithContext(context.Context) UserFederationCacheOutput
}

UserFederationCacheInput is an input type that accepts UserFederationCacheArgs and UserFederationCacheOutput values. You can construct a concrete instance of `UserFederationCacheInput` via: 

UserFederationCacheArgs{...}

type UserFederationCacheOutput 

type UserFederationCacheOutput struct{ *pulumi.OutputState }

func (UserFederationCacheOutput) ElementType 

func (UserFederationCacheOutput) ElementType() reflect.Type

func (UserFederationCacheOutput) EvictionDay 

func (o UserFederationCacheOutput) EvictionDay() pulumi.IntPtrOutput

Minute of day the entry will become invalid on.

func (UserFederationCacheOutput) EvictionHour 

func (o UserFederationCacheOutput) EvictionHour() pulumi.IntPtrOutput

Hour of day the entry will become invalid on.

func (UserFederationCacheOutput) EvictionMinute 

func (o UserFederationCacheOutput) EvictionMinute() pulumi.IntPtrOutput

func (UserFederationCacheOutput) MaxLifespan 

func (o UserFederationCacheOutput) MaxLifespan() pulumi.StringPtrOutput

Max lifespan of cache entry (duration string).

func (UserFederationCacheOutput) Policy 

func (o UserFederationCacheOutput) Policy() pulumi.StringPtrOutput

Can be one of `DEFAULT`, `EVICT_DAILY`, `EVICT_WEEKLY`, `MAX_LIFESPAN`, or `NO_CACHE`. Defaults to `DEFAULT`.

func (UserFederationCacheOutput) ToUserFederationCacheOutput 

func (o UserFederationCacheOutput) ToUserFederationCacheOutput() UserFederationCacheOutput

func (UserFederationCacheOutput) ToUserFederationCacheOutputWithContext 

func (o UserFederationCacheOutput) ToUserFederationCacheOutputWithContext(ctx context.Context) UserFederationCacheOutput

func (UserFederationCacheOutput) ToUserFederationCachePtrOutput 

func (o UserFederationCacheOutput) ToUserFederationCachePtrOutput() UserFederationCachePtrOutput

func (UserFederationCacheOutput) ToUserFederationCachePtrOutputWithContext 

func (o UserFederationCacheOutput) ToUserFederationCachePtrOutputWithContext(ctx context.Context) UserFederationCachePtrOutput

type UserFederationCachePtrInput 

type UserFederationCachePtrInput interface {
	pulumi.Input

	ToUserFederationCachePtrOutput() UserFederationCachePtrOutput
	ToUserFederationCachePtrOutputWithContext(context.Context) UserFederationCachePtrOutput
}

UserFederationCachePtrInput is an input type that accepts UserFederationCacheArgs, UserFederationCachePtr and UserFederationCachePtrOutput values. You can construct a concrete instance of `UserFederationCachePtrInput` via: 

        UserFederationCacheArgs{...}

or:

        nil

func UserFederationCachePtr 

func UserFederationCachePtr(v *UserFederationCacheArgs) UserFederationCachePtrInput

type UserFederationCachePtrOutput 

type UserFederationCachePtrOutput struct{ *pulumi.OutputState }

func (UserFederationCachePtrOutput) Elem 

func (o UserFederationCachePtrOutput) Elem() UserFederationCacheOutput

func (UserFederationCachePtrOutput) ElementType 

func (UserFederationCachePtrOutput) ElementType() reflect.Type

func (UserFederationCachePtrOutput) EvictionDay 

func (o UserFederationCachePtrOutput) EvictionDay() pulumi.IntPtrOutput

Minute of day the entry will become invalid on.

func (UserFederationCachePtrOutput) EvictionHour 

func (o UserFederationCachePtrOutput) EvictionHour() pulumi.IntPtrOutput

Hour of day the entry will become invalid on.

func (UserFederationCachePtrOutput) EvictionMinute 

func (o UserFederationCachePtrOutput) EvictionMinute() pulumi.IntPtrOutput

func (UserFederationCachePtrOutput) MaxLifespan 

func (o UserFederationCachePtrOutput) MaxLifespan() pulumi.StringPtrOutput

Max lifespan of cache entry (duration string).

func (UserFederationCachePtrOutput) Policy 

func (o UserFederationCachePtrOutput) Policy() pulumi.StringPtrOutput

Can be one of `DEFAULT`, `EVICT_DAILY`, `EVICT_WEEKLY`, `MAX_LIFESPAN`, or `NO_CACHE`. Defaults to `DEFAULT`.

func (UserFederationCachePtrOutput) ToUserFederationCachePtrOutput 

func (o UserFederationCachePtrOutput) ToUserFederationCachePtrOutput() UserFederationCachePtrOutput

func (UserFederationCachePtrOutput) ToUserFederationCachePtrOutputWithContext 

func (o UserFederationCachePtrOutput) ToUserFederationCachePtrOutputWithContext(ctx context.Context) UserFederationCachePtrOutput

type UserFederationInput added in v3.1.1 

type UserFederationInput interface {
	pulumi.Input

	ToUserFederationOutput() UserFederationOutput
	ToUserFederationOutputWithContext(ctx context.Context) UserFederationOutput
}

type UserFederationKerberos 

type UserFederationKerberos struct {
	// The name of the kerberos realm, e.g. FOO.LOCAL.
	KerberosRealm string `pulumi:"kerberosRealm"`
	// Path to the kerberos keytab file on the server with credentials of the service principal.
	KeyTab string `pulumi:"keyTab"`
	// The kerberos server principal, e.g. 'HTTP/host.foo.com@FOO.LOCAL'.
	ServerPrincipal string `pulumi:"serverPrincipal"`
	// Use kerberos login module instead of ldap service api. Defaults to `false`.
	UseKerberosForPasswordAuthentication *bool `pulumi:"useKerberosForPasswordAuthentication"`
}

type UserFederationKerberosArgs 

type UserFederationKerberosArgs struct {
	// The name of the kerberos realm, e.g. FOO.LOCAL.
	KerberosRealm pulumi.StringInput `pulumi:"kerberosRealm"`
	// Path to the kerberos keytab file on the server with credentials of the service principal.
	KeyTab pulumi.StringInput `pulumi:"keyTab"`
	// The kerberos server principal, e.g. 'HTTP/host.foo.com@FOO.LOCAL'.
	ServerPrincipal pulumi.StringInput `pulumi:"serverPrincipal"`
	// Use kerberos login module instead of ldap service api. Defaults to `false`.
	UseKerberosForPasswordAuthentication pulumi.BoolPtrInput `pulumi:"useKerberosForPasswordAuthentication"`
}

func (UserFederationKerberosArgs) ElementType 

func (UserFederationKerberosArgs) ElementType() reflect.Type

func (UserFederationKerberosArgs) ToUserFederationKerberosOutput 

func (i UserFederationKerberosArgs) ToUserFederationKerberosOutput() UserFederationKerberosOutput

func (UserFederationKerberosArgs) ToUserFederationKerberosOutputWithContext 

func (i UserFederationKerberosArgs) ToUserFederationKerberosOutputWithContext(ctx context.Context) UserFederationKerberosOutput

func (UserFederationKerberosArgs) ToUserFederationKerberosPtrOutput 

func (i UserFederationKerberosArgs) ToUserFederationKerberosPtrOutput() UserFederationKerberosPtrOutput

func (UserFederationKerberosArgs) ToUserFederationKerberosPtrOutputWithContext 

func (i UserFederationKerberosArgs) ToUserFederationKerberosPtrOutputWithContext(ctx context.Context) UserFederationKerberosPtrOutput

type UserFederationKerberosInput 

type UserFederationKerberosInput interface {
	pulumi.Input

	ToUserFederationKerberosOutput() UserFederationKerberosOutput
	ToUserFederationKerberosOutputWithContext(context.Context) UserFederationKerberosOutput
}

UserFederationKerberosInput is an input type that accepts UserFederationKerberosArgs and UserFederationKerberosOutput values. You can construct a concrete instance of `UserFederationKerberosInput` via: 

UserFederationKerberosArgs{...}

type UserFederationKerberosOutput 

type UserFederationKerberosOutput struct{ *pulumi.OutputState }

func (UserFederationKerberosOutput) ElementType 

func (UserFederationKerberosOutput) ElementType() reflect.Type

func (UserFederationKerberosOutput) KerberosRealm 

func (o UserFederationKerberosOutput) KerberosRealm() pulumi.StringOutput

The name of the kerberos realm, e.g. FOO.LOCAL.

func (UserFederationKerberosOutput) KeyTab 

func (o UserFederationKerberosOutput) KeyTab() pulumi.StringOutput

Path to the kerberos keytab file on the server with credentials of the service principal.

func (UserFederationKerberosOutput) ServerPrincipal 

func (o UserFederationKerberosOutput) ServerPrincipal() pulumi.StringOutput

The kerberos server principal, e.g. 'HTTP/host.foo.com@FOO.LOCAL'.

func (UserFederationKerberosOutput) ToUserFederationKerberosOutput 

func (o UserFederationKerberosOutput) ToUserFederationKerberosOutput() UserFederationKerberosOutput

func (UserFederationKerberosOutput) ToUserFederationKerberosOutputWithContext 

func (o UserFederationKerberosOutput) ToUserFederationKerberosOutputWithContext(ctx context.Context) UserFederationKerberosOutput

func (UserFederationKerberosOutput) ToUserFederationKerberosPtrOutput 

func (o UserFederationKerberosOutput) ToUserFederationKerberosPtrOutput() UserFederationKerberosPtrOutput

func (UserFederationKerberosOutput) ToUserFederationKerberosPtrOutputWithContext 

func (o UserFederationKerberosOutput) ToUserFederationKerberosPtrOutputWithContext(ctx context.Context) UserFederationKerberosPtrOutput

func (UserFederationKerberosOutput) UseKerberosForPasswordAuthentication 

func (o UserFederationKerberosOutput) UseKerberosForPasswordAuthentication() pulumi.BoolPtrOutput

Use kerberos login module instead of ldap service api. Defaults to `false`.

type UserFederationKerberosPtrInput 

type UserFederationKerberosPtrInput interface {
	pulumi.Input

	ToUserFederationKerberosPtrOutput() UserFederationKerberosPtrOutput
	ToUserFederationKerberosPtrOutputWithContext(context.Context) UserFederationKerberosPtrOutput
}

UserFederationKerberosPtrInput is an input type that accepts UserFederationKerberosArgs, UserFederationKerberosPtr and UserFederationKerberosPtrOutput values. You can construct a concrete instance of `UserFederationKerberosPtrInput` via: 

        UserFederationKerberosArgs{...}

or:

        nil

func UserFederationKerberosPtr 

func UserFederationKerberosPtr(v *UserFederationKerberosArgs) UserFederationKerberosPtrInput

type UserFederationKerberosPtrOutput 

type UserFederationKerberosPtrOutput struct{ *pulumi.OutputState }

func (UserFederationKerberosPtrOutput) Elem 

func (o UserFederationKerberosPtrOutput) Elem() UserFederationKerberosOutput

func (UserFederationKerberosPtrOutput) ElementType 

func (UserFederationKerberosPtrOutput) ElementType() reflect.Type

func (UserFederationKerberosPtrOutput) KerberosRealm 

func (o UserFederationKerberosPtrOutput) KerberosRealm() pulumi.StringPtrOutput

The name of the kerberos realm, e.g. FOO.LOCAL.

func (UserFederationKerberosPtrOutput) KeyTab 

func (o UserFederationKerberosPtrOutput) KeyTab() pulumi.StringPtrOutput

Path to the kerberos keytab file on the server with credentials of the service principal.

func (UserFederationKerberosPtrOutput) ServerPrincipal 

func (o UserFederationKerberosPtrOutput) ServerPrincipal() pulumi.StringPtrOutput

The kerberos server principal, e.g. 'HTTP/host.foo.com@FOO.LOCAL'.

func (UserFederationKerberosPtrOutput) ToUserFederationKerberosPtrOutput 

func (o UserFederationKerberosPtrOutput) ToUserFederationKerberosPtrOutput() UserFederationKerberosPtrOutput

func (UserFederationKerberosPtrOutput) ToUserFederationKerberosPtrOutputWithContext 

func (o UserFederationKerberosPtrOutput) ToUserFederationKerberosPtrOutputWithContext(ctx context.Context) UserFederationKerberosPtrOutput

func (UserFederationKerberosPtrOutput) UseKerberosForPasswordAuthentication 

func (o UserFederationKerberosPtrOutput) UseKerberosForPasswordAuthentication() pulumi.BoolPtrOutput

Use kerberos login module instead of ldap service api. Defaults to `false`.

type UserFederationMap added in v3.4.1 

type UserFederationMap map[string]UserFederationInput

func (UserFederationMap) ElementType added in v3.4.1 

func (UserFederationMap) ElementType() reflect.Type

func (UserFederationMap) ToUserFederationMapOutput added in v3.4.1 

func (i UserFederationMap) ToUserFederationMapOutput() UserFederationMapOutput

func (UserFederationMap) ToUserFederationMapOutputWithContext added in v3.4.1 

func (i UserFederationMap) ToUserFederationMapOutputWithContext(ctx context.Context) UserFederationMapOutput

type UserFederationMapInput added in v3.4.1 

type UserFederationMapInput interface {
	pulumi.Input

	ToUserFederationMapOutput() UserFederationMapOutput
	ToUserFederationMapOutputWithContext(context.Context) UserFederationMapOutput
}

UserFederationMapInput is an input type that accepts UserFederationMap and UserFederationMapOutput values. You can construct a concrete instance of `UserFederationMapInput` via: 

UserFederationMap{ "key": UserFederationArgs{...} }

type UserFederationMapOutput added in v3.4.1 

type UserFederationMapOutput struct{ *pulumi.OutputState }

func (UserFederationMapOutput) ElementType added in v3.4.1 

func (UserFederationMapOutput) ElementType() reflect.Type

func (UserFederationMapOutput) MapIndex added in v3.4.1 

func (o UserFederationMapOutput) MapIndex(k pulumi.StringInput) UserFederationOutput

func (UserFederationMapOutput) ToUserFederationMapOutput added in v3.4.1 

func (o UserFederationMapOutput) ToUserFederationMapOutput() UserFederationMapOutput

func (UserFederationMapOutput) ToUserFederationMapOutputWithContext added in v3.4.1 

func (o UserFederationMapOutput) ToUserFederationMapOutputWithContext(ctx context.Context) UserFederationMapOutput

type UserFederationOutput added in v3.1.1 

type UserFederationOutput struct {
	*pulumi.OutputState
}

func (UserFederationOutput) ElementType added in v3.1.1 

func (UserFederationOutput) ElementType() reflect.Type

func (UserFederationOutput) ToUserFederationOutput added in v3.1.1 

func (o UserFederationOutput) ToUserFederationOutput() UserFederationOutput

func (UserFederationOutput) ToUserFederationOutputWithContext added in v3.1.1 

func (o UserFederationOutput) ToUserFederationOutputWithContext(ctx context.Context) UserFederationOutput

func (UserFederationOutput) ToUserFederationPtrOutput added in v3.4.1 

func (o UserFederationOutput) ToUserFederationPtrOutput() UserFederationPtrOutput

func (UserFederationOutput) ToUserFederationPtrOutputWithContext added in v3.4.1 

func (o UserFederationOutput) ToUserFederationPtrOutputWithContext(ctx context.Context) UserFederationPtrOutput

type UserFederationPtrInput added in v3.4.1 

type UserFederationPtrInput interface {
	pulumi.Input

	ToUserFederationPtrOutput() UserFederationPtrOutput
	ToUserFederationPtrOutputWithContext(ctx context.Context) UserFederationPtrOutput
}

type UserFederationPtrOutput added in v3.4.1 

type UserFederationPtrOutput struct {
	*pulumi.OutputState
}

func (UserFederationPtrOutput) ElementType added in v3.4.1 

func (UserFederationPtrOutput) ElementType() reflect.Type

func (UserFederationPtrOutput) ToUserFederationPtrOutput added in v3.4.1 

func (o UserFederationPtrOutput) ToUserFederationPtrOutput() UserFederationPtrOutput

func (UserFederationPtrOutput) ToUserFederationPtrOutputWithContext added in v3.4.1 

func (o UserFederationPtrOutput) ToUserFederationPtrOutputWithContext(ctx context.Context) UserFederationPtrOutput

type UserFederationState 

type UserFederationState struct {
	// The number of users to sync within a single transaction. Defaults to `1000`.
	BatchSizeForSync pulumi.IntPtrInput
	// Password of LDAP admin. This attribute must be set if `bindDn` is set.
	BindCredential pulumi.StringPtrInput
	// DN of LDAP admin, which will be used by Keycloak to access LDAP server. This attribute must be set if `bindCredential` is set.
	BindDn pulumi.StringPtrInput
	// A block containing the cache settings.
	Cache UserFederationCachePtrInput
	// **Deprecated** Can be one of `DEFAULT`, `EVICT_DAILY`, `EVICT_WEEKLY`, `MAX_LIFESPAN`, or `NO_CACHE`. Defaults to `DEFAULT`.
	//
	// Deprecated: use cache.policy instead
	CachePolicy pulumi.StringPtrInput
	// How frequently Keycloak should sync changed LDAP users, in seconds. Omit this property to disable periodic changed users sync.
	ChangedSyncPeriod pulumi.IntPtrInput
	// LDAP connection timeout in the format of a [Go duration string](https://golang.org/pkg/time/#Duration.String).
	ConnectionTimeout pulumi.StringPtrInput
	// Connection URL to the LDAP server.
	ConnectionUrl pulumi.StringPtrInput
	// Additional LDAP filter for filtering searched users. Must begin with `(` and end with `)`.
	CustomUserSearchFilter pulumi.StringPtrInput
	// Can be one of `READ_ONLY`, `WRITABLE`, or `UNSYNCED`. `UNSYNCED` allows user data to be imported but not synced back to LDAP. Defaults to `READ_ONLY`.
	EditMode pulumi.StringPtrInput
	// When `false`, this provider will not be used when performing queries for users. Defaults to `true`.
	Enabled pulumi.BoolPtrInput
	// How frequently Keycloak should sync all LDAP users, in seconds. Omit this property to disable periodic full sync.
	FullSyncPeriod pulumi.IntPtrInput
	// When `true`, LDAP users will be imported into the Keycloak database. Defaults to `true`.
	ImportEnabled pulumi.BoolPtrInput
	// A block containing the kerberos settings.
	Kerberos UserFederationKerberosPtrInput
	// Display name of the provider when displayed in the console.
	Name pulumi.StringPtrInput
	// When true, Keycloak assumes the LDAP server supports pagination. Defaults to `true`.
	Pagination pulumi.BoolPtrInput
	// Priority of this provider when looking up users. Lower values are first. Defaults to `0`.
	Priority pulumi.IntPtrInput
	// Name of the LDAP attribute to use as the relative distinguished name.
	RdnLdapAttribute pulumi.StringPtrInput
	// LDAP read timeout in the format of a [Go duration string](https://golang.org/pkg/time/#Duration.String).
	ReadTimeout pulumi.StringPtrInput
	// The realm that this provider will provide user federation for.
	RealmId pulumi.StringPtrInput
	// Can be one of `ONE_LEVEL` or `SUBTREE`:
	// - `ONE_LEVEL`: Only search for users in the DN specified by `userDn`.
	// - `SUBTREE`: Search entire LDAP subtree.
	SearchScope pulumi.StringPtrInput
	// When `true`, newly created users will be synced back to LDAP. Defaults to `false`.
	SyncRegistrations pulumi.BoolPtrInput
	// Can be one of `ALWAYS`, `ONLY_FOR_LDAPS`, or `NEVER`:
	UseTruststoreSpi pulumi.StringPtrInput
	// Array of all values of LDAP objectClass attribute for users in LDAP. Must contain at least one.
	UserObjectClasses pulumi.StringArrayInput
	// Name of the LDAP attribute to use as the Keycloak username.
	UsernameLdapAttribute pulumi.StringPtrInput
	// Full DN of LDAP tree where your users are.
	UsersDn pulumi.StringPtrInput
	// Name of the LDAP attribute to use as a unique object identifier for objects in LDAP.
	UuidLdapAttribute pulumi.StringPtrInput
	// When `true`, Keycloak will validate passwords using the realm policy before updating it.
	ValidatePasswordPolicy pulumi.BoolPtrInput
	// Can be one of `OTHER`, `EDIRECTORY`, `AD`, `RHDS`, or `TIVOLI`. When this is selected in the GUI, it provides reasonable defaults for other fields. When used with the Keycloak API, this attribute does nothing, but is still required. Defaults to `OTHER`.
	Vendor pulumi.StringPtrInput
}

func (UserFederationState) ElementType 

func (UserFederationState) ElementType() reflect.Type

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.