Documentation ¶
Index ¶
- type FullNameMapper
- func (*FullNameMapper) ElementType() reflect.Type
- func (i *FullNameMapper) ToFullNameMapperOutput() FullNameMapperOutput
- func (i *FullNameMapper) ToFullNameMapperOutputWithContext(ctx context.Context) FullNameMapperOutput
- func (i *FullNameMapper) ToFullNameMapperPtrOutput() FullNameMapperPtrOutput
- func (i *FullNameMapper) ToFullNameMapperPtrOutputWithContext(ctx context.Context) FullNameMapperPtrOutput
- type FullNameMapperArgs
- type FullNameMapperArray
- type FullNameMapperArrayInput
- type FullNameMapperArrayOutput
- func (FullNameMapperArrayOutput) ElementType() reflect.Type
- func (o FullNameMapperArrayOutput) Index(i pulumi.IntInput) FullNameMapperOutput
- func (o FullNameMapperArrayOutput) ToFullNameMapperArrayOutput() FullNameMapperArrayOutput
- func (o FullNameMapperArrayOutput) ToFullNameMapperArrayOutputWithContext(ctx context.Context) FullNameMapperArrayOutput
- type FullNameMapperInput
- type FullNameMapperMap
- type FullNameMapperMapInput
- type FullNameMapperMapOutput
- func (FullNameMapperMapOutput) ElementType() reflect.Type
- func (o FullNameMapperMapOutput) MapIndex(k pulumi.StringInput) FullNameMapperOutput
- func (o FullNameMapperMapOutput) ToFullNameMapperMapOutput() FullNameMapperMapOutput
- func (o FullNameMapperMapOutput) ToFullNameMapperMapOutputWithContext(ctx context.Context) FullNameMapperMapOutput
- type FullNameMapperOutput
- func (FullNameMapperOutput) ElementType() reflect.Type
- func (o FullNameMapperOutput) ToFullNameMapperOutput() FullNameMapperOutput
- func (o FullNameMapperOutput) ToFullNameMapperOutputWithContext(ctx context.Context) FullNameMapperOutput
- func (o FullNameMapperOutput) ToFullNameMapperPtrOutput() FullNameMapperPtrOutput
- func (o FullNameMapperOutput) ToFullNameMapperPtrOutputWithContext(ctx context.Context) FullNameMapperPtrOutput
- type FullNameMapperPtrInput
- type FullNameMapperPtrOutput
- type FullNameMapperState
- type GroupMapper
- func (*GroupMapper) ElementType() reflect.Type
- func (i *GroupMapper) ToGroupMapperOutput() GroupMapperOutput
- func (i *GroupMapper) ToGroupMapperOutputWithContext(ctx context.Context) GroupMapperOutput
- func (i *GroupMapper) ToGroupMapperPtrOutput() GroupMapperPtrOutput
- func (i *GroupMapper) ToGroupMapperPtrOutputWithContext(ctx context.Context) GroupMapperPtrOutput
- type GroupMapperArgs
- type GroupMapperArray
- type GroupMapperArrayInput
- type GroupMapperArrayOutput
- func (GroupMapperArrayOutput) ElementType() reflect.Type
- func (o GroupMapperArrayOutput) Index(i pulumi.IntInput) GroupMapperOutput
- func (o GroupMapperArrayOutput) ToGroupMapperArrayOutput() GroupMapperArrayOutput
- func (o GroupMapperArrayOutput) ToGroupMapperArrayOutputWithContext(ctx context.Context) GroupMapperArrayOutput
- type GroupMapperInput
- type GroupMapperMap
- type GroupMapperMapInput
- type GroupMapperMapOutput
- func (GroupMapperMapOutput) ElementType() reflect.Type
- func (o GroupMapperMapOutput) MapIndex(k pulumi.StringInput) GroupMapperOutput
- func (o GroupMapperMapOutput) ToGroupMapperMapOutput() GroupMapperMapOutput
- func (o GroupMapperMapOutput) ToGroupMapperMapOutputWithContext(ctx context.Context) GroupMapperMapOutput
- type GroupMapperOutput
- func (GroupMapperOutput) ElementType() reflect.Type
- func (o GroupMapperOutput) ToGroupMapperOutput() GroupMapperOutput
- func (o GroupMapperOutput) ToGroupMapperOutputWithContext(ctx context.Context) GroupMapperOutput
- func (o GroupMapperOutput) ToGroupMapperPtrOutput() GroupMapperPtrOutput
- func (o GroupMapperOutput) ToGroupMapperPtrOutputWithContext(ctx context.Context) GroupMapperPtrOutput
- type GroupMapperPtrInput
- type GroupMapperPtrOutput
- type GroupMapperState
- type HardcodedGroupMapper
- func (*HardcodedGroupMapper) ElementType() reflect.Type
- func (i *HardcodedGroupMapper) ToHardcodedGroupMapperOutput() HardcodedGroupMapperOutput
- func (i *HardcodedGroupMapper) ToHardcodedGroupMapperOutputWithContext(ctx context.Context) HardcodedGroupMapperOutput
- func (i *HardcodedGroupMapper) ToHardcodedGroupMapperPtrOutput() HardcodedGroupMapperPtrOutput
- func (i *HardcodedGroupMapper) ToHardcodedGroupMapperPtrOutputWithContext(ctx context.Context) HardcodedGroupMapperPtrOutput
- type HardcodedGroupMapperArgs
- type HardcodedGroupMapperArray
- type HardcodedGroupMapperArrayInput
- type HardcodedGroupMapperArrayOutput
- func (HardcodedGroupMapperArrayOutput) ElementType() reflect.Type
- func (o HardcodedGroupMapperArrayOutput) Index(i pulumi.IntInput) HardcodedGroupMapperOutput
- func (o HardcodedGroupMapperArrayOutput) ToHardcodedGroupMapperArrayOutput() HardcodedGroupMapperArrayOutput
- func (o HardcodedGroupMapperArrayOutput) ToHardcodedGroupMapperArrayOutputWithContext(ctx context.Context) HardcodedGroupMapperArrayOutput
- type HardcodedGroupMapperInput
- type HardcodedGroupMapperMap
- type HardcodedGroupMapperMapInput
- type HardcodedGroupMapperMapOutput
- func (HardcodedGroupMapperMapOutput) ElementType() reflect.Type
- func (o HardcodedGroupMapperMapOutput) MapIndex(k pulumi.StringInput) HardcodedGroupMapperOutput
- func (o HardcodedGroupMapperMapOutput) ToHardcodedGroupMapperMapOutput() HardcodedGroupMapperMapOutput
- func (o HardcodedGroupMapperMapOutput) ToHardcodedGroupMapperMapOutputWithContext(ctx context.Context) HardcodedGroupMapperMapOutput
- type HardcodedGroupMapperOutput
- func (HardcodedGroupMapperOutput) ElementType() reflect.Type
- func (o HardcodedGroupMapperOutput) ToHardcodedGroupMapperOutput() HardcodedGroupMapperOutput
- func (o HardcodedGroupMapperOutput) ToHardcodedGroupMapperOutputWithContext(ctx context.Context) HardcodedGroupMapperOutput
- func (o HardcodedGroupMapperOutput) ToHardcodedGroupMapperPtrOutput() HardcodedGroupMapperPtrOutput
- func (o HardcodedGroupMapperOutput) ToHardcodedGroupMapperPtrOutputWithContext(ctx context.Context) HardcodedGroupMapperPtrOutput
- type HardcodedGroupMapperPtrInput
- type HardcodedGroupMapperPtrOutput
- type HardcodedGroupMapperState
- type HardcodedRoleMapper
- func (*HardcodedRoleMapper) ElementType() reflect.Type
- func (i *HardcodedRoleMapper) ToHardcodedRoleMapperOutput() HardcodedRoleMapperOutput
- func (i *HardcodedRoleMapper) ToHardcodedRoleMapperOutputWithContext(ctx context.Context) HardcodedRoleMapperOutput
- func (i *HardcodedRoleMapper) ToHardcodedRoleMapperPtrOutput() HardcodedRoleMapperPtrOutput
- func (i *HardcodedRoleMapper) ToHardcodedRoleMapperPtrOutputWithContext(ctx context.Context) HardcodedRoleMapperPtrOutput
- type HardcodedRoleMapperArgs
- type HardcodedRoleMapperArray
- type HardcodedRoleMapperArrayInput
- type HardcodedRoleMapperArrayOutput
- func (HardcodedRoleMapperArrayOutput) ElementType() reflect.Type
- func (o HardcodedRoleMapperArrayOutput) Index(i pulumi.IntInput) HardcodedRoleMapperOutput
- func (o HardcodedRoleMapperArrayOutput) ToHardcodedRoleMapperArrayOutput() HardcodedRoleMapperArrayOutput
- func (o HardcodedRoleMapperArrayOutput) ToHardcodedRoleMapperArrayOutputWithContext(ctx context.Context) HardcodedRoleMapperArrayOutput
- type HardcodedRoleMapperInput
- type HardcodedRoleMapperMap
- type HardcodedRoleMapperMapInput
- type HardcodedRoleMapperMapOutput
- func (HardcodedRoleMapperMapOutput) ElementType() reflect.Type
- func (o HardcodedRoleMapperMapOutput) MapIndex(k pulumi.StringInput) HardcodedRoleMapperOutput
- func (o HardcodedRoleMapperMapOutput) ToHardcodedRoleMapperMapOutput() HardcodedRoleMapperMapOutput
- func (o HardcodedRoleMapperMapOutput) ToHardcodedRoleMapperMapOutputWithContext(ctx context.Context) HardcodedRoleMapperMapOutput
- type HardcodedRoleMapperOutput
- func (HardcodedRoleMapperOutput) ElementType() reflect.Type
- func (o HardcodedRoleMapperOutput) ToHardcodedRoleMapperOutput() HardcodedRoleMapperOutput
- func (o HardcodedRoleMapperOutput) ToHardcodedRoleMapperOutputWithContext(ctx context.Context) HardcodedRoleMapperOutput
- func (o HardcodedRoleMapperOutput) ToHardcodedRoleMapperPtrOutput() HardcodedRoleMapperPtrOutput
- func (o HardcodedRoleMapperOutput) ToHardcodedRoleMapperPtrOutputWithContext(ctx context.Context) HardcodedRoleMapperPtrOutput
- type HardcodedRoleMapperPtrInput
- type HardcodedRoleMapperPtrOutput
- type HardcodedRoleMapperState
- type MsadLdsUserAccountControlMapper
- func GetMsadLdsUserAccountControlMapper(ctx *pulumi.Context, name string, id pulumi.IDInput, ...) (*MsadLdsUserAccountControlMapper, error)
- func NewMsadLdsUserAccountControlMapper(ctx *pulumi.Context, name string, args *MsadLdsUserAccountControlMapperArgs, ...) (*MsadLdsUserAccountControlMapper, error)
- func (*MsadLdsUserAccountControlMapper) ElementType() reflect.Type
- func (i *MsadLdsUserAccountControlMapper) ToMsadLdsUserAccountControlMapperOutput() MsadLdsUserAccountControlMapperOutput
- func (i *MsadLdsUserAccountControlMapper) ToMsadLdsUserAccountControlMapperOutputWithContext(ctx context.Context) MsadLdsUserAccountControlMapperOutput
- func (i *MsadLdsUserAccountControlMapper) ToMsadLdsUserAccountControlMapperPtrOutput() MsadLdsUserAccountControlMapperPtrOutput
- func (i *MsadLdsUserAccountControlMapper) ToMsadLdsUserAccountControlMapperPtrOutputWithContext(ctx context.Context) MsadLdsUserAccountControlMapperPtrOutput
- type MsadLdsUserAccountControlMapperArgs
- type MsadLdsUserAccountControlMapperArray
- func (MsadLdsUserAccountControlMapperArray) ElementType() reflect.Type
- func (i MsadLdsUserAccountControlMapperArray) ToMsadLdsUserAccountControlMapperArrayOutput() MsadLdsUserAccountControlMapperArrayOutput
- func (i MsadLdsUserAccountControlMapperArray) ToMsadLdsUserAccountControlMapperArrayOutputWithContext(ctx context.Context) MsadLdsUserAccountControlMapperArrayOutput
- type MsadLdsUserAccountControlMapperArrayInput
- type MsadLdsUserAccountControlMapperArrayOutput
- func (MsadLdsUserAccountControlMapperArrayOutput) ElementType() reflect.Type
- func (o MsadLdsUserAccountControlMapperArrayOutput) Index(i pulumi.IntInput) MsadLdsUserAccountControlMapperOutput
- func (o MsadLdsUserAccountControlMapperArrayOutput) ToMsadLdsUserAccountControlMapperArrayOutput() MsadLdsUserAccountControlMapperArrayOutput
- func (o MsadLdsUserAccountControlMapperArrayOutput) ToMsadLdsUserAccountControlMapperArrayOutputWithContext(ctx context.Context) MsadLdsUserAccountControlMapperArrayOutput
- type MsadLdsUserAccountControlMapperInput
- type MsadLdsUserAccountControlMapperMap
- func (MsadLdsUserAccountControlMapperMap) ElementType() reflect.Type
- func (i MsadLdsUserAccountControlMapperMap) ToMsadLdsUserAccountControlMapperMapOutput() MsadLdsUserAccountControlMapperMapOutput
- func (i MsadLdsUserAccountControlMapperMap) ToMsadLdsUserAccountControlMapperMapOutputWithContext(ctx context.Context) MsadLdsUserAccountControlMapperMapOutput
- type MsadLdsUserAccountControlMapperMapInput
- type MsadLdsUserAccountControlMapperMapOutput
- func (MsadLdsUserAccountControlMapperMapOutput) ElementType() reflect.Type
- func (o MsadLdsUserAccountControlMapperMapOutput) MapIndex(k pulumi.StringInput) MsadLdsUserAccountControlMapperOutput
- func (o MsadLdsUserAccountControlMapperMapOutput) ToMsadLdsUserAccountControlMapperMapOutput() MsadLdsUserAccountControlMapperMapOutput
- func (o MsadLdsUserAccountControlMapperMapOutput) ToMsadLdsUserAccountControlMapperMapOutputWithContext(ctx context.Context) MsadLdsUserAccountControlMapperMapOutput
- type MsadLdsUserAccountControlMapperOutput
- func (MsadLdsUserAccountControlMapperOutput) ElementType() reflect.Type
- func (o MsadLdsUserAccountControlMapperOutput) ToMsadLdsUserAccountControlMapperOutput() MsadLdsUserAccountControlMapperOutput
- func (o MsadLdsUserAccountControlMapperOutput) ToMsadLdsUserAccountControlMapperOutputWithContext(ctx context.Context) MsadLdsUserAccountControlMapperOutput
- func (o MsadLdsUserAccountControlMapperOutput) ToMsadLdsUserAccountControlMapperPtrOutput() MsadLdsUserAccountControlMapperPtrOutput
- func (o MsadLdsUserAccountControlMapperOutput) ToMsadLdsUserAccountControlMapperPtrOutputWithContext(ctx context.Context) MsadLdsUserAccountControlMapperPtrOutput
- type MsadLdsUserAccountControlMapperPtrInput
- type MsadLdsUserAccountControlMapperPtrOutput
- func (MsadLdsUserAccountControlMapperPtrOutput) ElementType() reflect.Type
- func (o MsadLdsUserAccountControlMapperPtrOutput) ToMsadLdsUserAccountControlMapperPtrOutput() MsadLdsUserAccountControlMapperPtrOutput
- func (o MsadLdsUserAccountControlMapperPtrOutput) ToMsadLdsUserAccountControlMapperPtrOutputWithContext(ctx context.Context) MsadLdsUserAccountControlMapperPtrOutput
- type MsadLdsUserAccountControlMapperState
- type MsadUserAccountControlMapper
- func (*MsadUserAccountControlMapper) ElementType() reflect.Type
- func (i *MsadUserAccountControlMapper) ToMsadUserAccountControlMapperOutput() MsadUserAccountControlMapperOutput
- func (i *MsadUserAccountControlMapper) ToMsadUserAccountControlMapperOutputWithContext(ctx context.Context) MsadUserAccountControlMapperOutput
- func (i *MsadUserAccountControlMapper) ToMsadUserAccountControlMapperPtrOutput() MsadUserAccountControlMapperPtrOutput
- func (i *MsadUserAccountControlMapper) ToMsadUserAccountControlMapperPtrOutputWithContext(ctx context.Context) MsadUserAccountControlMapperPtrOutput
- type MsadUserAccountControlMapperArgs
- type MsadUserAccountControlMapperArray
- func (MsadUserAccountControlMapperArray) ElementType() reflect.Type
- func (i MsadUserAccountControlMapperArray) ToMsadUserAccountControlMapperArrayOutput() MsadUserAccountControlMapperArrayOutput
- func (i MsadUserAccountControlMapperArray) ToMsadUserAccountControlMapperArrayOutputWithContext(ctx context.Context) MsadUserAccountControlMapperArrayOutput
- type MsadUserAccountControlMapperArrayInput
- type MsadUserAccountControlMapperArrayOutput
- func (MsadUserAccountControlMapperArrayOutput) ElementType() reflect.Type
- func (o MsadUserAccountControlMapperArrayOutput) Index(i pulumi.IntInput) MsadUserAccountControlMapperOutput
- func (o MsadUserAccountControlMapperArrayOutput) ToMsadUserAccountControlMapperArrayOutput() MsadUserAccountControlMapperArrayOutput
- func (o MsadUserAccountControlMapperArrayOutput) ToMsadUserAccountControlMapperArrayOutputWithContext(ctx context.Context) MsadUserAccountControlMapperArrayOutput
- type MsadUserAccountControlMapperInput
- type MsadUserAccountControlMapperMap
- func (MsadUserAccountControlMapperMap) ElementType() reflect.Type
- func (i MsadUserAccountControlMapperMap) ToMsadUserAccountControlMapperMapOutput() MsadUserAccountControlMapperMapOutput
- func (i MsadUserAccountControlMapperMap) ToMsadUserAccountControlMapperMapOutputWithContext(ctx context.Context) MsadUserAccountControlMapperMapOutput
- type MsadUserAccountControlMapperMapInput
- type MsadUserAccountControlMapperMapOutput
- func (MsadUserAccountControlMapperMapOutput) ElementType() reflect.Type
- func (o MsadUserAccountControlMapperMapOutput) MapIndex(k pulumi.StringInput) MsadUserAccountControlMapperOutput
- func (o MsadUserAccountControlMapperMapOutput) ToMsadUserAccountControlMapperMapOutput() MsadUserAccountControlMapperMapOutput
- func (o MsadUserAccountControlMapperMapOutput) ToMsadUserAccountControlMapperMapOutputWithContext(ctx context.Context) MsadUserAccountControlMapperMapOutput
- type MsadUserAccountControlMapperOutput
- func (MsadUserAccountControlMapperOutput) ElementType() reflect.Type
- func (o MsadUserAccountControlMapperOutput) ToMsadUserAccountControlMapperOutput() MsadUserAccountControlMapperOutput
- func (o MsadUserAccountControlMapperOutput) ToMsadUserAccountControlMapperOutputWithContext(ctx context.Context) MsadUserAccountControlMapperOutput
- func (o MsadUserAccountControlMapperOutput) ToMsadUserAccountControlMapperPtrOutput() MsadUserAccountControlMapperPtrOutput
- func (o MsadUserAccountControlMapperOutput) ToMsadUserAccountControlMapperPtrOutputWithContext(ctx context.Context) MsadUserAccountControlMapperPtrOutput
- type MsadUserAccountControlMapperPtrInput
- type MsadUserAccountControlMapperPtrOutput
- func (MsadUserAccountControlMapperPtrOutput) ElementType() reflect.Type
- func (o MsadUserAccountControlMapperPtrOutput) ToMsadUserAccountControlMapperPtrOutput() MsadUserAccountControlMapperPtrOutput
- func (o MsadUserAccountControlMapperPtrOutput) ToMsadUserAccountControlMapperPtrOutputWithContext(ctx context.Context) MsadUserAccountControlMapperPtrOutput
- type MsadUserAccountControlMapperState
- type RoleMapper
- func (*RoleMapper) ElementType() reflect.Type
- func (i *RoleMapper) ToRoleMapperOutput() RoleMapperOutput
- func (i *RoleMapper) ToRoleMapperOutputWithContext(ctx context.Context) RoleMapperOutput
- func (i *RoleMapper) ToRoleMapperPtrOutput() RoleMapperPtrOutput
- func (i *RoleMapper) ToRoleMapperPtrOutputWithContext(ctx context.Context) RoleMapperPtrOutput
- type RoleMapperArgs
- type RoleMapperArray
- type RoleMapperArrayInput
- type RoleMapperArrayOutput
- func (RoleMapperArrayOutput) ElementType() reflect.Type
- func (o RoleMapperArrayOutput) Index(i pulumi.IntInput) RoleMapperOutput
- func (o RoleMapperArrayOutput) ToRoleMapperArrayOutput() RoleMapperArrayOutput
- func (o RoleMapperArrayOutput) ToRoleMapperArrayOutputWithContext(ctx context.Context) RoleMapperArrayOutput
- type RoleMapperInput
- type RoleMapperMap
- type RoleMapperMapInput
- type RoleMapperMapOutput
- func (RoleMapperMapOutput) ElementType() reflect.Type
- func (o RoleMapperMapOutput) MapIndex(k pulumi.StringInput) RoleMapperOutput
- func (o RoleMapperMapOutput) ToRoleMapperMapOutput() RoleMapperMapOutput
- func (o RoleMapperMapOutput) ToRoleMapperMapOutputWithContext(ctx context.Context) RoleMapperMapOutput
- type RoleMapperOutput
- func (RoleMapperOutput) ElementType() reflect.Type
- func (o RoleMapperOutput) ToRoleMapperOutput() RoleMapperOutput
- func (o RoleMapperOutput) ToRoleMapperOutputWithContext(ctx context.Context) RoleMapperOutput
- func (o RoleMapperOutput) ToRoleMapperPtrOutput() RoleMapperPtrOutput
- func (o RoleMapperOutput) ToRoleMapperPtrOutputWithContext(ctx context.Context) RoleMapperPtrOutput
- type RoleMapperPtrInput
- type RoleMapperPtrOutput
- type RoleMapperState
- type UserAttributeMapper
- func (*UserAttributeMapper) ElementType() reflect.Type
- func (i *UserAttributeMapper) ToUserAttributeMapperOutput() UserAttributeMapperOutput
- func (i *UserAttributeMapper) ToUserAttributeMapperOutputWithContext(ctx context.Context) UserAttributeMapperOutput
- func (i *UserAttributeMapper) ToUserAttributeMapperPtrOutput() UserAttributeMapperPtrOutput
- func (i *UserAttributeMapper) ToUserAttributeMapperPtrOutputWithContext(ctx context.Context) UserAttributeMapperPtrOutput
- type UserAttributeMapperArgs
- type UserAttributeMapperArray
- type UserAttributeMapperArrayInput
- type UserAttributeMapperArrayOutput
- func (UserAttributeMapperArrayOutput) ElementType() reflect.Type
- func (o UserAttributeMapperArrayOutput) Index(i pulumi.IntInput) UserAttributeMapperOutput
- func (o UserAttributeMapperArrayOutput) ToUserAttributeMapperArrayOutput() UserAttributeMapperArrayOutput
- func (o UserAttributeMapperArrayOutput) ToUserAttributeMapperArrayOutputWithContext(ctx context.Context) UserAttributeMapperArrayOutput
- type UserAttributeMapperInput
- type UserAttributeMapperMap
- type UserAttributeMapperMapInput
- type UserAttributeMapperMapOutput
- func (UserAttributeMapperMapOutput) ElementType() reflect.Type
- func (o UserAttributeMapperMapOutput) MapIndex(k pulumi.StringInput) UserAttributeMapperOutput
- func (o UserAttributeMapperMapOutput) ToUserAttributeMapperMapOutput() UserAttributeMapperMapOutput
- func (o UserAttributeMapperMapOutput) ToUserAttributeMapperMapOutputWithContext(ctx context.Context) UserAttributeMapperMapOutput
- type UserAttributeMapperOutput
- func (UserAttributeMapperOutput) ElementType() reflect.Type
- func (o UserAttributeMapperOutput) ToUserAttributeMapperOutput() UserAttributeMapperOutput
- func (o UserAttributeMapperOutput) ToUserAttributeMapperOutputWithContext(ctx context.Context) UserAttributeMapperOutput
- func (o UserAttributeMapperOutput) ToUserAttributeMapperPtrOutput() UserAttributeMapperPtrOutput
- func (o UserAttributeMapperOutput) ToUserAttributeMapperPtrOutputWithContext(ctx context.Context) UserAttributeMapperPtrOutput
- type UserAttributeMapperPtrInput
- type UserAttributeMapperPtrOutput
- type UserAttributeMapperState
- type UserFederation
- func (*UserFederation) ElementType() reflect.Type
- func (i *UserFederation) ToUserFederationOutput() UserFederationOutput
- func (i *UserFederation) ToUserFederationOutputWithContext(ctx context.Context) UserFederationOutput
- func (i *UserFederation) ToUserFederationPtrOutput() UserFederationPtrOutput
- func (i *UserFederation) ToUserFederationPtrOutputWithContext(ctx context.Context) UserFederationPtrOutput
- type UserFederationArgs
- type UserFederationArray
- type UserFederationArrayInput
- type UserFederationArrayOutput
- func (UserFederationArrayOutput) ElementType() reflect.Type
- func (o UserFederationArrayOutput) Index(i pulumi.IntInput) UserFederationOutput
- func (o UserFederationArrayOutput) ToUserFederationArrayOutput() UserFederationArrayOutput
- func (o UserFederationArrayOutput) ToUserFederationArrayOutputWithContext(ctx context.Context) UserFederationArrayOutput
- type UserFederationCache
- type UserFederationCacheArgs
- func (UserFederationCacheArgs) ElementType() reflect.Type
- func (i UserFederationCacheArgs) ToUserFederationCacheOutput() UserFederationCacheOutput
- func (i UserFederationCacheArgs) ToUserFederationCacheOutputWithContext(ctx context.Context) UserFederationCacheOutput
- func (i UserFederationCacheArgs) ToUserFederationCachePtrOutput() UserFederationCachePtrOutput
- func (i UserFederationCacheArgs) ToUserFederationCachePtrOutputWithContext(ctx context.Context) UserFederationCachePtrOutput
- type UserFederationCacheInput
- type UserFederationCacheOutput
- func (UserFederationCacheOutput) ElementType() reflect.Type
- func (o UserFederationCacheOutput) EvictionDay() pulumi.IntPtrOutput
- func (o UserFederationCacheOutput) EvictionHour() pulumi.IntPtrOutput
- func (o UserFederationCacheOutput) EvictionMinute() pulumi.IntPtrOutput
- func (o UserFederationCacheOutput) MaxLifespan() pulumi.StringPtrOutput
- func (o UserFederationCacheOutput) Policy() pulumi.StringPtrOutput
- func (o UserFederationCacheOutput) ToUserFederationCacheOutput() UserFederationCacheOutput
- func (o UserFederationCacheOutput) ToUserFederationCacheOutputWithContext(ctx context.Context) UserFederationCacheOutput
- func (o UserFederationCacheOutput) ToUserFederationCachePtrOutput() UserFederationCachePtrOutput
- func (o UserFederationCacheOutput) ToUserFederationCachePtrOutputWithContext(ctx context.Context) UserFederationCachePtrOutput
- type UserFederationCachePtrInput
- type UserFederationCachePtrOutput
- func (o UserFederationCachePtrOutput) Elem() UserFederationCacheOutput
- func (UserFederationCachePtrOutput) ElementType() reflect.Type
- func (o UserFederationCachePtrOutput) EvictionDay() pulumi.IntPtrOutput
- func (o UserFederationCachePtrOutput) EvictionHour() pulumi.IntPtrOutput
- func (o UserFederationCachePtrOutput) EvictionMinute() pulumi.IntPtrOutput
- func (o UserFederationCachePtrOutput) MaxLifespan() pulumi.StringPtrOutput
- func (o UserFederationCachePtrOutput) Policy() pulumi.StringPtrOutput
- func (o UserFederationCachePtrOutput) ToUserFederationCachePtrOutput() UserFederationCachePtrOutput
- func (o UserFederationCachePtrOutput) ToUserFederationCachePtrOutputWithContext(ctx context.Context) UserFederationCachePtrOutput
- type UserFederationInput
- type UserFederationKerberos
- type UserFederationKerberosArgs
- func (UserFederationKerberosArgs) ElementType() reflect.Type
- func (i UserFederationKerberosArgs) ToUserFederationKerberosOutput() UserFederationKerberosOutput
- func (i UserFederationKerberosArgs) ToUserFederationKerberosOutputWithContext(ctx context.Context) UserFederationKerberosOutput
- func (i UserFederationKerberosArgs) ToUserFederationKerberosPtrOutput() UserFederationKerberosPtrOutput
- func (i UserFederationKerberosArgs) ToUserFederationKerberosPtrOutputWithContext(ctx context.Context) UserFederationKerberosPtrOutput
- type UserFederationKerberosInput
- type UserFederationKerberosOutput
- func (UserFederationKerberosOutput) ElementType() reflect.Type
- func (o UserFederationKerberosOutput) KerberosRealm() pulumi.StringOutput
- func (o UserFederationKerberosOutput) KeyTab() pulumi.StringOutput
- func (o UserFederationKerberosOutput) ServerPrincipal() pulumi.StringOutput
- func (o UserFederationKerberosOutput) ToUserFederationKerberosOutput() UserFederationKerberosOutput
- func (o UserFederationKerberosOutput) ToUserFederationKerberosOutputWithContext(ctx context.Context) UserFederationKerberosOutput
- func (o UserFederationKerberosOutput) ToUserFederationKerberosPtrOutput() UserFederationKerberosPtrOutput
- func (o UserFederationKerberosOutput) ToUserFederationKerberosPtrOutputWithContext(ctx context.Context) UserFederationKerberosPtrOutput
- func (o UserFederationKerberosOutput) UseKerberosForPasswordAuthentication() pulumi.BoolPtrOutput
- type UserFederationKerberosPtrInput
- type UserFederationKerberosPtrOutput
- func (o UserFederationKerberosPtrOutput) Elem() UserFederationKerberosOutput
- func (UserFederationKerberosPtrOutput) ElementType() reflect.Type
- func (o UserFederationKerberosPtrOutput) KerberosRealm() pulumi.StringPtrOutput
- func (o UserFederationKerberosPtrOutput) KeyTab() pulumi.StringPtrOutput
- func (o UserFederationKerberosPtrOutput) ServerPrincipal() pulumi.StringPtrOutput
- func (o UserFederationKerberosPtrOutput) ToUserFederationKerberosPtrOutput() UserFederationKerberosPtrOutput
- func (o UserFederationKerberosPtrOutput) ToUserFederationKerberosPtrOutputWithContext(ctx context.Context) UserFederationKerberosPtrOutput
- func (o UserFederationKerberosPtrOutput) UseKerberosForPasswordAuthentication() pulumi.BoolPtrOutput
- type UserFederationMap
- type UserFederationMapInput
- type UserFederationMapOutput
- func (UserFederationMapOutput) ElementType() reflect.Type
- func (o UserFederationMapOutput) MapIndex(k pulumi.StringInput) UserFederationOutput
- func (o UserFederationMapOutput) ToUserFederationMapOutput() UserFederationMapOutput
- func (o UserFederationMapOutput) ToUserFederationMapOutputWithContext(ctx context.Context) UserFederationMapOutput
- type UserFederationOutput
- func (UserFederationOutput) ElementType() reflect.Type
- func (o UserFederationOutput) ToUserFederationOutput() UserFederationOutput
- func (o UserFederationOutput) ToUserFederationOutputWithContext(ctx context.Context) UserFederationOutput
- func (o UserFederationOutput) ToUserFederationPtrOutput() UserFederationPtrOutput
- func (o UserFederationOutput) ToUserFederationPtrOutputWithContext(ctx context.Context) UserFederationPtrOutput
- type UserFederationPtrInput
- type UserFederationPtrOutput
- type UserFederationState
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type FullNameMapper ¶
type FullNameMapper struct { pulumi.CustomResourceState // The name of the LDAP attribute containing the user's full name. LdapFullNameAttribute pulumi.StringOutput `pulumi:"ldapFullNameAttribute"` // The ID of the LDAP user federation provider to attach this mapper to. LdapUserFederationId pulumi.StringOutput `pulumi:"ldapUserFederationId"` // Display name of this mapper when displayed in the console. Name pulumi.StringOutput `pulumi:"name"` // When `true`, updates to a user within Keycloak will not be written back to LDAP. Defaults to `false`. ReadOnly pulumi.BoolPtrOutput `pulumi:"readOnly"` // The realm that this LDAP mapper will exist in. RealmId pulumi.StringOutput `pulumi:"realmId"` // When `true`, this mapper will only be used to write updates to LDAP. Defaults to `false`. WriteOnly pulumi.BoolPtrOutput `pulumi:"writeOnly"` }
Allows for creating and managing full name mappers for Keycloak users federated via LDAP.
The LDAP full name mapper can map a user's full name from an LDAP attribute to the first and last name attributes of a Keycloak user.
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-keycloak/sdk/v3/go/keycloak" "github.com/pulumi/pulumi-keycloak/sdk/v3/go/keycloak/ldap" "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { realm, err := keycloak.NewRealm(ctx, "realm", &keycloak.RealmArgs{ Realm: pulumi.String("my-realm"), Enabled: pulumi.Bool(true), }) if err != nil { return err } ldapUserFederation, err := ldap.NewUserFederation(ctx, "ldapUserFederation", &ldap.UserFederationArgs{ RealmId: realm.ID(), UsernameLdapAttribute: pulumi.String("cn"), RdnLdapAttribute: pulumi.String("cn"), UuidLdapAttribute: pulumi.String("entryDN"), UserObjectClasses: pulumi.StringArray{ pulumi.String("simpleSecurityObject"), pulumi.String("organizationalRole"), }, ConnectionUrl: pulumi.String("ldap://openldap"), UsersDn: pulumi.String("dc=example,dc=org"), BindDn: pulumi.String("cn=admin,dc=example,dc=org"), BindCredential: pulumi.String("admin"), }) if err != nil { return err } _, err = ldap.NewFullNameMapper(ctx, "ldapFullNameMapper", &ldap.FullNameMapperArgs{ RealmId: realm.ID(), LdapUserFederationId: ldapUserFederation.ID(), LdapFullNameAttribute: pulumi.String("cn"), }) if err != nil { return err } return nil }) }
```
## Import
LDAP mappers can be imported using the format `{{realm_id}}/{{ldap_user_federation_id}}/{{ldap_mapper_id}}`. The ID of the LDAP user federation provider and the mapper can be found within the Keycloak GUI, and they are typically GUIDs. Examplebash
```sh
$ pulumi import keycloak:ldap/fullNameMapper:FullNameMapper ldap_full_name_mapper my-realm/af2a6ca3-e4d7-49c3-b08b-1b3c70b4b860/3d923ece-1a91-4bf7-adaf-3b82f2a12b67
```
func GetFullNameMapper ¶
func GetFullNameMapper(ctx *pulumi.Context, name string, id pulumi.IDInput, state *FullNameMapperState, opts ...pulumi.ResourceOption) (*FullNameMapper, error)
GetFullNameMapper gets an existing FullNameMapper resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewFullNameMapper ¶
func NewFullNameMapper(ctx *pulumi.Context, name string, args *FullNameMapperArgs, opts ...pulumi.ResourceOption) (*FullNameMapper, error)
NewFullNameMapper registers a new resource with the given unique name, arguments, and options.
func (*FullNameMapper) ElementType ¶ added in v3.1.1
func (*FullNameMapper) ElementType() reflect.Type
func (*FullNameMapper) ToFullNameMapperOutput ¶ added in v3.1.1
func (i *FullNameMapper) ToFullNameMapperOutput() FullNameMapperOutput
func (*FullNameMapper) ToFullNameMapperOutputWithContext ¶ added in v3.1.1
func (i *FullNameMapper) ToFullNameMapperOutputWithContext(ctx context.Context) FullNameMapperOutput
func (*FullNameMapper) ToFullNameMapperPtrOutput ¶ added in v3.4.1
func (i *FullNameMapper) ToFullNameMapperPtrOutput() FullNameMapperPtrOutput
func (*FullNameMapper) ToFullNameMapperPtrOutputWithContext ¶ added in v3.4.1
func (i *FullNameMapper) ToFullNameMapperPtrOutputWithContext(ctx context.Context) FullNameMapperPtrOutput
type FullNameMapperArgs ¶
type FullNameMapperArgs struct { // The name of the LDAP attribute containing the user's full name. LdapFullNameAttribute pulumi.StringInput // The ID of the LDAP user federation provider to attach this mapper to. LdapUserFederationId pulumi.StringInput // Display name of this mapper when displayed in the console. Name pulumi.StringPtrInput // When `true`, updates to a user within Keycloak will not be written back to LDAP. Defaults to `false`. ReadOnly pulumi.BoolPtrInput // The realm that this LDAP mapper will exist in. RealmId pulumi.StringInput // When `true`, this mapper will only be used to write updates to LDAP. Defaults to `false`. WriteOnly pulumi.BoolPtrInput }
The set of arguments for constructing a FullNameMapper resource.
func (FullNameMapperArgs) ElementType ¶
func (FullNameMapperArgs) ElementType() reflect.Type
type FullNameMapperArray ¶ added in v3.4.1
type FullNameMapperArray []FullNameMapperInput
func (FullNameMapperArray) ElementType ¶ added in v3.4.1
func (FullNameMapperArray) ElementType() reflect.Type
func (FullNameMapperArray) ToFullNameMapperArrayOutput ¶ added in v3.4.1
func (i FullNameMapperArray) ToFullNameMapperArrayOutput() FullNameMapperArrayOutput
func (FullNameMapperArray) ToFullNameMapperArrayOutputWithContext ¶ added in v3.4.1
func (i FullNameMapperArray) ToFullNameMapperArrayOutputWithContext(ctx context.Context) FullNameMapperArrayOutput
type FullNameMapperArrayInput ¶ added in v3.4.1
type FullNameMapperArrayInput interface { pulumi.Input ToFullNameMapperArrayOutput() FullNameMapperArrayOutput ToFullNameMapperArrayOutputWithContext(context.Context) FullNameMapperArrayOutput }
FullNameMapperArrayInput is an input type that accepts FullNameMapperArray and FullNameMapperArrayOutput values. You can construct a concrete instance of `FullNameMapperArrayInput` via:
FullNameMapperArray{ FullNameMapperArgs{...} }
type FullNameMapperArrayOutput ¶ added in v3.4.1
type FullNameMapperArrayOutput struct{ *pulumi.OutputState }
func (FullNameMapperArrayOutput) ElementType ¶ added in v3.4.1
func (FullNameMapperArrayOutput) ElementType() reflect.Type
func (FullNameMapperArrayOutput) Index ¶ added in v3.4.1
func (o FullNameMapperArrayOutput) Index(i pulumi.IntInput) FullNameMapperOutput
func (FullNameMapperArrayOutput) ToFullNameMapperArrayOutput ¶ added in v3.4.1
func (o FullNameMapperArrayOutput) ToFullNameMapperArrayOutput() FullNameMapperArrayOutput
func (FullNameMapperArrayOutput) ToFullNameMapperArrayOutputWithContext ¶ added in v3.4.1
func (o FullNameMapperArrayOutput) ToFullNameMapperArrayOutputWithContext(ctx context.Context) FullNameMapperArrayOutput
type FullNameMapperInput ¶ added in v3.1.1
type FullNameMapperInput interface { pulumi.Input ToFullNameMapperOutput() FullNameMapperOutput ToFullNameMapperOutputWithContext(ctx context.Context) FullNameMapperOutput }
type FullNameMapperMap ¶ added in v3.4.1
type FullNameMapperMap map[string]FullNameMapperInput
func (FullNameMapperMap) ElementType ¶ added in v3.4.1
func (FullNameMapperMap) ElementType() reflect.Type
func (FullNameMapperMap) ToFullNameMapperMapOutput ¶ added in v3.4.1
func (i FullNameMapperMap) ToFullNameMapperMapOutput() FullNameMapperMapOutput
func (FullNameMapperMap) ToFullNameMapperMapOutputWithContext ¶ added in v3.4.1
func (i FullNameMapperMap) ToFullNameMapperMapOutputWithContext(ctx context.Context) FullNameMapperMapOutput
type FullNameMapperMapInput ¶ added in v3.4.1
type FullNameMapperMapInput interface { pulumi.Input ToFullNameMapperMapOutput() FullNameMapperMapOutput ToFullNameMapperMapOutputWithContext(context.Context) FullNameMapperMapOutput }
FullNameMapperMapInput is an input type that accepts FullNameMapperMap and FullNameMapperMapOutput values. You can construct a concrete instance of `FullNameMapperMapInput` via:
FullNameMapperMap{ "key": FullNameMapperArgs{...} }
type FullNameMapperMapOutput ¶ added in v3.4.1
type FullNameMapperMapOutput struct{ *pulumi.OutputState }
func (FullNameMapperMapOutput) ElementType ¶ added in v3.4.1
func (FullNameMapperMapOutput) ElementType() reflect.Type
func (FullNameMapperMapOutput) MapIndex ¶ added in v3.4.1
func (o FullNameMapperMapOutput) MapIndex(k pulumi.StringInput) FullNameMapperOutput
func (FullNameMapperMapOutput) ToFullNameMapperMapOutput ¶ added in v3.4.1
func (o FullNameMapperMapOutput) ToFullNameMapperMapOutput() FullNameMapperMapOutput
func (FullNameMapperMapOutput) ToFullNameMapperMapOutputWithContext ¶ added in v3.4.1
func (o FullNameMapperMapOutput) ToFullNameMapperMapOutputWithContext(ctx context.Context) FullNameMapperMapOutput
type FullNameMapperOutput ¶ added in v3.1.1
type FullNameMapperOutput struct {
*pulumi.OutputState
}
func (FullNameMapperOutput) ElementType ¶ added in v3.1.1
func (FullNameMapperOutput) ElementType() reflect.Type
func (FullNameMapperOutput) ToFullNameMapperOutput ¶ added in v3.1.1
func (o FullNameMapperOutput) ToFullNameMapperOutput() FullNameMapperOutput
func (FullNameMapperOutput) ToFullNameMapperOutputWithContext ¶ added in v3.1.1
func (o FullNameMapperOutput) ToFullNameMapperOutputWithContext(ctx context.Context) FullNameMapperOutput
func (FullNameMapperOutput) ToFullNameMapperPtrOutput ¶ added in v3.4.1
func (o FullNameMapperOutput) ToFullNameMapperPtrOutput() FullNameMapperPtrOutput
func (FullNameMapperOutput) ToFullNameMapperPtrOutputWithContext ¶ added in v3.4.1
func (o FullNameMapperOutput) ToFullNameMapperPtrOutputWithContext(ctx context.Context) FullNameMapperPtrOutput
type FullNameMapperPtrInput ¶ added in v3.4.1
type FullNameMapperPtrInput interface { pulumi.Input ToFullNameMapperPtrOutput() FullNameMapperPtrOutput ToFullNameMapperPtrOutputWithContext(ctx context.Context) FullNameMapperPtrOutput }
type FullNameMapperPtrOutput ¶ added in v3.4.1
type FullNameMapperPtrOutput struct {
*pulumi.OutputState
}
func (FullNameMapperPtrOutput) ElementType ¶ added in v3.4.1
func (FullNameMapperPtrOutput) ElementType() reflect.Type
func (FullNameMapperPtrOutput) ToFullNameMapperPtrOutput ¶ added in v3.4.1
func (o FullNameMapperPtrOutput) ToFullNameMapperPtrOutput() FullNameMapperPtrOutput
func (FullNameMapperPtrOutput) ToFullNameMapperPtrOutputWithContext ¶ added in v3.4.1
func (o FullNameMapperPtrOutput) ToFullNameMapperPtrOutputWithContext(ctx context.Context) FullNameMapperPtrOutput
type FullNameMapperState ¶
type FullNameMapperState struct { // The name of the LDAP attribute containing the user's full name. LdapFullNameAttribute pulumi.StringPtrInput // The ID of the LDAP user federation provider to attach this mapper to. LdapUserFederationId pulumi.StringPtrInput // Display name of this mapper when displayed in the console. Name pulumi.StringPtrInput // When `true`, updates to a user within Keycloak will not be written back to LDAP. Defaults to `false`. ReadOnly pulumi.BoolPtrInput // The realm that this LDAP mapper will exist in. RealmId pulumi.StringPtrInput // When `true`, this mapper will only be used to write updates to LDAP. Defaults to `false`. WriteOnly pulumi.BoolPtrInput }
func (FullNameMapperState) ElementType ¶
func (FullNameMapperState) ElementType() reflect.Type
type GroupMapper ¶
type GroupMapper struct { pulumi.CustomResourceState // When `true`, groups that no longer exist within LDAP will be dropped in Keycloak during sync. Defaults to `false`. DropNonExistingGroupsDuringSync pulumi.BoolPtrOutput `pulumi:"dropNonExistingGroupsDuringSync"` // The name of the LDAP attribute that is used in group objects for the name and RDN of the group. Typically `cn`. GroupNameLdapAttribute pulumi.StringOutput `pulumi:"groupNameLdapAttribute"` // List of strings representing the object classes for the group. Must contain at least one. GroupObjectClasses pulumi.StringArrayOutput `pulumi:"groupObjectClasses"` // When specified, adds an additional custom filter to be used when querying for groups. Must start with `(` and end with `)`. GroupsLdapFilter pulumi.StringPtrOutput `pulumi:"groupsLdapFilter"` // Keycloak group path the LDAP groups are added to. For example if value `/Applications/App1` is used, then LDAP groups will be available in Keycloak under group `App1`, which is the child of top level group `Applications`. The configured group path must already exist in Keycloak when creating this mapper. GroupsPath pulumi.StringOutput `pulumi:"groupsPath"` // When `true`, missing groups in the hierarchy will be ignored. IgnoreMissingGroups pulumi.BoolPtrOutput `pulumi:"ignoreMissingGroups"` // The LDAP DN where groups can be found. LdapGroupsDn pulumi.StringOutput `pulumi:"ldapGroupsDn"` // The ID of the LDAP user federation provider to attach this mapper to. LdapUserFederationId pulumi.StringOutput `pulumi:"ldapUserFederationId"` // Array of strings representing attributes on the LDAP group which will be mapped to attributes on the Keycloak group. MappedGroupAttributes pulumi.StringArrayOutput `pulumi:"mappedGroupAttributes"` // Specifies the name of the LDAP attribute on the LDAP user that contains the groups the user is a member of. Defaults to `memberOf`. MemberofLdapAttribute pulumi.StringPtrOutput `pulumi:"memberofLdapAttribute"` // Can be one of `DN` or `UID`. Defaults to `DN`. MembershipAttributeType pulumi.StringPtrOutput `pulumi:"membershipAttributeType"` // The name of the LDAP attribute that is used for membership mappings. MembershipLdapAttribute pulumi.StringOutput `pulumi:"membershipLdapAttribute"` // The name of the LDAP attribute on a user that is used for membership mappings. MembershipUserLdapAttribute pulumi.StringOutput `pulumi:"membershipUserLdapAttribute"` // Can be one of `READ_ONLY`, `LDAP_ONLY` or `IMPORT`. Defaults to `READ_ONLY`. Mode pulumi.StringPtrOutput `pulumi:"mode"` // Display name of this mapper when displayed in the console. Name pulumi.StringOutput `pulumi:"name"` // When `true`, group inheritance will be propagated from LDAP to Keycloak. When `false`, all LDAP groups will be propagated as top level groups within Keycloak. PreserveGroupInheritance pulumi.BoolPtrOutput `pulumi:"preserveGroupInheritance"` // The realm that this LDAP mapper will exist in. RealmId pulumi.StringOutput `pulumi:"realmId"` // Can be one of `LOAD_GROUPS_BY_MEMBER_ATTRIBUTE`, `GET_GROUPS_FROM_USER_MEMBEROF_ATTRIBUTE`, or `LOAD_GROUPS_BY_MEMBER_ATTRIBUTE_RECURSIVELY`. Defaults to `LOAD_GROUPS_BY_MEMBER_ATTRIBUTE`. UserRolesRetrieveStrategy pulumi.StringPtrOutput `pulumi:"userRolesRetrieveStrategy"` }
Allows for creating and managing group mappers for Keycloak users federated via LDAP.
The LDAP group mapper can be used to map an LDAP user's groups from some DN to Keycloak groups. This group mapper will also create the groups within Keycloak if they do not already exist.
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-keycloak/sdk/v3/go/keycloak" "github.com/pulumi/pulumi-keycloak/sdk/v3/go/keycloak/ldap" "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { realm, err := keycloak.NewRealm(ctx, "realm", &keycloak.RealmArgs{ Realm: pulumi.String("my-realm"), Enabled: pulumi.Bool(true), }) if err != nil { return err } ldapUserFederation, err := ldap.NewUserFederation(ctx, "ldapUserFederation", &ldap.UserFederationArgs{ RealmId: realm.ID(), UsernameLdapAttribute: pulumi.String("cn"), RdnLdapAttribute: pulumi.String("cn"), UuidLdapAttribute: pulumi.String("entryDN"), UserObjectClasses: pulumi.StringArray{ pulumi.String("simpleSecurityObject"), pulumi.String("organizationalRole"), }, ConnectionUrl: pulumi.String("ldap://openldap"), UsersDn: pulumi.String("dc=example,dc=org"), BindDn: pulumi.String("cn=admin,dc=example,dc=org"), BindCredential: pulumi.String("admin"), }) if err != nil { return err } _, err = ldap.NewGroupMapper(ctx, "ldapGroupMapper", &ldap.GroupMapperArgs{ RealmId: realm.ID(), LdapUserFederationId: ldapUserFederation.ID(), LdapGroupsDn: pulumi.String("dc=example,dc=org"), GroupNameLdapAttribute: pulumi.String("cn"), GroupObjectClasses: pulumi.StringArray{ pulumi.String("groupOfNames"), }, MembershipAttributeType: pulumi.String("DN"), MembershipLdapAttribute: pulumi.String("member"), MembershipUserLdapAttribute: pulumi.String("cn"), MemberofLdapAttribute: pulumi.String("memberOf"), }) if err != nil { return err } return nil }) }
```
## Import
LDAP mappers can be imported using the format `{{realm_id}}/{{ldap_user_federation_id}}/{{ldap_mapper_id}}`. The ID of the LDAP user federation provider and the mapper can be found within the Keycloak GUI, and they are typically GUIDs. Examplebash
```sh
$ pulumi import keycloak:ldap/groupMapper:GroupMapper ldap_group_mapper my-realm/af2a6ca3-e4d7-49c3-b08b-1b3c70b4b860/3d923ece-1a91-4bf7-adaf-3b82f2a12b67
```
func GetGroupMapper ¶
func GetGroupMapper(ctx *pulumi.Context, name string, id pulumi.IDInput, state *GroupMapperState, opts ...pulumi.ResourceOption) (*GroupMapper, error)
GetGroupMapper gets an existing GroupMapper resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewGroupMapper ¶
func NewGroupMapper(ctx *pulumi.Context, name string, args *GroupMapperArgs, opts ...pulumi.ResourceOption) (*GroupMapper, error)
NewGroupMapper registers a new resource with the given unique name, arguments, and options.
func (*GroupMapper) ElementType ¶ added in v3.1.1
func (*GroupMapper) ElementType() reflect.Type
func (*GroupMapper) ToGroupMapperOutput ¶ added in v3.1.1
func (i *GroupMapper) ToGroupMapperOutput() GroupMapperOutput
func (*GroupMapper) ToGroupMapperOutputWithContext ¶ added in v3.1.1
func (i *GroupMapper) ToGroupMapperOutputWithContext(ctx context.Context) GroupMapperOutput
func (*GroupMapper) ToGroupMapperPtrOutput ¶ added in v3.4.1
func (i *GroupMapper) ToGroupMapperPtrOutput() GroupMapperPtrOutput
func (*GroupMapper) ToGroupMapperPtrOutputWithContext ¶ added in v3.4.1
func (i *GroupMapper) ToGroupMapperPtrOutputWithContext(ctx context.Context) GroupMapperPtrOutput
type GroupMapperArgs ¶
type GroupMapperArgs struct { // When `true`, groups that no longer exist within LDAP will be dropped in Keycloak during sync. Defaults to `false`. DropNonExistingGroupsDuringSync pulumi.BoolPtrInput // The name of the LDAP attribute that is used in group objects for the name and RDN of the group. Typically `cn`. GroupNameLdapAttribute pulumi.StringInput // List of strings representing the object classes for the group. Must contain at least one. GroupObjectClasses pulumi.StringArrayInput // When specified, adds an additional custom filter to be used when querying for groups. Must start with `(` and end with `)`. GroupsLdapFilter pulumi.StringPtrInput // Keycloak group path the LDAP groups are added to. For example if value `/Applications/App1` is used, then LDAP groups will be available in Keycloak under group `App1`, which is the child of top level group `Applications`. The configured group path must already exist in Keycloak when creating this mapper. GroupsPath pulumi.StringPtrInput // When `true`, missing groups in the hierarchy will be ignored. IgnoreMissingGroups pulumi.BoolPtrInput // The LDAP DN where groups can be found. LdapGroupsDn pulumi.StringInput // The ID of the LDAP user federation provider to attach this mapper to. LdapUserFederationId pulumi.StringInput // Array of strings representing attributes on the LDAP group which will be mapped to attributes on the Keycloak group. MappedGroupAttributes pulumi.StringArrayInput // Specifies the name of the LDAP attribute on the LDAP user that contains the groups the user is a member of. Defaults to `memberOf`. MemberofLdapAttribute pulumi.StringPtrInput // Can be one of `DN` or `UID`. Defaults to `DN`. MembershipAttributeType pulumi.StringPtrInput // The name of the LDAP attribute that is used for membership mappings. MembershipLdapAttribute pulumi.StringInput // The name of the LDAP attribute on a user that is used for membership mappings. MembershipUserLdapAttribute pulumi.StringInput // Can be one of `READ_ONLY`, `LDAP_ONLY` or `IMPORT`. Defaults to `READ_ONLY`. Mode pulumi.StringPtrInput // Display name of this mapper when displayed in the console. Name pulumi.StringPtrInput // When `true`, group inheritance will be propagated from LDAP to Keycloak. When `false`, all LDAP groups will be propagated as top level groups within Keycloak. PreserveGroupInheritance pulumi.BoolPtrInput // The realm that this LDAP mapper will exist in. RealmId pulumi.StringInput // Can be one of `LOAD_GROUPS_BY_MEMBER_ATTRIBUTE`, `GET_GROUPS_FROM_USER_MEMBEROF_ATTRIBUTE`, or `LOAD_GROUPS_BY_MEMBER_ATTRIBUTE_RECURSIVELY`. Defaults to `LOAD_GROUPS_BY_MEMBER_ATTRIBUTE`. UserRolesRetrieveStrategy pulumi.StringPtrInput }
The set of arguments for constructing a GroupMapper resource.
func (GroupMapperArgs) ElementType ¶
func (GroupMapperArgs) ElementType() reflect.Type
type GroupMapperArray ¶ added in v3.4.1
type GroupMapperArray []GroupMapperInput
func (GroupMapperArray) ElementType ¶ added in v3.4.1
func (GroupMapperArray) ElementType() reflect.Type
func (GroupMapperArray) ToGroupMapperArrayOutput ¶ added in v3.4.1
func (i GroupMapperArray) ToGroupMapperArrayOutput() GroupMapperArrayOutput
func (GroupMapperArray) ToGroupMapperArrayOutputWithContext ¶ added in v3.4.1
func (i GroupMapperArray) ToGroupMapperArrayOutputWithContext(ctx context.Context) GroupMapperArrayOutput
type GroupMapperArrayInput ¶ added in v3.4.1
type GroupMapperArrayInput interface { pulumi.Input ToGroupMapperArrayOutput() GroupMapperArrayOutput ToGroupMapperArrayOutputWithContext(context.Context) GroupMapperArrayOutput }
GroupMapperArrayInput is an input type that accepts GroupMapperArray and GroupMapperArrayOutput values. You can construct a concrete instance of `GroupMapperArrayInput` via:
GroupMapperArray{ GroupMapperArgs{...} }
type GroupMapperArrayOutput ¶ added in v3.4.1
type GroupMapperArrayOutput struct{ *pulumi.OutputState }
func (GroupMapperArrayOutput) ElementType ¶ added in v3.4.1
func (GroupMapperArrayOutput) ElementType() reflect.Type
func (GroupMapperArrayOutput) Index ¶ added in v3.4.1
func (o GroupMapperArrayOutput) Index(i pulumi.IntInput) GroupMapperOutput
func (GroupMapperArrayOutput) ToGroupMapperArrayOutput ¶ added in v3.4.1
func (o GroupMapperArrayOutput) ToGroupMapperArrayOutput() GroupMapperArrayOutput
func (GroupMapperArrayOutput) ToGroupMapperArrayOutputWithContext ¶ added in v3.4.1
func (o GroupMapperArrayOutput) ToGroupMapperArrayOutputWithContext(ctx context.Context) GroupMapperArrayOutput
type GroupMapperInput ¶ added in v3.1.1
type GroupMapperInput interface { pulumi.Input ToGroupMapperOutput() GroupMapperOutput ToGroupMapperOutputWithContext(ctx context.Context) GroupMapperOutput }
type GroupMapperMap ¶ added in v3.4.1
type GroupMapperMap map[string]GroupMapperInput
func (GroupMapperMap) ElementType ¶ added in v3.4.1
func (GroupMapperMap) ElementType() reflect.Type
func (GroupMapperMap) ToGroupMapperMapOutput ¶ added in v3.4.1
func (i GroupMapperMap) ToGroupMapperMapOutput() GroupMapperMapOutput
func (GroupMapperMap) ToGroupMapperMapOutputWithContext ¶ added in v3.4.1
func (i GroupMapperMap) ToGroupMapperMapOutputWithContext(ctx context.Context) GroupMapperMapOutput
type GroupMapperMapInput ¶ added in v3.4.1
type GroupMapperMapInput interface { pulumi.Input ToGroupMapperMapOutput() GroupMapperMapOutput ToGroupMapperMapOutputWithContext(context.Context) GroupMapperMapOutput }
GroupMapperMapInput is an input type that accepts GroupMapperMap and GroupMapperMapOutput values. You can construct a concrete instance of `GroupMapperMapInput` via:
GroupMapperMap{ "key": GroupMapperArgs{...} }
type GroupMapperMapOutput ¶ added in v3.4.1
type GroupMapperMapOutput struct{ *pulumi.OutputState }
func (GroupMapperMapOutput) ElementType ¶ added in v3.4.1
func (GroupMapperMapOutput) ElementType() reflect.Type
func (GroupMapperMapOutput) MapIndex ¶ added in v3.4.1
func (o GroupMapperMapOutput) MapIndex(k pulumi.StringInput) GroupMapperOutput
func (GroupMapperMapOutput) ToGroupMapperMapOutput ¶ added in v3.4.1
func (o GroupMapperMapOutput) ToGroupMapperMapOutput() GroupMapperMapOutput
func (GroupMapperMapOutput) ToGroupMapperMapOutputWithContext ¶ added in v3.4.1
func (o GroupMapperMapOutput) ToGroupMapperMapOutputWithContext(ctx context.Context) GroupMapperMapOutput
type GroupMapperOutput ¶ added in v3.1.1
type GroupMapperOutput struct {
*pulumi.OutputState
}
func (GroupMapperOutput) ElementType ¶ added in v3.1.1
func (GroupMapperOutput) ElementType() reflect.Type
func (GroupMapperOutput) ToGroupMapperOutput ¶ added in v3.1.1
func (o GroupMapperOutput) ToGroupMapperOutput() GroupMapperOutput
func (GroupMapperOutput) ToGroupMapperOutputWithContext ¶ added in v3.1.1
func (o GroupMapperOutput) ToGroupMapperOutputWithContext(ctx context.Context) GroupMapperOutput
func (GroupMapperOutput) ToGroupMapperPtrOutput ¶ added in v3.4.1
func (o GroupMapperOutput) ToGroupMapperPtrOutput() GroupMapperPtrOutput
func (GroupMapperOutput) ToGroupMapperPtrOutputWithContext ¶ added in v3.4.1
func (o GroupMapperOutput) ToGroupMapperPtrOutputWithContext(ctx context.Context) GroupMapperPtrOutput
type GroupMapperPtrInput ¶ added in v3.4.1
type GroupMapperPtrInput interface { pulumi.Input ToGroupMapperPtrOutput() GroupMapperPtrOutput ToGroupMapperPtrOutputWithContext(ctx context.Context) GroupMapperPtrOutput }
type GroupMapperPtrOutput ¶ added in v3.4.1
type GroupMapperPtrOutput struct {
*pulumi.OutputState
}
func (GroupMapperPtrOutput) ElementType ¶ added in v3.4.1
func (GroupMapperPtrOutput) ElementType() reflect.Type
func (GroupMapperPtrOutput) ToGroupMapperPtrOutput ¶ added in v3.4.1
func (o GroupMapperPtrOutput) ToGroupMapperPtrOutput() GroupMapperPtrOutput
func (GroupMapperPtrOutput) ToGroupMapperPtrOutputWithContext ¶ added in v3.4.1
func (o GroupMapperPtrOutput) ToGroupMapperPtrOutputWithContext(ctx context.Context) GroupMapperPtrOutput
type GroupMapperState ¶
type GroupMapperState struct { // When `true`, groups that no longer exist within LDAP will be dropped in Keycloak during sync. Defaults to `false`. DropNonExistingGroupsDuringSync pulumi.BoolPtrInput // The name of the LDAP attribute that is used in group objects for the name and RDN of the group. Typically `cn`. GroupNameLdapAttribute pulumi.StringPtrInput // List of strings representing the object classes for the group. Must contain at least one. GroupObjectClasses pulumi.StringArrayInput // When specified, adds an additional custom filter to be used when querying for groups. Must start with `(` and end with `)`. GroupsLdapFilter pulumi.StringPtrInput // Keycloak group path the LDAP groups are added to. For example if value `/Applications/App1` is used, then LDAP groups will be available in Keycloak under group `App1`, which is the child of top level group `Applications`. The configured group path must already exist in Keycloak when creating this mapper. GroupsPath pulumi.StringPtrInput // When `true`, missing groups in the hierarchy will be ignored. IgnoreMissingGroups pulumi.BoolPtrInput // The LDAP DN where groups can be found. LdapGroupsDn pulumi.StringPtrInput // The ID of the LDAP user federation provider to attach this mapper to. LdapUserFederationId pulumi.StringPtrInput // Array of strings representing attributes on the LDAP group which will be mapped to attributes on the Keycloak group. MappedGroupAttributes pulumi.StringArrayInput // Specifies the name of the LDAP attribute on the LDAP user that contains the groups the user is a member of. Defaults to `memberOf`. MemberofLdapAttribute pulumi.StringPtrInput // Can be one of `DN` or `UID`. Defaults to `DN`. MembershipAttributeType pulumi.StringPtrInput // The name of the LDAP attribute that is used for membership mappings. MembershipLdapAttribute pulumi.StringPtrInput // The name of the LDAP attribute on a user that is used for membership mappings. MembershipUserLdapAttribute pulumi.StringPtrInput // Can be one of `READ_ONLY`, `LDAP_ONLY` or `IMPORT`. Defaults to `READ_ONLY`. Mode pulumi.StringPtrInput // Display name of this mapper when displayed in the console. Name pulumi.StringPtrInput // When `true`, group inheritance will be propagated from LDAP to Keycloak. When `false`, all LDAP groups will be propagated as top level groups within Keycloak. PreserveGroupInheritance pulumi.BoolPtrInput // The realm that this LDAP mapper will exist in. RealmId pulumi.StringPtrInput // Can be one of `LOAD_GROUPS_BY_MEMBER_ATTRIBUTE`, `GET_GROUPS_FROM_USER_MEMBEROF_ATTRIBUTE`, or `LOAD_GROUPS_BY_MEMBER_ATTRIBUTE_RECURSIVELY`. Defaults to `LOAD_GROUPS_BY_MEMBER_ATTRIBUTE`. UserRolesRetrieveStrategy pulumi.StringPtrInput }
func (GroupMapperState) ElementType ¶
func (GroupMapperState) ElementType() reflect.Type
type HardcodedGroupMapper ¶
type HardcodedGroupMapper struct { pulumi.CustomResourceState // Group to grant to user. Group pulumi.StringOutput `pulumi:"group"` // The ldap user federation provider to attach this mapper to. LdapUserFederationId pulumi.StringOutput `pulumi:"ldapUserFederationId"` // Display name of the mapper when displayed in the console. Name pulumi.StringOutput `pulumi:"name"` // The realm in which the ldap user federation provider exists. RealmId pulumi.StringOutput `pulumi:"realmId"` }
func GetHardcodedGroupMapper ¶
func GetHardcodedGroupMapper(ctx *pulumi.Context, name string, id pulumi.IDInput, state *HardcodedGroupMapperState, opts ...pulumi.ResourceOption) (*HardcodedGroupMapper, error)
GetHardcodedGroupMapper gets an existing HardcodedGroupMapper resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewHardcodedGroupMapper ¶
func NewHardcodedGroupMapper(ctx *pulumi.Context, name string, args *HardcodedGroupMapperArgs, opts ...pulumi.ResourceOption) (*HardcodedGroupMapper, error)
NewHardcodedGroupMapper registers a new resource with the given unique name, arguments, and options.
func (*HardcodedGroupMapper) ElementType ¶ added in v3.1.1
func (*HardcodedGroupMapper) ElementType() reflect.Type
func (*HardcodedGroupMapper) ToHardcodedGroupMapperOutput ¶ added in v3.1.1
func (i *HardcodedGroupMapper) ToHardcodedGroupMapperOutput() HardcodedGroupMapperOutput
func (*HardcodedGroupMapper) ToHardcodedGroupMapperOutputWithContext ¶ added in v3.1.1
func (i *HardcodedGroupMapper) ToHardcodedGroupMapperOutputWithContext(ctx context.Context) HardcodedGroupMapperOutput
func (*HardcodedGroupMapper) ToHardcodedGroupMapperPtrOutput ¶ added in v3.4.1
func (i *HardcodedGroupMapper) ToHardcodedGroupMapperPtrOutput() HardcodedGroupMapperPtrOutput
func (*HardcodedGroupMapper) ToHardcodedGroupMapperPtrOutputWithContext ¶ added in v3.4.1
func (i *HardcodedGroupMapper) ToHardcodedGroupMapperPtrOutputWithContext(ctx context.Context) HardcodedGroupMapperPtrOutput
type HardcodedGroupMapperArgs ¶
type HardcodedGroupMapperArgs struct { // Group to grant to user. Group pulumi.StringInput // The ldap user federation provider to attach this mapper to. LdapUserFederationId pulumi.StringInput // Display name of the mapper when displayed in the console. Name pulumi.StringPtrInput // The realm in which the ldap user federation provider exists. RealmId pulumi.StringInput }
The set of arguments for constructing a HardcodedGroupMapper resource.
func (HardcodedGroupMapperArgs) ElementType ¶
func (HardcodedGroupMapperArgs) ElementType() reflect.Type
type HardcodedGroupMapperArray ¶ added in v3.4.1
type HardcodedGroupMapperArray []HardcodedGroupMapperInput
func (HardcodedGroupMapperArray) ElementType ¶ added in v3.4.1
func (HardcodedGroupMapperArray) ElementType() reflect.Type
func (HardcodedGroupMapperArray) ToHardcodedGroupMapperArrayOutput ¶ added in v3.4.1
func (i HardcodedGroupMapperArray) ToHardcodedGroupMapperArrayOutput() HardcodedGroupMapperArrayOutput
func (HardcodedGroupMapperArray) ToHardcodedGroupMapperArrayOutputWithContext ¶ added in v3.4.1
func (i HardcodedGroupMapperArray) ToHardcodedGroupMapperArrayOutputWithContext(ctx context.Context) HardcodedGroupMapperArrayOutput
type HardcodedGroupMapperArrayInput ¶ added in v3.4.1
type HardcodedGroupMapperArrayInput interface { pulumi.Input ToHardcodedGroupMapperArrayOutput() HardcodedGroupMapperArrayOutput ToHardcodedGroupMapperArrayOutputWithContext(context.Context) HardcodedGroupMapperArrayOutput }
HardcodedGroupMapperArrayInput is an input type that accepts HardcodedGroupMapperArray and HardcodedGroupMapperArrayOutput values. You can construct a concrete instance of `HardcodedGroupMapperArrayInput` via:
HardcodedGroupMapperArray{ HardcodedGroupMapperArgs{...} }
type HardcodedGroupMapperArrayOutput ¶ added in v3.4.1
type HardcodedGroupMapperArrayOutput struct{ *pulumi.OutputState }
func (HardcodedGroupMapperArrayOutput) ElementType ¶ added in v3.4.1
func (HardcodedGroupMapperArrayOutput) ElementType() reflect.Type
func (HardcodedGroupMapperArrayOutput) Index ¶ added in v3.4.1
func (o HardcodedGroupMapperArrayOutput) Index(i pulumi.IntInput) HardcodedGroupMapperOutput
func (HardcodedGroupMapperArrayOutput) ToHardcodedGroupMapperArrayOutput ¶ added in v3.4.1
func (o HardcodedGroupMapperArrayOutput) ToHardcodedGroupMapperArrayOutput() HardcodedGroupMapperArrayOutput
func (HardcodedGroupMapperArrayOutput) ToHardcodedGroupMapperArrayOutputWithContext ¶ added in v3.4.1
func (o HardcodedGroupMapperArrayOutput) ToHardcodedGroupMapperArrayOutputWithContext(ctx context.Context) HardcodedGroupMapperArrayOutput
type HardcodedGroupMapperInput ¶ added in v3.1.1
type HardcodedGroupMapperInput interface { pulumi.Input ToHardcodedGroupMapperOutput() HardcodedGroupMapperOutput ToHardcodedGroupMapperOutputWithContext(ctx context.Context) HardcodedGroupMapperOutput }
type HardcodedGroupMapperMap ¶ added in v3.4.1
type HardcodedGroupMapperMap map[string]HardcodedGroupMapperInput
func (HardcodedGroupMapperMap) ElementType ¶ added in v3.4.1
func (HardcodedGroupMapperMap) ElementType() reflect.Type
func (HardcodedGroupMapperMap) ToHardcodedGroupMapperMapOutput ¶ added in v3.4.1
func (i HardcodedGroupMapperMap) ToHardcodedGroupMapperMapOutput() HardcodedGroupMapperMapOutput
func (HardcodedGroupMapperMap) ToHardcodedGroupMapperMapOutputWithContext ¶ added in v3.4.1
func (i HardcodedGroupMapperMap) ToHardcodedGroupMapperMapOutputWithContext(ctx context.Context) HardcodedGroupMapperMapOutput
type HardcodedGroupMapperMapInput ¶ added in v3.4.1
type HardcodedGroupMapperMapInput interface { pulumi.Input ToHardcodedGroupMapperMapOutput() HardcodedGroupMapperMapOutput ToHardcodedGroupMapperMapOutputWithContext(context.Context) HardcodedGroupMapperMapOutput }
HardcodedGroupMapperMapInput is an input type that accepts HardcodedGroupMapperMap and HardcodedGroupMapperMapOutput values. You can construct a concrete instance of `HardcodedGroupMapperMapInput` via:
HardcodedGroupMapperMap{ "key": HardcodedGroupMapperArgs{...} }
type HardcodedGroupMapperMapOutput ¶ added in v3.4.1
type HardcodedGroupMapperMapOutput struct{ *pulumi.OutputState }
func (HardcodedGroupMapperMapOutput) ElementType ¶ added in v3.4.1
func (HardcodedGroupMapperMapOutput) ElementType() reflect.Type
func (HardcodedGroupMapperMapOutput) MapIndex ¶ added in v3.4.1
func (o HardcodedGroupMapperMapOutput) MapIndex(k pulumi.StringInput) HardcodedGroupMapperOutput
func (HardcodedGroupMapperMapOutput) ToHardcodedGroupMapperMapOutput ¶ added in v3.4.1
func (o HardcodedGroupMapperMapOutput) ToHardcodedGroupMapperMapOutput() HardcodedGroupMapperMapOutput
func (HardcodedGroupMapperMapOutput) ToHardcodedGroupMapperMapOutputWithContext ¶ added in v3.4.1
func (o HardcodedGroupMapperMapOutput) ToHardcodedGroupMapperMapOutputWithContext(ctx context.Context) HardcodedGroupMapperMapOutput
type HardcodedGroupMapperOutput ¶ added in v3.1.1
type HardcodedGroupMapperOutput struct {
*pulumi.OutputState
}
func (HardcodedGroupMapperOutput) ElementType ¶ added in v3.1.1
func (HardcodedGroupMapperOutput) ElementType() reflect.Type
func (HardcodedGroupMapperOutput) ToHardcodedGroupMapperOutput ¶ added in v3.1.1
func (o HardcodedGroupMapperOutput) ToHardcodedGroupMapperOutput() HardcodedGroupMapperOutput
func (HardcodedGroupMapperOutput) ToHardcodedGroupMapperOutputWithContext ¶ added in v3.1.1
func (o HardcodedGroupMapperOutput) ToHardcodedGroupMapperOutputWithContext(ctx context.Context) HardcodedGroupMapperOutput
func (HardcodedGroupMapperOutput) ToHardcodedGroupMapperPtrOutput ¶ added in v3.4.1
func (o HardcodedGroupMapperOutput) ToHardcodedGroupMapperPtrOutput() HardcodedGroupMapperPtrOutput
func (HardcodedGroupMapperOutput) ToHardcodedGroupMapperPtrOutputWithContext ¶ added in v3.4.1
func (o HardcodedGroupMapperOutput) ToHardcodedGroupMapperPtrOutputWithContext(ctx context.Context) HardcodedGroupMapperPtrOutput
type HardcodedGroupMapperPtrInput ¶ added in v3.4.1
type HardcodedGroupMapperPtrInput interface { pulumi.Input ToHardcodedGroupMapperPtrOutput() HardcodedGroupMapperPtrOutput ToHardcodedGroupMapperPtrOutputWithContext(ctx context.Context) HardcodedGroupMapperPtrOutput }
type HardcodedGroupMapperPtrOutput ¶ added in v3.4.1
type HardcodedGroupMapperPtrOutput struct {
*pulumi.OutputState
}
func (HardcodedGroupMapperPtrOutput) ElementType ¶ added in v3.4.1
func (HardcodedGroupMapperPtrOutput) ElementType() reflect.Type
func (HardcodedGroupMapperPtrOutput) ToHardcodedGroupMapperPtrOutput ¶ added in v3.4.1
func (o HardcodedGroupMapperPtrOutput) ToHardcodedGroupMapperPtrOutput() HardcodedGroupMapperPtrOutput
func (HardcodedGroupMapperPtrOutput) ToHardcodedGroupMapperPtrOutputWithContext ¶ added in v3.4.1
func (o HardcodedGroupMapperPtrOutput) ToHardcodedGroupMapperPtrOutputWithContext(ctx context.Context) HardcodedGroupMapperPtrOutput
type HardcodedGroupMapperState ¶
type HardcodedGroupMapperState struct { // Group to grant to user. Group pulumi.StringPtrInput // The ldap user federation provider to attach this mapper to. LdapUserFederationId pulumi.StringPtrInput // Display name of the mapper when displayed in the console. Name pulumi.StringPtrInput // The realm in which the ldap user federation provider exists. RealmId pulumi.StringPtrInput }
func (HardcodedGroupMapperState) ElementType ¶
func (HardcodedGroupMapperState) ElementType() reflect.Type
type HardcodedRoleMapper ¶
type HardcodedRoleMapper struct { pulumi.CustomResourceState // The ID of the LDAP user federation provider to attach this mapper to. LdapUserFederationId pulumi.StringOutput `pulumi:"ldapUserFederationId"` // Display name of this mapper when displayed in the console. Name pulumi.StringOutput `pulumi:"name"` // The realm that this LDAP mapper will exist in. RealmId pulumi.StringOutput `pulumi:"realmId"` // The name of the role which should be assigned to the users. Client roles should use the format `{{client_id}}.{{client_role_name}}`. Role pulumi.StringOutput `pulumi:"role"` }
Allows for creating and managing hardcoded role mappers for Keycloak users federated via LDAP.
The LDAP hardcoded role mapper will grant a specified Keycloak role to each Keycloak user linked with LDAP.
## Example Usage ### Realm Role)
```go package main
import (
"github.com/pulumi/pulumi-keycloak/sdk/v3/go/keycloak" "github.com/pulumi/pulumi-keycloak/sdk/v3/go/keycloak/ldap" "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { realm, err := keycloak.NewRealm(ctx, "realm", &keycloak.RealmArgs{ Realm: pulumi.String("my-realm"), Enabled: pulumi.Bool(true), }) if err != nil { return err } ldapUserFederation, err := ldap.NewUserFederation(ctx, "ldapUserFederation", &ldap.UserFederationArgs{ RealmId: realm.ID(), UsernameLdapAttribute: pulumi.String("cn"), RdnLdapAttribute: pulumi.String("cn"), UuidLdapAttribute: pulumi.String("entryDN"), UserObjectClasses: pulumi.StringArray{ pulumi.String("simpleSecurityObject"), pulumi.String("organizationalRole"), }, ConnectionUrl: pulumi.String("ldap://openldap"), UsersDn: pulumi.String("dc=example,dc=org"), BindDn: pulumi.String("cn=admin,dc=example,dc=org"), BindCredential: pulumi.String("admin"), }) if err != nil { return err } realmAdminRole, err := keycloak.NewRole(ctx, "realmAdminRole", &keycloak.RoleArgs{ RealmId: realm.ID(), Description: pulumi.String("My Realm Role"), }) if err != nil { return err } _, err = ldap.NewHardcodedRoleMapper(ctx, "assignAdminRoleToAllUsers", &ldap.HardcodedRoleMapperArgs{ RealmId: realm.ID(), LdapUserFederationId: ldapUserFederation.ID(), Role: realmAdminRole.Name, }) if err != nil { return err } return nil }) }
``` ### Client Role)
```go package main
import (
"fmt" "github.com/pulumi/pulumi-keycloak/sdk/v3/go/keycloak" "github.com/pulumi/pulumi-keycloak/sdk/v3/go/keycloak/ldap" "github.com/pulumi/pulumi-keycloak/sdk/v3/go/keycloak/openid" "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { realm, err := keycloak.NewRealm(ctx, "realm", &keycloak.RealmArgs{ Realm: pulumi.String("my-realm"), Enabled: pulumi.Bool(true), }) if err != nil { return err } ldapUserFederation, err := ldap.NewUserFederation(ctx, "ldapUserFederation", &ldap.UserFederationArgs{ RealmId: realm.ID(), UsernameLdapAttribute: pulumi.String("cn"), RdnLdapAttribute: pulumi.String("cn"), UuidLdapAttribute: pulumi.String("entryDN"), UserObjectClasses: pulumi.StringArray{ pulumi.String("simpleSecurityObject"), pulumi.String("organizationalRole"), }, ConnectionUrl: pulumi.String("ldap://openldap"), UsersDn: pulumi.String("dc=example,dc=org"), BindDn: pulumi.String("cn=admin,dc=example,dc=org"), BindCredential: pulumi.String("admin"), }) if err != nil { return err } _, err = ldap.NewHardcodedRoleMapper(ctx, "assignAdminRoleToAllUsers", &ldap.HardcodedRoleMapperArgs{ RealmId: realm.ID(), LdapUserFederationId: ldapUserFederation.ID(), Role: pulumi.All(realmManagement, createClient).ApplyT(func(_args []interface{}) (string, error) { realmManagement := _args[0].(openid.LookupClientResult) createClient := _args[1].(keycloak.LookupRoleResult) return fmt.Sprintf("%v%v%v", realmManagement.ClientId, ".", createClient.Name), nil }).(pulumi.StringOutput), }) if err != nil { return err } return nil }) }
```
## Import
LDAP mappers can be imported using the format `{{realm_id}}/{{ldap_user_federation_id}}/{{ldap_mapper_id}}`. The ID of the LDAP user federation provider and the mapper can be found within the Keycloak GUI, and they are typically GUIDs. Examplebash
```sh
$ pulumi import keycloak:ldap/hardcodedRoleMapper:HardcodedRoleMapper assign_admin_role_to_all_users my-realm/af2a6ca3-e4d7-49c3-b08b-1b3c70b4b860/3d923ece-1a91-4bf7-adaf-3b82f2a12b67
```
func GetHardcodedRoleMapper ¶
func GetHardcodedRoleMapper(ctx *pulumi.Context, name string, id pulumi.IDInput, state *HardcodedRoleMapperState, opts ...pulumi.ResourceOption) (*HardcodedRoleMapper, error)
GetHardcodedRoleMapper gets an existing HardcodedRoleMapper resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewHardcodedRoleMapper ¶
func NewHardcodedRoleMapper(ctx *pulumi.Context, name string, args *HardcodedRoleMapperArgs, opts ...pulumi.ResourceOption) (*HardcodedRoleMapper, error)
NewHardcodedRoleMapper registers a new resource with the given unique name, arguments, and options.
func (*HardcodedRoleMapper) ElementType ¶ added in v3.1.1
func (*HardcodedRoleMapper) ElementType() reflect.Type
func (*HardcodedRoleMapper) ToHardcodedRoleMapperOutput ¶ added in v3.1.1
func (i *HardcodedRoleMapper) ToHardcodedRoleMapperOutput() HardcodedRoleMapperOutput
func (*HardcodedRoleMapper) ToHardcodedRoleMapperOutputWithContext ¶ added in v3.1.1
func (i *HardcodedRoleMapper) ToHardcodedRoleMapperOutputWithContext(ctx context.Context) HardcodedRoleMapperOutput
func (*HardcodedRoleMapper) ToHardcodedRoleMapperPtrOutput ¶ added in v3.4.1
func (i *HardcodedRoleMapper) ToHardcodedRoleMapperPtrOutput() HardcodedRoleMapperPtrOutput
func (*HardcodedRoleMapper) ToHardcodedRoleMapperPtrOutputWithContext ¶ added in v3.4.1
func (i *HardcodedRoleMapper) ToHardcodedRoleMapperPtrOutputWithContext(ctx context.Context) HardcodedRoleMapperPtrOutput
type HardcodedRoleMapperArgs ¶
type HardcodedRoleMapperArgs struct { // The ID of the LDAP user federation provider to attach this mapper to. LdapUserFederationId pulumi.StringInput // Display name of this mapper when displayed in the console. Name pulumi.StringPtrInput // The realm that this LDAP mapper will exist in. RealmId pulumi.StringInput // The name of the role which should be assigned to the users. Client roles should use the format `{{client_id}}.{{client_role_name}}`. Role pulumi.StringInput }
The set of arguments for constructing a HardcodedRoleMapper resource.
func (HardcodedRoleMapperArgs) ElementType ¶
func (HardcodedRoleMapperArgs) ElementType() reflect.Type
type HardcodedRoleMapperArray ¶ added in v3.4.1
type HardcodedRoleMapperArray []HardcodedRoleMapperInput
func (HardcodedRoleMapperArray) ElementType ¶ added in v3.4.1
func (HardcodedRoleMapperArray) ElementType() reflect.Type
func (HardcodedRoleMapperArray) ToHardcodedRoleMapperArrayOutput ¶ added in v3.4.1
func (i HardcodedRoleMapperArray) ToHardcodedRoleMapperArrayOutput() HardcodedRoleMapperArrayOutput
func (HardcodedRoleMapperArray) ToHardcodedRoleMapperArrayOutputWithContext ¶ added in v3.4.1
func (i HardcodedRoleMapperArray) ToHardcodedRoleMapperArrayOutputWithContext(ctx context.Context) HardcodedRoleMapperArrayOutput
type HardcodedRoleMapperArrayInput ¶ added in v3.4.1
type HardcodedRoleMapperArrayInput interface { pulumi.Input ToHardcodedRoleMapperArrayOutput() HardcodedRoleMapperArrayOutput ToHardcodedRoleMapperArrayOutputWithContext(context.Context) HardcodedRoleMapperArrayOutput }
HardcodedRoleMapperArrayInput is an input type that accepts HardcodedRoleMapperArray and HardcodedRoleMapperArrayOutput values. You can construct a concrete instance of `HardcodedRoleMapperArrayInput` via:
HardcodedRoleMapperArray{ HardcodedRoleMapperArgs{...} }
type HardcodedRoleMapperArrayOutput ¶ added in v3.4.1
type HardcodedRoleMapperArrayOutput struct{ *pulumi.OutputState }
func (HardcodedRoleMapperArrayOutput) ElementType ¶ added in v3.4.1
func (HardcodedRoleMapperArrayOutput) ElementType() reflect.Type
func (HardcodedRoleMapperArrayOutput) Index ¶ added in v3.4.1
func (o HardcodedRoleMapperArrayOutput) Index(i pulumi.IntInput) HardcodedRoleMapperOutput
func (HardcodedRoleMapperArrayOutput) ToHardcodedRoleMapperArrayOutput ¶ added in v3.4.1
func (o HardcodedRoleMapperArrayOutput) ToHardcodedRoleMapperArrayOutput() HardcodedRoleMapperArrayOutput
func (HardcodedRoleMapperArrayOutput) ToHardcodedRoleMapperArrayOutputWithContext ¶ added in v3.4.1
func (o HardcodedRoleMapperArrayOutput) ToHardcodedRoleMapperArrayOutputWithContext(ctx context.Context) HardcodedRoleMapperArrayOutput
type HardcodedRoleMapperInput ¶ added in v3.1.1
type HardcodedRoleMapperInput interface { pulumi.Input ToHardcodedRoleMapperOutput() HardcodedRoleMapperOutput ToHardcodedRoleMapperOutputWithContext(ctx context.Context) HardcodedRoleMapperOutput }
type HardcodedRoleMapperMap ¶ added in v3.4.1
type HardcodedRoleMapperMap map[string]HardcodedRoleMapperInput
func (HardcodedRoleMapperMap) ElementType ¶ added in v3.4.1
func (HardcodedRoleMapperMap) ElementType() reflect.Type
func (HardcodedRoleMapperMap) ToHardcodedRoleMapperMapOutput ¶ added in v3.4.1
func (i HardcodedRoleMapperMap) ToHardcodedRoleMapperMapOutput() HardcodedRoleMapperMapOutput
func (HardcodedRoleMapperMap) ToHardcodedRoleMapperMapOutputWithContext ¶ added in v3.4.1
func (i HardcodedRoleMapperMap) ToHardcodedRoleMapperMapOutputWithContext(ctx context.Context) HardcodedRoleMapperMapOutput
type HardcodedRoleMapperMapInput ¶ added in v3.4.1
type HardcodedRoleMapperMapInput interface { pulumi.Input ToHardcodedRoleMapperMapOutput() HardcodedRoleMapperMapOutput ToHardcodedRoleMapperMapOutputWithContext(context.Context) HardcodedRoleMapperMapOutput }
HardcodedRoleMapperMapInput is an input type that accepts HardcodedRoleMapperMap and HardcodedRoleMapperMapOutput values. You can construct a concrete instance of `HardcodedRoleMapperMapInput` via:
HardcodedRoleMapperMap{ "key": HardcodedRoleMapperArgs{...} }
type HardcodedRoleMapperMapOutput ¶ added in v3.4.1
type HardcodedRoleMapperMapOutput struct{ *pulumi.OutputState }
func (HardcodedRoleMapperMapOutput) ElementType ¶ added in v3.4.1
func (HardcodedRoleMapperMapOutput) ElementType() reflect.Type
func (HardcodedRoleMapperMapOutput) MapIndex ¶ added in v3.4.1
func (o HardcodedRoleMapperMapOutput) MapIndex(k pulumi.StringInput) HardcodedRoleMapperOutput
func (HardcodedRoleMapperMapOutput) ToHardcodedRoleMapperMapOutput ¶ added in v3.4.1
func (o HardcodedRoleMapperMapOutput) ToHardcodedRoleMapperMapOutput() HardcodedRoleMapperMapOutput
func (HardcodedRoleMapperMapOutput) ToHardcodedRoleMapperMapOutputWithContext ¶ added in v3.4.1
func (o HardcodedRoleMapperMapOutput) ToHardcodedRoleMapperMapOutputWithContext(ctx context.Context) HardcodedRoleMapperMapOutput
type HardcodedRoleMapperOutput ¶ added in v3.1.1
type HardcodedRoleMapperOutput struct {
*pulumi.OutputState
}
func (HardcodedRoleMapperOutput) ElementType ¶ added in v3.1.1
func (HardcodedRoleMapperOutput) ElementType() reflect.Type
func (HardcodedRoleMapperOutput) ToHardcodedRoleMapperOutput ¶ added in v3.1.1
func (o HardcodedRoleMapperOutput) ToHardcodedRoleMapperOutput() HardcodedRoleMapperOutput
func (HardcodedRoleMapperOutput) ToHardcodedRoleMapperOutputWithContext ¶ added in v3.1.1
func (o HardcodedRoleMapperOutput) ToHardcodedRoleMapperOutputWithContext(ctx context.Context) HardcodedRoleMapperOutput
func (HardcodedRoleMapperOutput) ToHardcodedRoleMapperPtrOutput ¶ added in v3.4.1
func (o HardcodedRoleMapperOutput) ToHardcodedRoleMapperPtrOutput() HardcodedRoleMapperPtrOutput
func (HardcodedRoleMapperOutput) ToHardcodedRoleMapperPtrOutputWithContext ¶ added in v3.4.1
func (o HardcodedRoleMapperOutput) ToHardcodedRoleMapperPtrOutputWithContext(ctx context.Context) HardcodedRoleMapperPtrOutput
type HardcodedRoleMapperPtrInput ¶ added in v3.4.1
type HardcodedRoleMapperPtrInput interface { pulumi.Input ToHardcodedRoleMapperPtrOutput() HardcodedRoleMapperPtrOutput ToHardcodedRoleMapperPtrOutputWithContext(ctx context.Context) HardcodedRoleMapperPtrOutput }
type HardcodedRoleMapperPtrOutput ¶ added in v3.4.1
type HardcodedRoleMapperPtrOutput struct {
*pulumi.OutputState
}
func (HardcodedRoleMapperPtrOutput) ElementType ¶ added in v3.4.1
func (HardcodedRoleMapperPtrOutput) ElementType() reflect.Type
func (HardcodedRoleMapperPtrOutput) ToHardcodedRoleMapperPtrOutput ¶ added in v3.4.1
func (o HardcodedRoleMapperPtrOutput) ToHardcodedRoleMapperPtrOutput() HardcodedRoleMapperPtrOutput
func (HardcodedRoleMapperPtrOutput) ToHardcodedRoleMapperPtrOutputWithContext ¶ added in v3.4.1
func (o HardcodedRoleMapperPtrOutput) ToHardcodedRoleMapperPtrOutputWithContext(ctx context.Context) HardcodedRoleMapperPtrOutput
type HardcodedRoleMapperState ¶
type HardcodedRoleMapperState struct { // The ID of the LDAP user federation provider to attach this mapper to. LdapUserFederationId pulumi.StringPtrInput // Display name of this mapper when displayed in the console. Name pulumi.StringPtrInput // The realm that this LDAP mapper will exist in. RealmId pulumi.StringPtrInput // The name of the role which should be assigned to the users. Client roles should use the format `{{client_id}}.{{client_role_name}}`. Role pulumi.StringPtrInput }
func (HardcodedRoleMapperState) ElementType ¶
func (HardcodedRoleMapperState) ElementType() reflect.Type
type MsadLdsUserAccountControlMapper ¶
type MsadLdsUserAccountControlMapper struct { pulumi.CustomResourceState // The ID of the LDAP user federation provider to attach this mapper to. LdapUserFederationId pulumi.StringOutput `pulumi:"ldapUserFederationId"` // Display name of this mapper when displayed in the console. Name pulumi.StringOutput `pulumi:"name"` // The realm that this LDAP mapper will exist in. RealmId pulumi.StringOutput `pulumi:"realmId"` }
Allows for creating and managing MSAD-LDS user account control mappers for Keycloak users federated via LDAP.
The MSAD-LDS (Microsoft Active Directory Lightweight Directory Service) user account control mapper is specific to LDAP user federation providers that are pulling from AD-LDS, and it can propagate AD-LDS user state to Keycloak in order to enforce settings like expired passwords or disabled accounts.
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-keycloak/sdk/v3/go/keycloak" "github.com/pulumi/pulumi-keycloak/sdk/v3/go/keycloak/ldap" "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { realm, err := keycloak.NewRealm(ctx, "realm", &keycloak.RealmArgs{ Realm: pulumi.String("my-realm"), Enabled: pulumi.Bool(true), }) if err != nil { return err } ldapUserFederation, err := ldap.NewUserFederation(ctx, "ldapUserFederation", &ldap.UserFederationArgs{ RealmId: realm.ID(), UsernameLdapAttribute: pulumi.String("cn"), RdnLdapAttribute: pulumi.String("cn"), UuidLdapAttribute: pulumi.String("objectGUID"), UserObjectClasses: pulumi.StringArray{ pulumi.String("person"), pulumi.String("organizationalPerson"), pulumi.String("user"), }, ConnectionUrl: pulumi.String("ldap://my-ad-server"), UsersDn: pulumi.String("dc=example,dc=org"), BindDn: pulumi.String("cn=admin,dc=example,dc=org"), BindCredential: pulumi.String("admin"), }) if err != nil { return err } _, err = ldap.NewMsadLdsUserAccountControlMapper(ctx, "msadLdsUserAccountControlMapper", &ldap.MsadLdsUserAccountControlMapperArgs{ RealmId: realm.ID(), LdapUserFederationId: ldapUserFederation.ID(), }) if err != nil { return err } return nil }) }
```
## Import
LDAP mappers can be imported using the format `{{realm_id}}/{{ldap_user_federation_id}}/{{ldap_mapper_id}}`. The ID of the LDAP user federation provider and the mapper can be found within the Keycloak GUI, and they are typically GUIDs. Examplebash
```sh
$ pulumi import keycloak:ldap/msadLdsUserAccountControlMapper:MsadLdsUserAccountControlMapper msad_lds_user_account_control_mapper my-realm/af2a6ca3-e4d7-49c3-b08b-1b3c70b4b860/3d923ece-1a91-4bf7-adaf-3b82f2a12b67
```
func GetMsadLdsUserAccountControlMapper ¶
func GetMsadLdsUserAccountControlMapper(ctx *pulumi.Context, name string, id pulumi.IDInput, state *MsadLdsUserAccountControlMapperState, opts ...pulumi.ResourceOption) (*MsadLdsUserAccountControlMapper, error)
GetMsadLdsUserAccountControlMapper gets an existing MsadLdsUserAccountControlMapper resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewMsadLdsUserAccountControlMapper ¶
func NewMsadLdsUserAccountControlMapper(ctx *pulumi.Context, name string, args *MsadLdsUserAccountControlMapperArgs, opts ...pulumi.ResourceOption) (*MsadLdsUserAccountControlMapper, error)
NewMsadLdsUserAccountControlMapper registers a new resource with the given unique name, arguments, and options.
func (*MsadLdsUserAccountControlMapper) ElementType ¶ added in v3.1.1
func (*MsadLdsUserAccountControlMapper) ElementType() reflect.Type
func (*MsadLdsUserAccountControlMapper) ToMsadLdsUserAccountControlMapperOutput ¶ added in v3.1.1
func (i *MsadLdsUserAccountControlMapper) ToMsadLdsUserAccountControlMapperOutput() MsadLdsUserAccountControlMapperOutput
func (*MsadLdsUserAccountControlMapper) ToMsadLdsUserAccountControlMapperOutputWithContext ¶ added in v3.1.1
func (i *MsadLdsUserAccountControlMapper) ToMsadLdsUserAccountControlMapperOutputWithContext(ctx context.Context) MsadLdsUserAccountControlMapperOutput
func (*MsadLdsUserAccountControlMapper) ToMsadLdsUserAccountControlMapperPtrOutput ¶ added in v3.4.1
func (i *MsadLdsUserAccountControlMapper) ToMsadLdsUserAccountControlMapperPtrOutput() MsadLdsUserAccountControlMapperPtrOutput
func (*MsadLdsUserAccountControlMapper) ToMsadLdsUserAccountControlMapperPtrOutputWithContext ¶ added in v3.4.1
func (i *MsadLdsUserAccountControlMapper) ToMsadLdsUserAccountControlMapperPtrOutputWithContext(ctx context.Context) MsadLdsUserAccountControlMapperPtrOutput
type MsadLdsUserAccountControlMapperArgs ¶
type MsadLdsUserAccountControlMapperArgs struct { // The ID of the LDAP user federation provider to attach this mapper to. LdapUserFederationId pulumi.StringInput // Display name of this mapper when displayed in the console. Name pulumi.StringPtrInput // The realm that this LDAP mapper will exist in. RealmId pulumi.StringInput }
The set of arguments for constructing a MsadLdsUserAccountControlMapper resource.
func (MsadLdsUserAccountControlMapperArgs) ElementType ¶
func (MsadLdsUserAccountControlMapperArgs) ElementType() reflect.Type
type MsadLdsUserAccountControlMapperArray ¶ added in v3.4.1
type MsadLdsUserAccountControlMapperArray []MsadLdsUserAccountControlMapperInput
func (MsadLdsUserAccountControlMapperArray) ElementType ¶ added in v3.4.1
func (MsadLdsUserAccountControlMapperArray) ElementType() reflect.Type
func (MsadLdsUserAccountControlMapperArray) ToMsadLdsUserAccountControlMapperArrayOutput ¶ added in v3.4.1
func (i MsadLdsUserAccountControlMapperArray) ToMsadLdsUserAccountControlMapperArrayOutput() MsadLdsUserAccountControlMapperArrayOutput
func (MsadLdsUserAccountControlMapperArray) ToMsadLdsUserAccountControlMapperArrayOutputWithContext ¶ added in v3.4.1
func (i MsadLdsUserAccountControlMapperArray) ToMsadLdsUserAccountControlMapperArrayOutputWithContext(ctx context.Context) MsadLdsUserAccountControlMapperArrayOutput
type MsadLdsUserAccountControlMapperArrayInput ¶ added in v3.4.1
type MsadLdsUserAccountControlMapperArrayInput interface { pulumi.Input ToMsadLdsUserAccountControlMapperArrayOutput() MsadLdsUserAccountControlMapperArrayOutput ToMsadLdsUserAccountControlMapperArrayOutputWithContext(context.Context) MsadLdsUserAccountControlMapperArrayOutput }
MsadLdsUserAccountControlMapperArrayInput is an input type that accepts MsadLdsUserAccountControlMapperArray and MsadLdsUserAccountControlMapperArrayOutput values. You can construct a concrete instance of `MsadLdsUserAccountControlMapperArrayInput` via:
MsadLdsUserAccountControlMapperArray{ MsadLdsUserAccountControlMapperArgs{...} }
type MsadLdsUserAccountControlMapperArrayOutput ¶ added in v3.4.1
type MsadLdsUserAccountControlMapperArrayOutput struct{ *pulumi.OutputState }
func (MsadLdsUserAccountControlMapperArrayOutput) ElementType ¶ added in v3.4.1
func (MsadLdsUserAccountControlMapperArrayOutput) ElementType() reflect.Type
func (MsadLdsUserAccountControlMapperArrayOutput) ToMsadLdsUserAccountControlMapperArrayOutput ¶ added in v3.4.1
func (o MsadLdsUserAccountControlMapperArrayOutput) ToMsadLdsUserAccountControlMapperArrayOutput() MsadLdsUserAccountControlMapperArrayOutput
func (MsadLdsUserAccountControlMapperArrayOutput) ToMsadLdsUserAccountControlMapperArrayOutputWithContext ¶ added in v3.4.1
func (o MsadLdsUserAccountControlMapperArrayOutput) ToMsadLdsUserAccountControlMapperArrayOutputWithContext(ctx context.Context) MsadLdsUserAccountControlMapperArrayOutput
type MsadLdsUserAccountControlMapperInput ¶ added in v3.1.1
type MsadLdsUserAccountControlMapperInput interface { pulumi.Input ToMsadLdsUserAccountControlMapperOutput() MsadLdsUserAccountControlMapperOutput ToMsadLdsUserAccountControlMapperOutputWithContext(ctx context.Context) MsadLdsUserAccountControlMapperOutput }
type MsadLdsUserAccountControlMapperMap ¶ added in v3.4.1
type MsadLdsUserAccountControlMapperMap map[string]MsadLdsUserAccountControlMapperInput
func (MsadLdsUserAccountControlMapperMap) ElementType ¶ added in v3.4.1
func (MsadLdsUserAccountControlMapperMap) ElementType() reflect.Type
func (MsadLdsUserAccountControlMapperMap) ToMsadLdsUserAccountControlMapperMapOutput ¶ added in v3.4.1
func (i MsadLdsUserAccountControlMapperMap) ToMsadLdsUserAccountControlMapperMapOutput() MsadLdsUserAccountControlMapperMapOutput
func (MsadLdsUserAccountControlMapperMap) ToMsadLdsUserAccountControlMapperMapOutputWithContext ¶ added in v3.4.1
func (i MsadLdsUserAccountControlMapperMap) ToMsadLdsUserAccountControlMapperMapOutputWithContext(ctx context.Context) MsadLdsUserAccountControlMapperMapOutput
type MsadLdsUserAccountControlMapperMapInput ¶ added in v3.4.1
type MsadLdsUserAccountControlMapperMapInput interface { pulumi.Input ToMsadLdsUserAccountControlMapperMapOutput() MsadLdsUserAccountControlMapperMapOutput ToMsadLdsUserAccountControlMapperMapOutputWithContext(context.Context) MsadLdsUserAccountControlMapperMapOutput }
MsadLdsUserAccountControlMapperMapInput is an input type that accepts MsadLdsUserAccountControlMapperMap and MsadLdsUserAccountControlMapperMapOutput values. You can construct a concrete instance of `MsadLdsUserAccountControlMapperMapInput` via:
MsadLdsUserAccountControlMapperMap{ "key": MsadLdsUserAccountControlMapperArgs{...} }
type MsadLdsUserAccountControlMapperMapOutput ¶ added in v3.4.1
type MsadLdsUserAccountControlMapperMapOutput struct{ *pulumi.OutputState }
func (MsadLdsUserAccountControlMapperMapOutput) ElementType ¶ added in v3.4.1
func (MsadLdsUserAccountControlMapperMapOutput) ElementType() reflect.Type
func (MsadLdsUserAccountControlMapperMapOutput) MapIndex ¶ added in v3.4.1
func (o MsadLdsUserAccountControlMapperMapOutput) MapIndex(k pulumi.StringInput) MsadLdsUserAccountControlMapperOutput
func (MsadLdsUserAccountControlMapperMapOutput) ToMsadLdsUserAccountControlMapperMapOutput ¶ added in v3.4.1
func (o MsadLdsUserAccountControlMapperMapOutput) ToMsadLdsUserAccountControlMapperMapOutput() MsadLdsUserAccountControlMapperMapOutput
func (MsadLdsUserAccountControlMapperMapOutput) ToMsadLdsUserAccountControlMapperMapOutputWithContext ¶ added in v3.4.1
func (o MsadLdsUserAccountControlMapperMapOutput) ToMsadLdsUserAccountControlMapperMapOutputWithContext(ctx context.Context) MsadLdsUserAccountControlMapperMapOutput
type MsadLdsUserAccountControlMapperOutput ¶ added in v3.1.1
type MsadLdsUserAccountControlMapperOutput struct {
*pulumi.OutputState
}
func (MsadLdsUserAccountControlMapperOutput) ElementType ¶ added in v3.1.1
func (MsadLdsUserAccountControlMapperOutput) ElementType() reflect.Type
func (MsadLdsUserAccountControlMapperOutput) ToMsadLdsUserAccountControlMapperOutput ¶ added in v3.1.1
func (o MsadLdsUserAccountControlMapperOutput) ToMsadLdsUserAccountControlMapperOutput() MsadLdsUserAccountControlMapperOutput
func (MsadLdsUserAccountControlMapperOutput) ToMsadLdsUserAccountControlMapperOutputWithContext ¶ added in v3.1.1
func (o MsadLdsUserAccountControlMapperOutput) ToMsadLdsUserAccountControlMapperOutputWithContext(ctx context.Context) MsadLdsUserAccountControlMapperOutput
func (MsadLdsUserAccountControlMapperOutput) ToMsadLdsUserAccountControlMapperPtrOutput ¶ added in v3.4.1
func (o MsadLdsUserAccountControlMapperOutput) ToMsadLdsUserAccountControlMapperPtrOutput() MsadLdsUserAccountControlMapperPtrOutput
func (MsadLdsUserAccountControlMapperOutput) ToMsadLdsUserAccountControlMapperPtrOutputWithContext ¶ added in v3.4.1
func (o MsadLdsUserAccountControlMapperOutput) ToMsadLdsUserAccountControlMapperPtrOutputWithContext(ctx context.Context) MsadLdsUserAccountControlMapperPtrOutput
type MsadLdsUserAccountControlMapperPtrInput ¶ added in v3.4.1
type MsadLdsUserAccountControlMapperPtrInput interface { pulumi.Input ToMsadLdsUserAccountControlMapperPtrOutput() MsadLdsUserAccountControlMapperPtrOutput ToMsadLdsUserAccountControlMapperPtrOutputWithContext(ctx context.Context) MsadLdsUserAccountControlMapperPtrOutput }
type MsadLdsUserAccountControlMapperPtrOutput ¶ added in v3.4.1
type MsadLdsUserAccountControlMapperPtrOutput struct {
*pulumi.OutputState
}
func (MsadLdsUserAccountControlMapperPtrOutput) ElementType ¶ added in v3.4.1
func (MsadLdsUserAccountControlMapperPtrOutput) ElementType() reflect.Type
func (MsadLdsUserAccountControlMapperPtrOutput) ToMsadLdsUserAccountControlMapperPtrOutput ¶ added in v3.4.1
func (o MsadLdsUserAccountControlMapperPtrOutput) ToMsadLdsUserAccountControlMapperPtrOutput() MsadLdsUserAccountControlMapperPtrOutput
func (MsadLdsUserAccountControlMapperPtrOutput) ToMsadLdsUserAccountControlMapperPtrOutputWithContext ¶ added in v3.4.1
func (o MsadLdsUserAccountControlMapperPtrOutput) ToMsadLdsUserAccountControlMapperPtrOutputWithContext(ctx context.Context) MsadLdsUserAccountControlMapperPtrOutput
type MsadLdsUserAccountControlMapperState ¶
type MsadLdsUserAccountControlMapperState struct { // The ID of the LDAP user federation provider to attach this mapper to. LdapUserFederationId pulumi.StringPtrInput // Display name of this mapper when displayed in the console. Name pulumi.StringPtrInput // The realm that this LDAP mapper will exist in. RealmId pulumi.StringPtrInput }
func (MsadLdsUserAccountControlMapperState) ElementType ¶
func (MsadLdsUserAccountControlMapperState) ElementType() reflect.Type
type MsadUserAccountControlMapper ¶
type MsadUserAccountControlMapper struct { pulumi.CustomResourceState // When `true`, advanced password policies, such as password hints and previous password history will be used when writing new passwords to AD. Defaults to `false`. LdapPasswordPolicyHintsEnabled pulumi.BoolPtrOutput `pulumi:"ldapPasswordPolicyHintsEnabled"` // The ID of the LDAP user federation provider to attach this mapper to. LdapUserFederationId pulumi.StringOutput `pulumi:"ldapUserFederationId"` // Display name of this mapper when displayed in the console. Name pulumi.StringOutput `pulumi:"name"` // The realm that this LDAP mapper will exist in. RealmId pulumi.StringOutput `pulumi:"realmId"` }
Allows for creating and managing MSAD user account control mappers for Keycloak users federated via LDAP.
The MSAD (Microsoft Active Directory) user account control mapper is specific to LDAP user federation providers that are pulling from AD, and it can propagate AD user state to Keycloak in order to enforce settings like expired passwords or disabled accounts.
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-keycloak/sdk/v3/go/keycloak" "github.com/pulumi/pulumi-keycloak/sdk/v3/go/keycloak/ldap" "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { realm, err := keycloak.NewRealm(ctx, "realm", &keycloak.RealmArgs{ Realm: pulumi.String("my-realm"), Enabled: pulumi.Bool(true), }) if err != nil { return err } ldapUserFederation, err := ldap.NewUserFederation(ctx, "ldapUserFederation", &ldap.UserFederationArgs{ RealmId: realm.ID(), UsernameLdapAttribute: pulumi.String("cn"), RdnLdapAttribute: pulumi.String("cn"), UuidLdapAttribute: pulumi.String("objectGUID"), UserObjectClasses: pulumi.StringArray{ pulumi.String("person"), pulumi.String("organizationalPerson"), pulumi.String("user"), }, ConnectionUrl: pulumi.String("ldap://my-ad-server"), UsersDn: pulumi.String("dc=example,dc=org"), BindDn: pulumi.String("cn=admin,dc=example,dc=org"), BindCredential: pulumi.String("admin"), }) if err != nil { return err } _, err = ldap.NewMsadUserAccountControlMapper(ctx, "msadUserAccountControlMapper", &ldap.MsadUserAccountControlMapperArgs{ RealmId: realm.ID(), LdapUserFederationId: ldapUserFederation.ID(), }) if err != nil { return err } return nil }) }
```
## Import
LDAP mappers can be imported using the format `{{realm_id}}/{{ldap_user_federation_id}}/{{ldap_mapper_id}}`. The ID of the LDAP user federation provider and the mapper can be found within the Keycloak GUI, and they are typically GUIDs. Examplebash
```sh
$ pulumi import keycloak:ldap/msadUserAccountControlMapper:MsadUserAccountControlMapper msad_user_account_control_mapper my-realm/af2a6ca3-e4d7-49c3-b08b-1b3c70b4b860/3d923ece-1a91-4bf7-adaf-3b82f2a12b67
```
func GetMsadUserAccountControlMapper ¶
func GetMsadUserAccountControlMapper(ctx *pulumi.Context, name string, id pulumi.IDInput, state *MsadUserAccountControlMapperState, opts ...pulumi.ResourceOption) (*MsadUserAccountControlMapper, error)
GetMsadUserAccountControlMapper gets an existing MsadUserAccountControlMapper resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewMsadUserAccountControlMapper ¶
func NewMsadUserAccountControlMapper(ctx *pulumi.Context, name string, args *MsadUserAccountControlMapperArgs, opts ...pulumi.ResourceOption) (*MsadUserAccountControlMapper, error)
NewMsadUserAccountControlMapper registers a new resource with the given unique name, arguments, and options.
func (*MsadUserAccountControlMapper) ElementType ¶ added in v3.1.1
func (*MsadUserAccountControlMapper) ElementType() reflect.Type
func (*MsadUserAccountControlMapper) ToMsadUserAccountControlMapperOutput ¶ added in v3.1.1
func (i *MsadUserAccountControlMapper) ToMsadUserAccountControlMapperOutput() MsadUserAccountControlMapperOutput
func (*MsadUserAccountControlMapper) ToMsadUserAccountControlMapperOutputWithContext ¶ added in v3.1.1
func (i *MsadUserAccountControlMapper) ToMsadUserAccountControlMapperOutputWithContext(ctx context.Context) MsadUserAccountControlMapperOutput
func (*MsadUserAccountControlMapper) ToMsadUserAccountControlMapperPtrOutput ¶ added in v3.4.1
func (i *MsadUserAccountControlMapper) ToMsadUserAccountControlMapperPtrOutput() MsadUserAccountControlMapperPtrOutput
func (*MsadUserAccountControlMapper) ToMsadUserAccountControlMapperPtrOutputWithContext ¶ added in v3.4.1
func (i *MsadUserAccountControlMapper) ToMsadUserAccountControlMapperPtrOutputWithContext(ctx context.Context) MsadUserAccountControlMapperPtrOutput
type MsadUserAccountControlMapperArgs ¶
type MsadUserAccountControlMapperArgs struct { // When `true`, advanced password policies, such as password hints and previous password history will be used when writing new passwords to AD. Defaults to `false`. LdapPasswordPolicyHintsEnabled pulumi.BoolPtrInput // The ID of the LDAP user federation provider to attach this mapper to. LdapUserFederationId pulumi.StringInput // Display name of this mapper when displayed in the console. Name pulumi.StringPtrInput // The realm that this LDAP mapper will exist in. RealmId pulumi.StringInput }
The set of arguments for constructing a MsadUserAccountControlMapper resource.
func (MsadUserAccountControlMapperArgs) ElementType ¶
func (MsadUserAccountControlMapperArgs) ElementType() reflect.Type
type MsadUserAccountControlMapperArray ¶ added in v3.4.1
type MsadUserAccountControlMapperArray []MsadUserAccountControlMapperInput
func (MsadUserAccountControlMapperArray) ElementType ¶ added in v3.4.1
func (MsadUserAccountControlMapperArray) ElementType() reflect.Type
func (MsadUserAccountControlMapperArray) ToMsadUserAccountControlMapperArrayOutput ¶ added in v3.4.1
func (i MsadUserAccountControlMapperArray) ToMsadUserAccountControlMapperArrayOutput() MsadUserAccountControlMapperArrayOutput
func (MsadUserAccountControlMapperArray) ToMsadUserAccountControlMapperArrayOutputWithContext ¶ added in v3.4.1
func (i MsadUserAccountControlMapperArray) ToMsadUserAccountControlMapperArrayOutputWithContext(ctx context.Context) MsadUserAccountControlMapperArrayOutput
type MsadUserAccountControlMapperArrayInput ¶ added in v3.4.1
type MsadUserAccountControlMapperArrayInput interface { pulumi.Input ToMsadUserAccountControlMapperArrayOutput() MsadUserAccountControlMapperArrayOutput ToMsadUserAccountControlMapperArrayOutputWithContext(context.Context) MsadUserAccountControlMapperArrayOutput }
MsadUserAccountControlMapperArrayInput is an input type that accepts MsadUserAccountControlMapperArray and MsadUserAccountControlMapperArrayOutput values. You can construct a concrete instance of `MsadUserAccountControlMapperArrayInput` via:
MsadUserAccountControlMapperArray{ MsadUserAccountControlMapperArgs{...} }
type MsadUserAccountControlMapperArrayOutput ¶ added in v3.4.1
type MsadUserAccountControlMapperArrayOutput struct{ *pulumi.OutputState }
func (MsadUserAccountControlMapperArrayOutput) ElementType ¶ added in v3.4.1
func (MsadUserAccountControlMapperArrayOutput) ElementType() reflect.Type
func (MsadUserAccountControlMapperArrayOutput) ToMsadUserAccountControlMapperArrayOutput ¶ added in v3.4.1
func (o MsadUserAccountControlMapperArrayOutput) ToMsadUserAccountControlMapperArrayOutput() MsadUserAccountControlMapperArrayOutput
func (MsadUserAccountControlMapperArrayOutput) ToMsadUserAccountControlMapperArrayOutputWithContext ¶ added in v3.4.1
func (o MsadUserAccountControlMapperArrayOutput) ToMsadUserAccountControlMapperArrayOutputWithContext(ctx context.Context) MsadUserAccountControlMapperArrayOutput
type MsadUserAccountControlMapperInput ¶ added in v3.1.1
type MsadUserAccountControlMapperInput interface { pulumi.Input ToMsadUserAccountControlMapperOutput() MsadUserAccountControlMapperOutput ToMsadUserAccountControlMapperOutputWithContext(ctx context.Context) MsadUserAccountControlMapperOutput }
type MsadUserAccountControlMapperMap ¶ added in v3.4.1
type MsadUserAccountControlMapperMap map[string]MsadUserAccountControlMapperInput
func (MsadUserAccountControlMapperMap) ElementType ¶ added in v3.4.1
func (MsadUserAccountControlMapperMap) ElementType() reflect.Type
func (MsadUserAccountControlMapperMap) ToMsadUserAccountControlMapperMapOutput ¶ added in v3.4.1
func (i MsadUserAccountControlMapperMap) ToMsadUserAccountControlMapperMapOutput() MsadUserAccountControlMapperMapOutput
func (MsadUserAccountControlMapperMap) ToMsadUserAccountControlMapperMapOutputWithContext ¶ added in v3.4.1
func (i MsadUserAccountControlMapperMap) ToMsadUserAccountControlMapperMapOutputWithContext(ctx context.Context) MsadUserAccountControlMapperMapOutput
type MsadUserAccountControlMapperMapInput ¶ added in v3.4.1
type MsadUserAccountControlMapperMapInput interface { pulumi.Input ToMsadUserAccountControlMapperMapOutput() MsadUserAccountControlMapperMapOutput ToMsadUserAccountControlMapperMapOutputWithContext(context.Context) MsadUserAccountControlMapperMapOutput }
MsadUserAccountControlMapperMapInput is an input type that accepts MsadUserAccountControlMapperMap and MsadUserAccountControlMapperMapOutput values. You can construct a concrete instance of `MsadUserAccountControlMapperMapInput` via:
MsadUserAccountControlMapperMap{ "key": MsadUserAccountControlMapperArgs{...} }
type MsadUserAccountControlMapperMapOutput ¶ added in v3.4.1
type MsadUserAccountControlMapperMapOutput struct{ *pulumi.OutputState }
func (MsadUserAccountControlMapperMapOutput) ElementType ¶ added in v3.4.1
func (MsadUserAccountControlMapperMapOutput) ElementType() reflect.Type
func (MsadUserAccountControlMapperMapOutput) MapIndex ¶ added in v3.4.1
func (o MsadUserAccountControlMapperMapOutput) MapIndex(k pulumi.StringInput) MsadUserAccountControlMapperOutput
func (MsadUserAccountControlMapperMapOutput) ToMsadUserAccountControlMapperMapOutput ¶ added in v3.4.1
func (o MsadUserAccountControlMapperMapOutput) ToMsadUserAccountControlMapperMapOutput() MsadUserAccountControlMapperMapOutput
func (MsadUserAccountControlMapperMapOutput) ToMsadUserAccountControlMapperMapOutputWithContext ¶ added in v3.4.1
func (o MsadUserAccountControlMapperMapOutput) ToMsadUserAccountControlMapperMapOutputWithContext(ctx context.Context) MsadUserAccountControlMapperMapOutput
type MsadUserAccountControlMapperOutput ¶ added in v3.1.1
type MsadUserAccountControlMapperOutput struct {
*pulumi.OutputState
}
func (MsadUserAccountControlMapperOutput) ElementType ¶ added in v3.1.1
func (MsadUserAccountControlMapperOutput) ElementType() reflect.Type
func (MsadUserAccountControlMapperOutput) ToMsadUserAccountControlMapperOutput ¶ added in v3.1.1
func (o MsadUserAccountControlMapperOutput) ToMsadUserAccountControlMapperOutput() MsadUserAccountControlMapperOutput
func (MsadUserAccountControlMapperOutput) ToMsadUserAccountControlMapperOutputWithContext ¶ added in v3.1.1
func (o MsadUserAccountControlMapperOutput) ToMsadUserAccountControlMapperOutputWithContext(ctx context.Context) MsadUserAccountControlMapperOutput
func (MsadUserAccountControlMapperOutput) ToMsadUserAccountControlMapperPtrOutput ¶ added in v3.4.1
func (o MsadUserAccountControlMapperOutput) ToMsadUserAccountControlMapperPtrOutput() MsadUserAccountControlMapperPtrOutput
func (MsadUserAccountControlMapperOutput) ToMsadUserAccountControlMapperPtrOutputWithContext ¶ added in v3.4.1
func (o MsadUserAccountControlMapperOutput) ToMsadUserAccountControlMapperPtrOutputWithContext(ctx context.Context) MsadUserAccountControlMapperPtrOutput
type MsadUserAccountControlMapperPtrInput ¶ added in v3.4.1
type MsadUserAccountControlMapperPtrInput interface { pulumi.Input ToMsadUserAccountControlMapperPtrOutput() MsadUserAccountControlMapperPtrOutput ToMsadUserAccountControlMapperPtrOutputWithContext(ctx context.Context) MsadUserAccountControlMapperPtrOutput }
type MsadUserAccountControlMapperPtrOutput ¶ added in v3.4.1
type MsadUserAccountControlMapperPtrOutput struct {
*pulumi.OutputState
}
func (MsadUserAccountControlMapperPtrOutput) ElementType ¶ added in v3.4.1
func (MsadUserAccountControlMapperPtrOutput) ElementType() reflect.Type
func (MsadUserAccountControlMapperPtrOutput) ToMsadUserAccountControlMapperPtrOutput ¶ added in v3.4.1
func (o MsadUserAccountControlMapperPtrOutput) ToMsadUserAccountControlMapperPtrOutput() MsadUserAccountControlMapperPtrOutput
func (MsadUserAccountControlMapperPtrOutput) ToMsadUserAccountControlMapperPtrOutputWithContext ¶ added in v3.4.1
func (o MsadUserAccountControlMapperPtrOutput) ToMsadUserAccountControlMapperPtrOutputWithContext(ctx context.Context) MsadUserAccountControlMapperPtrOutput
type MsadUserAccountControlMapperState ¶
type MsadUserAccountControlMapperState struct { // When `true`, advanced password policies, such as password hints and previous password history will be used when writing new passwords to AD. Defaults to `false`. LdapPasswordPolicyHintsEnabled pulumi.BoolPtrInput // The ID of the LDAP user federation provider to attach this mapper to. LdapUserFederationId pulumi.StringPtrInput // Display name of this mapper when displayed in the console. Name pulumi.StringPtrInput // The realm that this LDAP mapper will exist in. RealmId pulumi.StringPtrInput }
func (MsadUserAccountControlMapperState) ElementType ¶
func (MsadUserAccountControlMapperState) ElementType() reflect.Type
type RoleMapper ¶
type RoleMapper struct { pulumi.CustomResourceState ClientId pulumi.StringPtrOutput `pulumi:"clientId"` LdapRolesDn pulumi.StringOutput `pulumi:"ldapRolesDn"` // The ldap user federation provider to attach this mapper to. LdapUserFederationId pulumi.StringOutput `pulumi:"ldapUserFederationId"` MemberofLdapAttribute pulumi.StringPtrOutput `pulumi:"memberofLdapAttribute"` MembershipAttributeType pulumi.StringPtrOutput `pulumi:"membershipAttributeType"` MembershipLdapAttribute pulumi.StringOutput `pulumi:"membershipLdapAttribute"` MembershipUserLdapAttribute pulumi.StringOutput `pulumi:"membershipUserLdapAttribute"` Mode pulumi.StringPtrOutput `pulumi:"mode"` // Display name of the mapper when displayed in the console. Name pulumi.StringOutput `pulumi:"name"` // The realm in which the ldap user federation provider exists. RealmId pulumi.StringOutput `pulumi:"realmId"` RoleNameLdapAttribute pulumi.StringOutput `pulumi:"roleNameLdapAttribute"` RoleObjectClasses pulumi.StringArrayOutput `pulumi:"roleObjectClasses"` RolesLdapFilter pulumi.StringPtrOutput `pulumi:"rolesLdapFilter"` UseRealmRolesMapping pulumi.BoolPtrOutput `pulumi:"useRealmRolesMapping"` UserRolesRetrieveStrategy pulumi.StringPtrOutput `pulumi:"userRolesRetrieveStrategy"` }
func GetRoleMapper ¶
func GetRoleMapper(ctx *pulumi.Context, name string, id pulumi.IDInput, state *RoleMapperState, opts ...pulumi.ResourceOption) (*RoleMapper, error)
GetRoleMapper gets an existing RoleMapper resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewRoleMapper ¶
func NewRoleMapper(ctx *pulumi.Context, name string, args *RoleMapperArgs, opts ...pulumi.ResourceOption) (*RoleMapper, error)
NewRoleMapper registers a new resource with the given unique name, arguments, and options.
func (*RoleMapper) ElementType ¶ added in v3.1.1
func (*RoleMapper) ElementType() reflect.Type
func (*RoleMapper) ToRoleMapperOutput ¶ added in v3.1.1
func (i *RoleMapper) ToRoleMapperOutput() RoleMapperOutput
func (*RoleMapper) ToRoleMapperOutputWithContext ¶ added in v3.1.1
func (i *RoleMapper) ToRoleMapperOutputWithContext(ctx context.Context) RoleMapperOutput
func (*RoleMapper) ToRoleMapperPtrOutput ¶ added in v3.4.1
func (i *RoleMapper) ToRoleMapperPtrOutput() RoleMapperPtrOutput
func (*RoleMapper) ToRoleMapperPtrOutputWithContext ¶ added in v3.4.1
func (i *RoleMapper) ToRoleMapperPtrOutputWithContext(ctx context.Context) RoleMapperPtrOutput
type RoleMapperArgs ¶
type RoleMapperArgs struct { ClientId pulumi.StringPtrInput LdapRolesDn pulumi.StringInput // The ldap user federation provider to attach this mapper to. LdapUserFederationId pulumi.StringInput MemberofLdapAttribute pulumi.StringPtrInput MembershipAttributeType pulumi.StringPtrInput MembershipLdapAttribute pulumi.StringInput MembershipUserLdapAttribute pulumi.StringInput Mode pulumi.StringPtrInput // Display name of the mapper when displayed in the console. Name pulumi.StringPtrInput // The realm in which the ldap user federation provider exists. RealmId pulumi.StringInput RoleNameLdapAttribute pulumi.StringInput RoleObjectClasses pulumi.StringArrayInput RolesLdapFilter pulumi.StringPtrInput UseRealmRolesMapping pulumi.BoolPtrInput UserRolesRetrieveStrategy pulumi.StringPtrInput }
The set of arguments for constructing a RoleMapper resource.
func (RoleMapperArgs) ElementType ¶
func (RoleMapperArgs) ElementType() reflect.Type
type RoleMapperArray ¶ added in v3.4.1
type RoleMapperArray []RoleMapperInput
func (RoleMapperArray) ElementType ¶ added in v3.4.1
func (RoleMapperArray) ElementType() reflect.Type
func (RoleMapperArray) ToRoleMapperArrayOutput ¶ added in v3.4.1
func (i RoleMapperArray) ToRoleMapperArrayOutput() RoleMapperArrayOutput
func (RoleMapperArray) ToRoleMapperArrayOutputWithContext ¶ added in v3.4.1
func (i RoleMapperArray) ToRoleMapperArrayOutputWithContext(ctx context.Context) RoleMapperArrayOutput
type RoleMapperArrayInput ¶ added in v3.4.1
type RoleMapperArrayInput interface { pulumi.Input ToRoleMapperArrayOutput() RoleMapperArrayOutput ToRoleMapperArrayOutputWithContext(context.Context) RoleMapperArrayOutput }
RoleMapperArrayInput is an input type that accepts RoleMapperArray and RoleMapperArrayOutput values. You can construct a concrete instance of `RoleMapperArrayInput` via:
RoleMapperArray{ RoleMapperArgs{...} }
type RoleMapperArrayOutput ¶ added in v3.4.1
type RoleMapperArrayOutput struct{ *pulumi.OutputState }
func (RoleMapperArrayOutput) ElementType ¶ added in v3.4.1
func (RoleMapperArrayOutput) ElementType() reflect.Type
func (RoleMapperArrayOutput) Index ¶ added in v3.4.1
func (o RoleMapperArrayOutput) Index(i pulumi.IntInput) RoleMapperOutput
func (RoleMapperArrayOutput) ToRoleMapperArrayOutput ¶ added in v3.4.1
func (o RoleMapperArrayOutput) ToRoleMapperArrayOutput() RoleMapperArrayOutput
func (RoleMapperArrayOutput) ToRoleMapperArrayOutputWithContext ¶ added in v3.4.1
func (o RoleMapperArrayOutput) ToRoleMapperArrayOutputWithContext(ctx context.Context) RoleMapperArrayOutput
type RoleMapperInput ¶ added in v3.1.1
type RoleMapperInput interface { pulumi.Input ToRoleMapperOutput() RoleMapperOutput ToRoleMapperOutputWithContext(ctx context.Context) RoleMapperOutput }
type RoleMapperMap ¶ added in v3.4.1
type RoleMapperMap map[string]RoleMapperInput
func (RoleMapperMap) ElementType ¶ added in v3.4.1
func (RoleMapperMap) ElementType() reflect.Type
func (RoleMapperMap) ToRoleMapperMapOutput ¶ added in v3.4.1
func (i RoleMapperMap) ToRoleMapperMapOutput() RoleMapperMapOutput
func (RoleMapperMap) ToRoleMapperMapOutputWithContext ¶ added in v3.4.1
func (i RoleMapperMap) ToRoleMapperMapOutputWithContext(ctx context.Context) RoleMapperMapOutput
type RoleMapperMapInput ¶ added in v3.4.1
type RoleMapperMapInput interface { pulumi.Input ToRoleMapperMapOutput() RoleMapperMapOutput ToRoleMapperMapOutputWithContext(context.Context) RoleMapperMapOutput }
RoleMapperMapInput is an input type that accepts RoleMapperMap and RoleMapperMapOutput values. You can construct a concrete instance of `RoleMapperMapInput` via:
RoleMapperMap{ "key": RoleMapperArgs{...} }
type RoleMapperMapOutput ¶ added in v3.4.1
type RoleMapperMapOutput struct{ *pulumi.OutputState }
func (RoleMapperMapOutput) ElementType ¶ added in v3.4.1
func (RoleMapperMapOutput) ElementType() reflect.Type
func (RoleMapperMapOutput) MapIndex ¶ added in v3.4.1
func (o RoleMapperMapOutput) MapIndex(k pulumi.StringInput) RoleMapperOutput
func (RoleMapperMapOutput) ToRoleMapperMapOutput ¶ added in v3.4.1
func (o RoleMapperMapOutput) ToRoleMapperMapOutput() RoleMapperMapOutput
func (RoleMapperMapOutput) ToRoleMapperMapOutputWithContext ¶ added in v3.4.1
func (o RoleMapperMapOutput) ToRoleMapperMapOutputWithContext(ctx context.Context) RoleMapperMapOutput
type RoleMapperOutput ¶ added in v3.1.1
type RoleMapperOutput struct {
*pulumi.OutputState
}
func (RoleMapperOutput) ElementType ¶ added in v3.1.1
func (RoleMapperOutput) ElementType() reflect.Type
func (RoleMapperOutput) ToRoleMapperOutput ¶ added in v3.1.1
func (o RoleMapperOutput) ToRoleMapperOutput() RoleMapperOutput
func (RoleMapperOutput) ToRoleMapperOutputWithContext ¶ added in v3.1.1
func (o RoleMapperOutput) ToRoleMapperOutputWithContext(ctx context.Context) RoleMapperOutput
func (RoleMapperOutput) ToRoleMapperPtrOutput ¶ added in v3.4.1
func (o RoleMapperOutput) ToRoleMapperPtrOutput() RoleMapperPtrOutput
func (RoleMapperOutput) ToRoleMapperPtrOutputWithContext ¶ added in v3.4.1
func (o RoleMapperOutput) ToRoleMapperPtrOutputWithContext(ctx context.Context) RoleMapperPtrOutput
type RoleMapperPtrInput ¶ added in v3.4.1
type RoleMapperPtrInput interface { pulumi.Input ToRoleMapperPtrOutput() RoleMapperPtrOutput ToRoleMapperPtrOutputWithContext(ctx context.Context) RoleMapperPtrOutput }
type RoleMapperPtrOutput ¶ added in v3.4.1
type RoleMapperPtrOutput struct {
*pulumi.OutputState
}
func (RoleMapperPtrOutput) ElementType ¶ added in v3.4.1
func (RoleMapperPtrOutput) ElementType() reflect.Type
func (RoleMapperPtrOutput) ToRoleMapperPtrOutput ¶ added in v3.4.1
func (o RoleMapperPtrOutput) ToRoleMapperPtrOutput() RoleMapperPtrOutput
func (RoleMapperPtrOutput) ToRoleMapperPtrOutputWithContext ¶ added in v3.4.1
func (o RoleMapperPtrOutput) ToRoleMapperPtrOutputWithContext(ctx context.Context) RoleMapperPtrOutput
type RoleMapperState ¶
type RoleMapperState struct { ClientId pulumi.StringPtrInput LdapRolesDn pulumi.StringPtrInput // The ldap user federation provider to attach this mapper to. LdapUserFederationId pulumi.StringPtrInput MemberofLdapAttribute pulumi.StringPtrInput MembershipAttributeType pulumi.StringPtrInput MembershipLdapAttribute pulumi.StringPtrInput MembershipUserLdapAttribute pulumi.StringPtrInput Mode pulumi.StringPtrInput // Display name of the mapper when displayed in the console. Name pulumi.StringPtrInput // The realm in which the ldap user federation provider exists. RealmId pulumi.StringPtrInput RoleNameLdapAttribute pulumi.StringPtrInput RoleObjectClasses pulumi.StringArrayInput RolesLdapFilter pulumi.StringPtrInput UseRealmRolesMapping pulumi.BoolPtrInput UserRolesRetrieveStrategy pulumi.StringPtrInput }
func (RoleMapperState) ElementType ¶
func (RoleMapperState) ElementType() reflect.Type
type UserAttributeMapper ¶
type UserAttributeMapper struct { pulumi.CustomResourceState // When `true`, the value fetched from LDAP will override the value stored in Keycloak. Defaults to `false`. AlwaysReadValueFromLdap pulumi.BoolPtrOutput `pulumi:"alwaysReadValueFromLdap"` // When `true`, this attribute must exist in LDAP. Defaults to `false`. IsMandatoryInLdap pulumi.BoolPtrOutput `pulumi:"isMandatoryInLdap"` // Name of the mapped attribute on the LDAP object. LdapAttribute pulumi.StringOutput `pulumi:"ldapAttribute"` // The ID of the LDAP user federation provider to attach this mapper to. LdapUserFederationId pulumi.StringOutput `pulumi:"ldapUserFederationId"` // Display name of this mapper when displayed in the console. Name pulumi.StringOutput `pulumi:"name"` // When `true`, this attribute is not saved back to LDAP when the user attribute is updated in Keycloak. Defaults to `false`. ReadOnly pulumi.BoolPtrOutput `pulumi:"readOnly"` // The realm that this LDAP mapper will exist in. RealmId pulumi.StringOutput `pulumi:"realmId"` // Name of the user property or attribute you want to map the LDAP attribute into. UserModelAttribute pulumi.StringOutput `pulumi:"userModelAttribute"` }
Allows for creating and managing user attribute mappers for Keycloak users federated via LDAP.
The LDAP user attribute mapper can be used to map a single LDAP attribute to an attribute on the Keycloak user model.
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-keycloak/sdk/v3/go/keycloak" "github.com/pulumi/pulumi-keycloak/sdk/v3/go/keycloak/ldap" "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { realm, err := keycloak.NewRealm(ctx, "realm", &keycloak.RealmArgs{ Realm: pulumi.String("my-realm"), Enabled: pulumi.Bool(true), }) if err != nil { return err } ldapUserFederation, err := ldap.NewUserFederation(ctx, "ldapUserFederation", &ldap.UserFederationArgs{ RealmId: realm.ID(), UsernameLdapAttribute: pulumi.String("cn"), RdnLdapAttribute: pulumi.String("cn"), UuidLdapAttribute: pulumi.String("entryDN"), UserObjectClasses: pulumi.StringArray{ pulumi.String("simpleSecurityObject"), pulumi.String("organizationalRole"), }, ConnectionUrl: pulumi.String("ldap://openldap"), UsersDn: pulumi.String("dc=example,dc=org"), BindDn: pulumi.String("cn=admin,dc=example,dc=org"), BindCredential: pulumi.String("admin"), }) if err != nil { return err } _, err = ldap.NewUserAttributeMapper(ctx, "ldapUserAttributeMapper", &ldap.UserAttributeMapperArgs{ RealmId: realm.ID(), LdapUserFederationId: ldapUserFederation.ID(), UserModelAttribute: pulumi.String("foo"), LdapAttribute: pulumi.String("bar"), }) if err != nil { return err } return nil }) }
```
## Import
LDAP mappers can be imported using the format `{{realm_id}}/{{ldap_user_federation_id}}/{{ldap_mapper_id}}`. The ID of the LDAP user federation provider and the mapper can be found within the Keycloak GUI, and they are typically GUIDs. Examplebash
```sh
$ pulumi import keycloak:ldap/userAttributeMapper:UserAttributeMapper ldap_user_attribute_mapper my-realm/af2a6ca3-e4d7-49c3-b08b-1b3c70b4b860/3d923ece-1a91-4bf7-adaf-3b82f2a12b67
```
func GetUserAttributeMapper ¶
func GetUserAttributeMapper(ctx *pulumi.Context, name string, id pulumi.IDInput, state *UserAttributeMapperState, opts ...pulumi.ResourceOption) (*UserAttributeMapper, error)
GetUserAttributeMapper gets an existing UserAttributeMapper resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewUserAttributeMapper ¶
func NewUserAttributeMapper(ctx *pulumi.Context, name string, args *UserAttributeMapperArgs, opts ...pulumi.ResourceOption) (*UserAttributeMapper, error)
NewUserAttributeMapper registers a new resource with the given unique name, arguments, and options.
func (*UserAttributeMapper) ElementType ¶ added in v3.1.1
func (*UserAttributeMapper) ElementType() reflect.Type
func (*UserAttributeMapper) ToUserAttributeMapperOutput ¶ added in v3.1.1
func (i *UserAttributeMapper) ToUserAttributeMapperOutput() UserAttributeMapperOutput
func (*UserAttributeMapper) ToUserAttributeMapperOutputWithContext ¶ added in v3.1.1
func (i *UserAttributeMapper) ToUserAttributeMapperOutputWithContext(ctx context.Context) UserAttributeMapperOutput
func (*UserAttributeMapper) ToUserAttributeMapperPtrOutput ¶ added in v3.4.1
func (i *UserAttributeMapper) ToUserAttributeMapperPtrOutput() UserAttributeMapperPtrOutput
func (*UserAttributeMapper) ToUserAttributeMapperPtrOutputWithContext ¶ added in v3.4.1
func (i *UserAttributeMapper) ToUserAttributeMapperPtrOutputWithContext(ctx context.Context) UserAttributeMapperPtrOutput
type UserAttributeMapperArgs ¶
type UserAttributeMapperArgs struct { // When `true`, the value fetched from LDAP will override the value stored in Keycloak. Defaults to `false`. AlwaysReadValueFromLdap pulumi.BoolPtrInput // When `true`, this attribute must exist in LDAP. Defaults to `false`. IsMandatoryInLdap pulumi.BoolPtrInput // Name of the mapped attribute on the LDAP object. LdapAttribute pulumi.StringInput // The ID of the LDAP user federation provider to attach this mapper to. LdapUserFederationId pulumi.StringInput // Display name of this mapper when displayed in the console. Name pulumi.StringPtrInput // When `true`, this attribute is not saved back to LDAP when the user attribute is updated in Keycloak. Defaults to `false`. ReadOnly pulumi.BoolPtrInput // The realm that this LDAP mapper will exist in. RealmId pulumi.StringInput // Name of the user property or attribute you want to map the LDAP attribute into. UserModelAttribute pulumi.StringInput }
The set of arguments for constructing a UserAttributeMapper resource.
func (UserAttributeMapperArgs) ElementType ¶
func (UserAttributeMapperArgs) ElementType() reflect.Type
type UserAttributeMapperArray ¶ added in v3.4.1
type UserAttributeMapperArray []UserAttributeMapperInput
func (UserAttributeMapperArray) ElementType ¶ added in v3.4.1
func (UserAttributeMapperArray) ElementType() reflect.Type
func (UserAttributeMapperArray) ToUserAttributeMapperArrayOutput ¶ added in v3.4.1
func (i UserAttributeMapperArray) ToUserAttributeMapperArrayOutput() UserAttributeMapperArrayOutput
func (UserAttributeMapperArray) ToUserAttributeMapperArrayOutputWithContext ¶ added in v3.4.1
func (i UserAttributeMapperArray) ToUserAttributeMapperArrayOutputWithContext(ctx context.Context) UserAttributeMapperArrayOutput
type UserAttributeMapperArrayInput ¶ added in v3.4.1
type UserAttributeMapperArrayInput interface { pulumi.Input ToUserAttributeMapperArrayOutput() UserAttributeMapperArrayOutput ToUserAttributeMapperArrayOutputWithContext(context.Context) UserAttributeMapperArrayOutput }
UserAttributeMapperArrayInput is an input type that accepts UserAttributeMapperArray and UserAttributeMapperArrayOutput values. You can construct a concrete instance of `UserAttributeMapperArrayInput` via:
UserAttributeMapperArray{ UserAttributeMapperArgs{...} }
type UserAttributeMapperArrayOutput ¶ added in v3.4.1
type UserAttributeMapperArrayOutput struct{ *pulumi.OutputState }
func (UserAttributeMapperArrayOutput) ElementType ¶ added in v3.4.1
func (UserAttributeMapperArrayOutput) ElementType() reflect.Type
func (UserAttributeMapperArrayOutput) Index ¶ added in v3.4.1
func (o UserAttributeMapperArrayOutput) Index(i pulumi.IntInput) UserAttributeMapperOutput
func (UserAttributeMapperArrayOutput) ToUserAttributeMapperArrayOutput ¶ added in v3.4.1
func (o UserAttributeMapperArrayOutput) ToUserAttributeMapperArrayOutput() UserAttributeMapperArrayOutput
func (UserAttributeMapperArrayOutput) ToUserAttributeMapperArrayOutputWithContext ¶ added in v3.4.1
func (o UserAttributeMapperArrayOutput) ToUserAttributeMapperArrayOutputWithContext(ctx context.Context) UserAttributeMapperArrayOutput
type UserAttributeMapperInput ¶ added in v3.1.1
type UserAttributeMapperInput interface { pulumi.Input ToUserAttributeMapperOutput() UserAttributeMapperOutput ToUserAttributeMapperOutputWithContext(ctx context.Context) UserAttributeMapperOutput }
type UserAttributeMapperMap ¶ added in v3.4.1
type UserAttributeMapperMap map[string]UserAttributeMapperInput
func (UserAttributeMapperMap) ElementType ¶ added in v3.4.1
func (UserAttributeMapperMap) ElementType() reflect.Type
func (UserAttributeMapperMap) ToUserAttributeMapperMapOutput ¶ added in v3.4.1
func (i UserAttributeMapperMap) ToUserAttributeMapperMapOutput() UserAttributeMapperMapOutput
func (UserAttributeMapperMap) ToUserAttributeMapperMapOutputWithContext ¶ added in v3.4.1
func (i UserAttributeMapperMap) ToUserAttributeMapperMapOutputWithContext(ctx context.Context) UserAttributeMapperMapOutput
type UserAttributeMapperMapInput ¶ added in v3.4.1
type UserAttributeMapperMapInput interface { pulumi.Input ToUserAttributeMapperMapOutput() UserAttributeMapperMapOutput ToUserAttributeMapperMapOutputWithContext(context.Context) UserAttributeMapperMapOutput }
UserAttributeMapperMapInput is an input type that accepts UserAttributeMapperMap and UserAttributeMapperMapOutput values. You can construct a concrete instance of `UserAttributeMapperMapInput` via:
UserAttributeMapperMap{ "key": UserAttributeMapperArgs{...} }
type UserAttributeMapperMapOutput ¶ added in v3.4.1
type UserAttributeMapperMapOutput struct{ *pulumi.OutputState }
func (UserAttributeMapperMapOutput) ElementType ¶ added in v3.4.1
func (UserAttributeMapperMapOutput) ElementType() reflect.Type
func (UserAttributeMapperMapOutput) MapIndex ¶ added in v3.4.1
func (o UserAttributeMapperMapOutput) MapIndex(k pulumi.StringInput) UserAttributeMapperOutput
func (UserAttributeMapperMapOutput) ToUserAttributeMapperMapOutput ¶ added in v3.4.1
func (o UserAttributeMapperMapOutput) ToUserAttributeMapperMapOutput() UserAttributeMapperMapOutput
func (UserAttributeMapperMapOutput) ToUserAttributeMapperMapOutputWithContext ¶ added in v3.4.1
func (o UserAttributeMapperMapOutput) ToUserAttributeMapperMapOutputWithContext(ctx context.Context) UserAttributeMapperMapOutput
type UserAttributeMapperOutput ¶ added in v3.1.1
type UserAttributeMapperOutput struct {
*pulumi.OutputState
}
func (UserAttributeMapperOutput) ElementType ¶ added in v3.1.1
func (UserAttributeMapperOutput) ElementType() reflect.Type
func (UserAttributeMapperOutput) ToUserAttributeMapperOutput ¶ added in v3.1.1
func (o UserAttributeMapperOutput) ToUserAttributeMapperOutput() UserAttributeMapperOutput
func (UserAttributeMapperOutput) ToUserAttributeMapperOutputWithContext ¶ added in v3.1.1
func (o UserAttributeMapperOutput) ToUserAttributeMapperOutputWithContext(ctx context.Context) UserAttributeMapperOutput
func (UserAttributeMapperOutput) ToUserAttributeMapperPtrOutput ¶ added in v3.4.1
func (o UserAttributeMapperOutput) ToUserAttributeMapperPtrOutput() UserAttributeMapperPtrOutput
func (UserAttributeMapperOutput) ToUserAttributeMapperPtrOutputWithContext ¶ added in v3.4.1
func (o UserAttributeMapperOutput) ToUserAttributeMapperPtrOutputWithContext(ctx context.Context) UserAttributeMapperPtrOutput
type UserAttributeMapperPtrInput ¶ added in v3.4.1
type UserAttributeMapperPtrInput interface { pulumi.Input ToUserAttributeMapperPtrOutput() UserAttributeMapperPtrOutput ToUserAttributeMapperPtrOutputWithContext(ctx context.Context) UserAttributeMapperPtrOutput }
type UserAttributeMapperPtrOutput ¶ added in v3.4.1
type UserAttributeMapperPtrOutput struct {
*pulumi.OutputState
}
func (UserAttributeMapperPtrOutput) ElementType ¶ added in v3.4.1
func (UserAttributeMapperPtrOutput) ElementType() reflect.Type
func (UserAttributeMapperPtrOutput) ToUserAttributeMapperPtrOutput ¶ added in v3.4.1
func (o UserAttributeMapperPtrOutput) ToUserAttributeMapperPtrOutput() UserAttributeMapperPtrOutput
func (UserAttributeMapperPtrOutput) ToUserAttributeMapperPtrOutputWithContext ¶ added in v3.4.1
func (o UserAttributeMapperPtrOutput) ToUserAttributeMapperPtrOutputWithContext(ctx context.Context) UserAttributeMapperPtrOutput
type UserAttributeMapperState ¶
type UserAttributeMapperState struct { // When `true`, the value fetched from LDAP will override the value stored in Keycloak. Defaults to `false`. AlwaysReadValueFromLdap pulumi.BoolPtrInput // When `true`, this attribute must exist in LDAP. Defaults to `false`. IsMandatoryInLdap pulumi.BoolPtrInput // Name of the mapped attribute on the LDAP object. LdapAttribute pulumi.StringPtrInput // The ID of the LDAP user federation provider to attach this mapper to. LdapUserFederationId pulumi.StringPtrInput // Display name of this mapper when displayed in the console. Name pulumi.StringPtrInput // When `true`, this attribute is not saved back to LDAP when the user attribute is updated in Keycloak. Defaults to `false`. ReadOnly pulumi.BoolPtrInput // The realm that this LDAP mapper will exist in. RealmId pulumi.StringPtrInput // Name of the user property or attribute you want to map the LDAP attribute into. UserModelAttribute pulumi.StringPtrInput }
func (UserAttributeMapperState) ElementType ¶
func (UserAttributeMapperState) ElementType() reflect.Type
type UserFederation ¶
type UserFederation struct { pulumi.CustomResourceState // The number of users to sync within a single transaction. Defaults to `1000`. BatchSizeForSync pulumi.IntPtrOutput `pulumi:"batchSizeForSync"` // Password of LDAP admin. This attribute must be set if `bindDn` is set. BindCredential pulumi.StringPtrOutput `pulumi:"bindCredential"` // DN of LDAP admin, which will be used by Keycloak to access LDAP server. This attribute must be set if `bindCredential` is set. BindDn pulumi.StringPtrOutput `pulumi:"bindDn"` // A block containing the cache settings. Cache UserFederationCachePtrOutput `pulumi:"cache"` // **Deprecated** Can be one of `DEFAULT`, `EVICT_DAILY`, `EVICT_WEEKLY`, `MAX_LIFESPAN`, or `NO_CACHE`. Defaults to `DEFAULT`. // // Deprecated: use cache.policy instead CachePolicy pulumi.StringPtrOutput `pulumi:"cachePolicy"` // How frequently Keycloak should sync changed LDAP users, in seconds. Omit this property to disable periodic changed users sync. ChangedSyncPeriod pulumi.IntPtrOutput `pulumi:"changedSyncPeriod"` // LDAP connection timeout in the format of a [Go duration string](https://golang.org/pkg/time/#Duration.String). ConnectionTimeout pulumi.StringPtrOutput `pulumi:"connectionTimeout"` // Connection URL to the LDAP server. ConnectionUrl pulumi.StringOutput `pulumi:"connectionUrl"` // Additional LDAP filter for filtering searched users. Must begin with `(` and end with `)`. CustomUserSearchFilter pulumi.StringPtrOutput `pulumi:"customUserSearchFilter"` // Can be one of `READ_ONLY`, `WRITABLE`, or `UNSYNCED`. `UNSYNCED` allows user data to be imported but not synced back to LDAP. Defaults to `READ_ONLY`. EditMode pulumi.StringPtrOutput `pulumi:"editMode"` // When `false`, this provider will not be used when performing queries for users. Defaults to `true`. Enabled pulumi.BoolPtrOutput `pulumi:"enabled"` // How frequently Keycloak should sync all LDAP users, in seconds. Omit this property to disable periodic full sync. FullSyncPeriod pulumi.IntPtrOutput `pulumi:"fullSyncPeriod"` // When `true`, LDAP users will be imported into the Keycloak database. Defaults to `true`. ImportEnabled pulumi.BoolPtrOutput `pulumi:"importEnabled"` // A block containing the kerberos settings. Kerberos UserFederationKerberosPtrOutput `pulumi:"kerberos"` // Display name of the provider when displayed in the console. Name pulumi.StringOutput `pulumi:"name"` // When true, Keycloak assumes the LDAP server supports pagination. Defaults to `true`. Pagination pulumi.BoolPtrOutput `pulumi:"pagination"` // Priority of this provider when looking up users. Lower values are first. Defaults to `0`. Priority pulumi.IntPtrOutput `pulumi:"priority"` // Name of the LDAP attribute to use as the relative distinguished name. RdnLdapAttribute pulumi.StringOutput `pulumi:"rdnLdapAttribute"` // LDAP read timeout in the format of a [Go duration string](https://golang.org/pkg/time/#Duration.String). ReadTimeout pulumi.StringPtrOutput `pulumi:"readTimeout"` // The realm that this provider will provide user federation for. RealmId pulumi.StringOutput `pulumi:"realmId"` // Can be one of `ONE_LEVEL` or `SUBTREE`: // - `ONE_LEVEL`: Only search for users in the DN specified by `userDn`. // - `SUBTREE`: Search entire LDAP subtree. SearchScope pulumi.StringPtrOutput `pulumi:"searchScope"` // When `true`, newly created users will be synced back to LDAP. Defaults to `false`. SyncRegistrations pulumi.BoolPtrOutput `pulumi:"syncRegistrations"` // Can be one of `ALWAYS`, `ONLY_FOR_LDAPS`, or `NEVER`: UseTruststoreSpi pulumi.StringPtrOutput `pulumi:"useTruststoreSpi"` // Array of all values of LDAP objectClass attribute for users in LDAP. Must contain at least one. UserObjectClasses pulumi.StringArrayOutput `pulumi:"userObjectClasses"` // Name of the LDAP attribute to use as the Keycloak username. UsernameLdapAttribute pulumi.StringOutput `pulumi:"usernameLdapAttribute"` // Full DN of LDAP tree where your users are. UsersDn pulumi.StringOutput `pulumi:"usersDn"` // Name of the LDAP attribute to use as a unique object identifier for objects in LDAP. UuidLdapAttribute pulumi.StringOutput `pulumi:"uuidLdapAttribute"` // When `true`, Keycloak will validate passwords using the realm policy before updating it. ValidatePasswordPolicy pulumi.BoolPtrOutput `pulumi:"validatePasswordPolicy"` // Can be one of `OTHER`, `EDIRECTORY`, `AD`, `RHDS`, or `TIVOLI`. When this is selected in the GUI, it provides reasonable defaults for other fields. When used with the Keycloak API, this attribute does nothing, but is still required. Defaults to `OTHER`. Vendor pulumi.StringPtrOutput `pulumi:"vendor"` }
Allows for creating and managing LDAP user federation providers within Keycloak.
Keycloak can use an LDAP user federation provider to federate users to Keycloak from a directory system such as LDAP or Active Directory. Federated users will exist within the realm and will be able to log in to clients. Federated users can have their attributes defined using mappers.
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-keycloak/sdk/v3/go/keycloak" "github.com/pulumi/pulumi-keycloak/sdk/v3/go/keycloak/ldap" "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { realm, err := keycloak.NewRealm(ctx, "realm", &keycloak.RealmArgs{ Realm: pulumi.String("my-realm"), Enabled: pulumi.Bool(true), }) if err != nil { return err } _, err = ldap.NewUserFederation(ctx, "ldapUserFederation", &ldap.UserFederationArgs{ RealmId: realm.ID(), Enabled: pulumi.Bool(true), UsernameLdapAttribute: pulumi.String("cn"), RdnLdapAttribute: pulumi.String("cn"), UuidLdapAttribute: pulumi.String("entryDN"), UserObjectClasses: pulumi.StringArray{ pulumi.String("simpleSecurityObject"), pulumi.String("organizationalRole"), }, ConnectionUrl: pulumi.String("ldap://openldap"), UsersDn: pulumi.String("dc=example,dc=org"), BindDn: pulumi.String("cn=admin,dc=example,dc=org"), BindCredential: pulumi.String("admin"), ConnectionTimeout: pulumi.String("5s"), ReadTimeout: pulumi.String("10s"), Kerberos: &ldap.UserFederationKerberosArgs{ KerberosRealm: pulumi.String("FOO.LOCAL"), ServerPrincipal: pulumi.String("HTTP/host.foo.com@FOO.LOCAL"), Keytab: pulumi.String("/etc/host.keytab"), }, }) if err != nil { return err } return nil }) }
```
## Import
LDAP user federation providers can be imported using the format `{{realm_id}}/{{ldap_user_federation_id}}`. The ID of the LDAP user federation provider can be found within the Keycloak GUI and is typically a GUIDbash
```sh
$ pulumi import keycloak:ldap/userFederation:UserFederation ldap_user_federation my-realm/af2a6ca3-e4d7-49c3-b08b-1b3c70b4b860
```
func GetUserFederation ¶
func GetUserFederation(ctx *pulumi.Context, name string, id pulumi.IDInput, state *UserFederationState, opts ...pulumi.ResourceOption) (*UserFederation, error)
GetUserFederation gets an existing UserFederation resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewUserFederation ¶
func NewUserFederation(ctx *pulumi.Context, name string, args *UserFederationArgs, opts ...pulumi.ResourceOption) (*UserFederation, error)
NewUserFederation registers a new resource with the given unique name, arguments, and options.
func (*UserFederation) ElementType ¶ added in v3.1.1
func (*UserFederation) ElementType() reflect.Type
func (*UserFederation) ToUserFederationOutput ¶ added in v3.1.1
func (i *UserFederation) ToUserFederationOutput() UserFederationOutput
func (*UserFederation) ToUserFederationOutputWithContext ¶ added in v3.1.1
func (i *UserFederation) ToUserFederationOutputWithContext(ctx context.Context) UserFederationOutput
func (*UserFederation) ToUserFederationPtrOutput ¶ added in v3.4.1
func (i *UserFederation) ToUserFederationPtrOutput() UserFederationPtrOutput
func (*UserFederation) ToUserFederationPtrOutputWithContext ¶ added in v3.4.1
func (i *UserFederation) ToUserFederationPtrOutputWithContext(ctx context.Context) UserFederationPtrOutput
type UserFederationArgs ¶
type UserFederationArgs struct { // The number of users to sync within a single transaction. Defaults to `1000`. BatchSizeForSync pulumi.IntPtrInput // Password of LDAP admin. This attribute must be set if `bindDn` is set. BindCredential pulumi.StringPtrInput // DN of LDAP admin, which will be used by Keycloak to access LDAP server. This attribute must be set if `bindCredential` is set. BindDn pulumi.StringPtrInput // A block containing the cache settings. Cache UserFederationCachePtrInput // **Deprecated** Can be one of `DEFAULT`, `EVICT_DAILY`, `EVICT_WEEKLY`, `MAX_LIFESPAN`, or `NO_CACHE`. Defaults to `DEFAULT`. // // Deprecated: use cache.policy instead CachePolicy pulumi.StringPtrInput // How frequently Keycloak should sync changed LDAP users, in seconds. Omit this property to disable periodic changed users sync. ChangedSyncPeriod pulumi.IntPtrInput // LDAP connection timeout in the format of a [Go duration string](https://golang.org/pkg/time/#Duration.String). ConnectionTimeout pulumi.StringPtrInput // Connection URL to the LDAP server. ConnectionUrl pulumi.StringInput // Additional LDAP filter for filtering searched users. Must begin with `(` and end with `)`. CustomUserSearchFilter pulumi.StringPtrInput // Can be one of `READ_ONLY`, `WRITABLE`, or `UNSYNCED`. `UNSYNCED` allows user data to be imported but not synced back to LDAP. Defaults to `READ_ONLY`. EditMode pulumi.StringPtrInput // When `false`, this provider will not be used when performing queries for users. Defaults to `true`. Enabled pulumi.BoolPtrInput // How frequently Keycloak should sync all LDAP users, in seconds. Omit this property to disable periodic full sync. FullSyncPeriod pulumi.IntPtrInput // When `true`, LDAP users will be imported into the Keycloak database. Defaults to `true`. ImportEnabled pulumi.BoolPtrInput // A block containing the kerberos settings. Kerberos UserFederationKerberosPtrInput // Display name of the provider when displayed in the console. Name pulumi.StringPtrInput // When true, Keycloak assumes the LDAP server supports pagination. Defaults to `true`. Pagination pulumi.BoolPtrInput // Priority of this provider when looking up users. Lower values are first. Defaults to `0`. Priority pulumi.IntPtrInput // Name of the LDAP attribute to use as the relative distinguished name. RdnLdapAttribute pulumi.StringInput // LDAP read timeout in the format of a [Go duration string](https://golang.org/pkg/time/#Duration.String). ReadTimeout pulumi.StringPtrInput // The realm that this provider will provide user federation for. RealmId pulumi.StringInput // Can be one of `ONE_LEVEL` or `SUBTREE`: // - `ONE_LEVEL`: Only search for users in the DN specified by `userDn`. // - `SUBTREE`: Search entire LDAP subtree. SearchScope pulumi.StringPtrInput // When `true`, newly created users will be synced back to LDAP. Defaults to `false`. SyncRegistrations pulumi.BoolPtrInput // Can be one of `ALWAYS`, `ONLY_FOR_LDAPS`, or `NEVER`: UseTruststoreSpi pulumi.StringPtrInput // Array of all values of LDAP objectClass attribute for users in LDAP. Must contain at least one. UserObjectClasses pulumi.StringArrayInput // Name of the LDAP attribute to use as the Keycloak username. UsernameLdapAttribute pulumi.StringInput // Full DN of LDAP tree where your users are. UsersDn pulumi.StringInput // Name of the LDAP attribute to use as a unique object identifier for objects in LDAP. UuidLdapAttribute pulumi.StringInput // When `true`, Keycloak will validate passwords using the realm policy before updating it. ValidatePasswordPolicy pulumi.BoolPtrInput // Can be one of `OTHER`, `EDIRECTORY`, `AD`, `RHDS`, or `TIVOLI`. When this is selected in the GUI, it provides reasonable defaults for other fields. When used with the Keycloak API, this attribute does nothing, but is still required. Defaults to `OTHER`. Vendor pulumi.StringPtrInput }
The set of arguments for constructing a UserFederation resource.
func (UserFederationArgs) ElementType ¶
func (UserFederationArgs) ElementType() reflect.Type
type UserFederationArray ¶ added in v3.4.1
type UserFederationArray []UserFederationInput
func (UserFederationArray) ElementType ¶ added in v3.4.1
func (UserFederationArray) ElementType() reflect.Type
func (UserFederationArray) ToUserFederationArrayOutput ¶ added in v3.4.1
func (i UserFederationArray) ToUserFederationArrayOutput() UserFederationArrayOutput
func (UserFederationArray) ToUserFederationArrayOutputWithContext ¶ added in v3.4.1
func (i UserFederationArray) ToUserFederationArrayOutputWithContext(ctx context.Context) UserFederationArrayOutput
type UserFederationArrayInput ¶ added in v3.4.1
type UserFederationArrayInput interface { pulumi.Input ToUserFederationArrayOutput() UserFederationArrayOutput ToUserFederationArrayOutputWithContext(context.Context) UserFederationArrayOutput }
UserFederationArrayInput is an input type that accepts UserFederationArray and UserFederationArrayOutput values. You can construct a concrete instance of `UserFederationArrayInput` via:
UserFederationArray{ UserFederationArgs{...} }
type UserFederationArrayOutput ¶ added in v3.4.1
type UserFederationArrayOutput struct{ *pulumi.OutputState }
func (UserFederationArrayOutput) ElementType ¶ added in v3.4.1
func (UserFederationArrayOutput) ElementType() reflect.Type
func (UserFederationArrayOutput) Index ¶ added in v3.4.1
func (o UserFederationArrayOutput) Index(i pulumi.IntInput) UserFederationOutput
func (UserFederationArrayOutput) ToUserFederationArrayOutput ¶ added in v3.4.1
func (o UserFederationArrayOutput) ToUserFederationArrayOutput() UserFederationArrayOutput
func (UserFederationArrayOutput) ToUserFederationArrayOutputWithContext ¶ added in v3.4.1
func (o UserFederationArrayOutput) ToUserFederationArrayOutputWithContext(ctx context.Context) UserFederationArrayOutput
type UserFederationCache ¶
type UserFederationCache struct { // Minute of day the entry will become invalid on. EvictionDay *int `pulumi:"evictionDay"` // Hour of day the entry will become invalid on. EvictionHour *int `pulumi:"evictionHour"` EvictionMinute *int `pulumi:"evictionMinute"` // Max lifespan of cache entry (duration string). MaxLifespan *string `pulumi:"maxLifespan"` // Can be one of `DEFAULT`, `EVICT_DAILY`, `EVICT_WEEKLY`, `MAX_LIFESPAN`, or `NO_CACHE`. Defaults to `DEFAULT`. Policy *string `pulumi:"policy"` }
type UserFederationCacheArgs ¶
type UserFederationCacheArgs struct { // Minute of day the entry will become invalid on. EvictionDay pulumi.IntPtrInput `pulumi:"evictionDay"` // Hour of day the entry will become invalid on. EvictionHour pulumi.IntPtrInput `pulumi:"evictionHour"` EvictionMinute pulumi.IntPtrInput `pulumi:"evictionMinute"` // Max lifespan of cache entry (duration string). MaxLifespan pulumi.StringPtrInput `pulumi:"maxLifespan"` // Can be one of `DEFAULT`, `EVICT_DAILY`, `EVICT_WEEKLY`, `MAX_LIFESPAN`, or `NO_CACHE`. Defaults to `DEFAULT`. Policy pulumi.StringPtrInput `pulumi:"policy"` }
func (UserFederationCacheArgs) ElementType ¶
func (UserFederationCacheArgs) ElementType() reflect.Type
func (UserFederationCacheArgs) ToUserFederationCacheOutput ¶
func (i UserFederationCacheArgs) ToUserFederationCacheOutput() UserFederationCacheOutput
func (UserFederationCacheArgs) ToUserFederationCacheOutputWithContext ¶
func (i UserFederationCacheArgs) ToUserFederationCacheOutputWithContext(ctx context.Context) UserFederationCacheOutput
func (UserFederationCacheArgs) ToUserFederationCachePtrOutput ¶
func (i UserFederationCacheArgs) ToUserFederationCachePtrOutput() UserFederationCachePtrOutput
func (UserFederationCacheArgs) ToUserFederationCachePtrOutputWithContext ¶
func (i UserFederationCacheArgs) ToUserFederationCachePtrOutputWithContext(ctx context.Context) UserFederationCachePtrOutput
type UserFederationCacheInput ¶
type UserFederationCacheInput interface { pulumi.Input ToUserFederationCacheOutput() UserFederationCacheOutput ToUserFederationCacheOutputWithContext(context.Context) UserFederationCacheOutput }
UserFederationCacheInput is an input type that accepts UserFederationCacheArgs and UserFederationCacheOutput values. You can construct a concrete instance of `UserFederationCacheInput` via:
UserFederationCacheArgs{...}
type UserFederationCacheOutput ¶
type UserFederationCacheOutput struct{ *pulumi.OutputState }
func (UserFederationCacheOutput) ElementType ¶
func (UserFederationCacheOutput) ElementType() reflect.Type
func (UserFederationCacheOutput) EvictionDay ¶
func (o UserFederationCacheOutput) EvictionDay() pulumi.IntPtrOutput
Minute of day the entry will become invalid on.
func (UserFederationCacheOutput) EvictionHour ¶
func (o UserFederationCacheOutput) EvictionHour() pulumi.IntPtrOutput
Hour of day the entry will become invalid on.
func (UserFederationCacheOutput) EvictionMinute ¶
func (o UserFederationCacheOutput) EvictionMinute() pulumi.IntPtrOutput
func (UserFederationCacheOutput) MaxLifespan ¶
func (o UserFederationCacheOutput) MaxLifespan() pulumi.StringPtrOutput
Max lifespan of cache entry (duration string).
func (UserFederationCacheOutput) Policy ¶
func (o UserFederationCacheOutput) Policy() pulumi.StringPtrOutput
Can be one of `DEFAULT`, `EVICT_DAILY`, `EVICT_WEEKLY`, `MAX_LIFESPAN`, or `NO_CACHE`. Defaults to `DEFAULT`.
func (UserFederationCacheOutput) ToUserFederationCacheOutput ¶
func (o UserFederationCacheOutput) ToUserFederationCacheOutput() UserFederationCacheOutput
func (UserFederationCacheOutput) ToUserFederationCacheOutputWithContext ¶
func (o UserFederationCacheOutput) ToUserFederationCacheOutputWithContext(ctx context.Context) UserFederationCacheOutput
func (UserFederationCacheOutput) ToUserFederationCachePtrOutput ¶
func (o UserFederationCacheOutput) ToUserFederationCachePtrOutput() UserFederationCachePtrOutput
func (UserFederationCacheOutput) ToUserFederationCachePtrOutputWithContext ¶
func (o UserFederationCacheOutput) ToUserFederationCachePtrOutputWithContext(ctx context.Context) UserFederationCachePtrOutput
type UserFederationCachePtrInput ¶
type UserFederationCachePtrInput interface { pulumi.Input ToUserFederationCachePtrOutput() UserFederationCachePtrOutput ToUserFederationCachePtrOutputWithContext(context.Context) UserFederationCachePtrOutput }
UserFederationCachePtrInput is an input type that accepts UserFederationCacheArgs, UserFederationCachePtr and UserFederationCachePtrOutput values. You can construct a concrete instance of `UserFederationCachePtrInput` via:
UserFederationCacheArgs{...} or: nil
func UserFederationCachePtr ¶
func UserFederationCachePtr(v *UserFederationCacheArgs) UserFederationCachePtrInput
type UserFederationCachePtrOutput ¶
type UserFederationCachePtrOutput struct{ *pulumi.OutputState }
func (UserFederationCachePtrOutput) Elem ¶
func (o UserFederationCachePtrOutput) Elem() UserFederationCacheOutput
func (UserFederationCachePtrOutput) ElementType ¶
func (UserFederationCachePtrOutput) ElementType() reflect.Type
func (UserFederationCachePtrOutput) EvictionDay ¶
func (o UserFederationCachePtrOutput) EvictionDay() pulumi.IntPtrOutput
Minute of day the entry will become invalid on.
func (UserFederationCachePtrOutput) EvictionHour ¶
func (o UserFederationCachePtrOutput) EvictionHour() pulumi.IntPtrOutput
Hour of day the entry will become invalid on.
func (UserFederationCachePtrOutput) EvictionMinute ¶
func (o UserFederationCachePtrOutput) EvictionMinute() pulumi.IntPtrOutput
func (UserFederationCachePtrOutput) MaxLifespan ¶
func (o UserFederationCachePtrOutput) MaxLifespan() pulumi.StringPtrOutput
Max lifespan of cache entry (duration string).
func (UserFederationCachePtrOutput) Policy ¶
func (o UserFederationCachePtrOutput) Policy() pulumi.StringPtrOutput
Can be one of `DEFAULT`, `EVICT_DAILY`, `EVICT_WEEKLY`, `MAX_LIFESPAN`, or `NO_CACHE`. Defaults to `DEFAULT`.
func (UserFederationCachePtrOutput) ToUserFederationCachePtrOutput ¶
func (o UserFederationCachePtrOutput) ToUserFederationCachePtrOutput() UserFederationCachePtrOutput
func (UserFederationCachePtrOutput) ToUserFederationCachePtrOutputWithContext ¶
func (o UserFederationCachePtrOutput) ToUserFederationCachePtrOutputWithContext(ctx context.Context) UserFederationCachePtrOutput
type UserFederationInput ¶ added in v3.1.1
type UserFederationInput interface { pulumi.Input ToUserFederationOutput() UserFederationOutput ToUserFederationOutputWithContext(ctx context.Context) UserFederationOutput }
type UserFederationKerberos ¶
type UserFederationKerberos struct { // The name of the kerberos realm, e.g. FOO.LOCAL. KerberosRealm string `pulumi:"kerberosRealm"` // Path to the kerberos keytab file on the server with credentials of the service principal. KeyTab string `pulumi:"keyTab"` // The kerberos server principal, e.g. 'HTTP/host.foo.com@FOO.LOCAL'. ServerPrincipal string `pulumi:"serverPrincipal"` // Use kerberos login module instead of ldap service api. Defaults to `false`. UseKerberosForPasswordAuthentication *bool `pulumi:"useKerberosForPasswordAuthentication"` }
type UserFederationKerberosArgs ¶
type UserFederationKerberosArgs struct { // The name of the kerberos realm, e.g. FOO.LOCAL. KerberosRealm pulumi.StringInput `pulumi:"kerberosRealm"` // Path to the kerberos keytab file on the server with credentials of the service principal. KeyTab pulumi.StringInput `pulumi:"keyTab"` // The kerberos server principal, e.g. 'HTTP/host.foo.com@FOO.LOCAL'. ServerPrincipal pulumi.StringInput `pulumi:"serverPrincipal"` // Use kerberos login module instead of ldap service api. Defaults to `false`. UseKerberosForPasswordAuthentication pulumi.BoolPtrInput `pulumi:"useKerberosForPasswordAuthentication"` }
func (UserFederationKerberosArgs) ElementType ¶
func (UserFederationKerberosArgs) ElementType() reflect.Type
func (UserFederationKerberosArgs) ToUserFederationKerberosOutput ¶
func (i UserFederationKerberosArgs) ToUserFederationKerberosOutput() UserFederationKerberosOutput
func (UserFederationKerberosArgs) ToUserFederationKerberosOutputWithContext ¶
func (i UserFederationKerberosArgs) ToUserFederationKerberosOutputWithContext(ctx context.Context) UserFederationKerberosOutput
func (UserFederationKerberosArgs) ToUserFederationKerberosPtrOutput ¶
func (i UserFederationKerberosArgs) ToUserFederationKerberosPtrOutput() UserFederationKerberosPtrOutput
func (UserFederationKerberosArgs) ToUserFederationKerberosPtrOutputWithContext ¶
func (i UserFederationKerberosArgs) ToUserFederationKerberosPtrOutputWithContext(ctx context.Context) UserFederationKerberosPtrOutput
type UserFederationKerberosInput ¶
type UserFederationKerberosInput interface { pulumi.Input ToUserFederationKerberosOutput() UserFederationKerberosOutput ToUserFederationKerberosOutputWithContext(context.Context) UserFederationKerberosOutput }
UserFederationKerberosInput is an input type that accepts UserFederationKerberosArgs and UserFederationKerberosOutput values. You can construct a concrete instance of `UserFederationKerberosInput` via:
UserFederationKerberosArgs{...}
type UserFederationKerberosOutput ¶
type UserFederationKerberosOutput struct{ *pulumi.OutputState }
func (UserFederationKerberosOutput) ElementType ¶
func (UserFederationKerberosOutput) ElementType() reflect.Type
func (UserFederationKerberosOutput) KerberosRealm ¶
func (o UserFederationKerberosOutput) KerberosRealm() pulumi.StringOutput
The name of the kerberos realm, e.g. FOO.LOCAL.
func (UserFederationKerberosOutput) KeyTab ¶
func (o UserFederationKerberosOutput) KeyTab() pulumi.StringOutput
Path to the kerberos keytab file on the server with credentials of the service principal.
func (UserFederationKerberosOutput) ServerPrincipal ¶
func (o UserFederationKerberosOutput) ServerPrincipal() pulumi.StringOutput
The kerberos server principal, e.g. 'HTTP/host.foo.com@FOO.LOCAL'.
func (UserFederationKerberosOutput) ToUserFederationKerberosOutput ¶
func (o UserFederationKerberosOutput) ToUserFederationKerberosOutput() UserFederationKerberosOutput
func (UserFederationKerberosOutput) ToUserFederationKerberosOutputWithContext ¶
func (o UserFederationKerberosOutput) ToUserFederationKerberosOutputWithContext(ctx context.Context) UserFederationKerberosOutput
func (UserFederationKerberosOutput) ToUserFederationKerberosPtrOutput ¶
func (o UserFederationKerberosOutput) ToUserFederationKerberosPtrOutput() UserFederationKerberosPtrOutput
func (UserFederationKerberosOutput) ToUserFederationKerberosPtrOutputWithContext ¶
func (o UserFederationKerberosOutput) ToUserFederationKerberosPtrOutputWithContext(ctx context.Context) UserFederationKerberosPtrOutput
func (UserFederationKerberosOutput) UseKerberosForPasswordAuthentication ¶
func (o UserFederationKerberosOutput) UseKerberosForPasswordAuthentication() pulumi.BoolPtrOutput
Use kerberos login module instead of ldap service api. Defaults to `false`.
type UserFederationKerberosPtrInput ¶
type UserFederationKerberosPtrInput interface { pulumi.Input ToUserFederationKerberosPtrOutput() UserFederationKerberosPtrOutput ToUserFederationKerberosPtrOutputWithContext(context.Context) UserFederationKerberosPtrOutput }
UserFederationKerberosPtrInput is an input type that accepts UserFederationKerberosArgs, UserFederationKerberosPtr and UserFederationKerberosPtrOutput values. You can construct a concrete instance of `UserFederationKerberosPtrInput` via:
UserFederationKerberosArgs{...} or: nil
func UserFederationKerberosPtr ¶
func UserFederationKerberosPtr(v *UserFederationKerberosArgs) UserFederationKerberosPtrInput
type UserFederationKerberosPtrOutput ¶
type UserFederationKerberosPtrOutput struct{ *pulumi.OutputState }
func (UserFederationKerberosPtrOutput) Elem ¶
func (o UserFederationKerberosPtrOutput) Elem() UserFederationKerberosOutput
func (UserFederationKerberosPtrOutput) ElementType ¶
func (UserFederationKerberosPtrOutput) ElementType() reflect.Type
func (UserFederationKerberosPtrOutput) KerberosRealm ¶
func (o UserFederationKerberosPtrOutput) KerberosRealm() pulumi.StringPtrOutput
The name of the kerberos realm, e.g. FOO.LOCAL.
func (UserFederationKerberosPtrOutput) KeyTab ¶
func (o UserFederationKerberosPtrOutput) KeyTab() pulumi.StringPtrOutput
Path to the kerberos keytab file on the server with credentials of the service principal.
func (UserFederationKerberosPtrOutput) ServerPrincipal ¶
func (o UserFederationKerberosPtrOutput) ServerPrincipal() pulumi.StringPtrOutput
The kerberos server principal, e.g. 'HTTP/host.foo.com@FOO.LOCAL'.
func (UserFederationKerberosPtrOutput) ToUserFederationKerberosPtrOutput ¶
func (o UserFederationKerberosPtrOutput) ToUserFederationKerberosPtrOutput() UserFederationKerberosPtrOutput
func (UserFederationKerberosPtrOutput) ToUserFederationKerberosPtrOutputWithContext ¶
func (o UserFederationKerberosPtrOutput) ToUserFederationKerberosPtrOutputWithContext(ctx context.Context) UserFederationKerberosPtrOutput
func (UserFederationKerberosPtrOutput) UseKerberosForPasswordAuthentication ¶
func (o UserFederationKerberosPtrOutput) UseKerberosForPasswordAuthentication() pulumi.BoolPtrOutput
Use kerberos login module instead of ldap service api. Defaults to `false`.
type UserFederationMap ¶ added in v3.4.1
type UserFederationMap map[string]UserFederationInput
func (UserFederationMap) ElementType ¶ added in v3.4.1
func (UserFederationMap) ElementType() reflect.Type
func (UserFederationMap) ToUserFederationMapOutput ¶ added in v3.4.1
func (i UserFederationMap) ToUserFederationMapOutput() UserFederationMapOutput
func (UserFederationMap) ToUserFederationMapOutputWithContext ¶ added in v3.4.1
func (i UserFederationMap) ToUserFederationMapOutputWithContext(ctx context.Context) UserFederationMapOutput
type UserFederationMapInput ¶ added in v3.4.1
type UserFederationMapInput interface { pulumi.Input ToUserFederationMapOutput() UserFederationMapOutput ToUserFederationMapOutputWithContext(context.Context) UserFederationMapOutput }
UserFederationMapInput is an input type that accepts UserFederationMap and UserFederationMapOutput values. You can construct a concrete instance of `UserFederationMapInput` via:
UserFederationMap{ "key": UserFederationArgs{...} }
type UserFederationMapOutput ¶ added in v3.4.1
type UserFederationMapOutput struct{ *pulumi.OutputState }
func (UserFederationMapOutput) ElementType ¶ added in v3.4.1
func (UserFederationMapOutput) ElementType() reflect.Type
func (UserFederationMapOutput) MapIndex ¶ added in v3.4.1
func (o UserFederationMapOutput) MapIndex(k pulumi.StringInput) UserFederationOutput
func (UserFederationMapOutput) ToUserFederationMapOutput ¶ added in v3.4.1
func (o UserFederationMapOutput) ToUserFederationMapOutput() UserFederationMapOutput
func (UserFederationMapOutput) ToUserFederationMapOutputWithContext ¶ added in v3.4.1
func (o UserFederationMapOutput) ToUserFederationMapOutputWithContext(ctx context.Context) UserFederationMapOutput
type UserFederationOutput ¶ added in v3.1.1
type UserFederationOutput struct {
*pulumi.OutputState
}
func (UserFederationOutput) ElementType ¶ added in v3.1.1
func (UserFederationOutput) ElementType() reflect.Type
func (UserFederationOutput) ToUserFederationOutput ¶ added in v3.1.1
func (o UserFederationOutput) ToUserFederationOutput() UserFederationOutput
func (UserFederationOutput) ToUserFederationOutputWithContext ¶ added in v3.1.1
func (o UserFederationOutput) ToUserFederationOutputWithContext(ctx context.Context) UserFederationOutput
func (UserFederationOutput) ToUserFederationPtrOutput ¶ added in v3.4.1
func (o UserFederationOutput) ToUserFederationPtrOutput() UserFederationPtrOutput
func (UserFederationOutput) ToUserFederationPtrOutputWithContext ¶ added in v3.4.1
func (o UserFederationOutput) ToUserFederationPtrOutputWithContext(ctx context.Context) UserFederationPtrOutput
type UserFederationPtrInput ¶ added in v3.4.1
type UserFederationPtrInput interface { pulumi.Input ToUserFederationPtrOutput() UserFederationPtrOutput ToUserFederationPtrOutputWithContext(ctx context.Context) UserFederationPtrOutput }
type UserFederationPtrOutput ¶ added in v3.4.1
type UserFederationPtrOutput struct {
*pulumi.OutputState
}
func (UserFederationPtrOutput) ElementType ¶ added in v3.4.1
func (UserFederationPtrOutput) ElementType() reflect.Type
func (UserFederationPtrOutput) ToUserFederationPtrOutput ¶ added in v3.4.1
func (o UserFederationPtrOutput) ToUserFederationPtrOutput() UserFederationPtrOutput
func (UserFederationPtrOutput) ToUserFederationPtrOutputWithContext ¶ added in v3.4.1
func (o UserFederationPtrOutput) ToUserFederationPtrOutputWithContext(ctx context.Context) UserFederationPtrOutput
type UserFederationState ¶
type UserFederationState struct { // The number of users to sync within a single transaction. Defaults to `1000`. BatchSizeForSync pulumi.IntPtrInput // Password of LDAP admin. This attribute must be set if `bindDn` is set. BindCredential pulumi.StringPtrInput // DN of LDAP admin, which will be used by Keycloak to access LDAP server. This attribute must be set if `bindCredential` is set. BindDn pulumi.StringPtrInput // A block containing the cache settings. Cache UserFederationCachePtrInput // **Deprecated** Can be one of `DEFAULT`, `EVICT_DAILY`, `EVICT_WEEKLY`, `MAX_LIFESPAN`, or `NO_CACHE`. Defaults to `DEFAULT`. // // Deprecated: use cache.policy instead CachePolicy pulumi.StringPtrInput // How frequently Keycloak should sync changed LDAP users, in seconds. Omit this property to disable periodic changed users sync. ChangedSyncPeriod pulumi.IntPtrInput // LDAP connection timeout in the format of a [Go duration string](https://golang.org/pkg/time/#Duration.String). ConnectionTimeout pulumi.StringPtrInput // Connection URL to the LDAP server. ConnectionUrl pulumi.StringPtrInput // Additional LDAP filter for filtering searched users. Must begin with `(` and end with `)`. CustomUserSearchFilter pulumi.StringPtrInput // Can be one of `READ_ONLY`, `WRITABLE`, or `UNSYNCED`. `UNSYNCED` allows user data to be imported but not synced back to LDAP. Defaults to `READ_ONLY`. EditMode pulumi.StringPtrInput // When `false`, this provider will not be used when performing queries for users. Defaults to `true`. Enabled pulumi.BoolPtrInput // How frequently Keycloak should sync all LDAP users, in seconds. Omit this property to disable periodic full sync. FullSyncPeriod pulumi.IntPtrInput // When `true`, LDAP users will be imported into the Keycloak database. Defaults to `true`. ImportEnabled pulumi.BoolPtrInput // A block containing the kerberos settings. Kerberos UserFederationKerberosPtrInput // Display name of the provider when displayed in the console. Name pulumi.StringPtrInput // When true, Keycloak assumes the LDAP server supports pagination. Defaults to `true`. Pagination pulumi.BoolPtrInput // Priority of this provider when looking up users. Lower values are first. Defaults to `0`. Priority pulumi.IntPtrInput // Name of the LDAP attribute to use as the relative distinguished name. RdnLdapAttribute pulumi.StringPtrInput // LDAP read timeout in the format of a [Go duration string](https://golang.org/pkg/time/#Duration.String). ReadTimeout pulumi.StringPtrInput // The realm that this provider will provide user federation for. RealmId pulumi.StringPtrInput // Can be one of `ONE_LEVEL` or `SUBTREE`: // - `ONE_LEVEL`: Only search for users in the DN specified by `userDn`. // - `SUBTREE`: Search entire LDAP subtree. SearchScope pulumi.StringPtrInput // When `true`, newly created users will be synced back to LDAP. Defaults to `false`. SyncRegistrations pulumi.BoolPtrInput // Can be one of `ALWAYS`, `ONLY_FOR_LDAPS`, or `NEVER`: UseTruststoreSpi pulumi.StringPtrInput // Array of all values of LDAP objectClass attribute for users in LDAP. Must contain at least one. UserObjectClasses pulumi.StringArrayInput // Name of the LDAP attribute to use as the Keycloak username. UsernameLdapAttribute pulumi.StringPtrInput // Full DN of LDAP tree where your users are. UsersDn pulumi.StringPtrInput // Name of the LDAP attribute to use as a unique object identifier for objects in LDAP. UuidLdapAttribute pulumi.StringPtrInput // When `true`, Keycloak will validate passwords using the realm policy before updating it. ValidatePasswordPolicy pulumi.BoolPtrInput // Can be one of `OTHER`, `EDIRECTORY`, `AD`, `RHDS`, or `TIVOLI`. When this is selected in the GUI, it provides reasonable defaults for other fields. When used with the Keycloak API, this attribute does nothing, but is still required. Defaults to `OTHER`. Vendor pulumi.StringPtrInput }
func (UserFederationState) ElementType ¶
func (UserFederationState) ElementType() reflect.Type