Documentation ¶
Index ¶
- type Entity
- type EntityAlias
- type EntityAliasArgs
- type EntityAliasArray
- type EntityAliasArrayInput
- type EntityAliasArrayOutput
- func (EntityAliasArrayOutput) ElementType() reflect.Type
- func (o EntityAliasArrayOutput) Index(i pulumi.IntInput) EntityAliasOutput
- func (o EntityAliasArrayOutput) ToEntityAliasArrayOutput() EntityAliasArrayOutput
- func (o EntityAliasArrayOutput) ToEntityAliasArrayOutputWithContext(ctx context.Context) EntityAliasArrayOutput
- type EntityAliasInput
- type EntityAliasMap
- type EntityAliasMapInput
- type EntityAliasMapOutput
- func (EntityAliasMapOutput) ElementType() reflect.Type
- func (o EntityAliasMapOutput) MapIndex(k pulumi.StringInput) EntityAliasOutput
- func (o EntityAliasMapOutput) ToEntityAliasMapOutput() EntityAliasMapOutput
- func (o EntityAliasMapOutput) ToEntityAliasMapOutputWithContext(ctx context.Context) EntityAliasMapOutput
- type EntityAliasOutput
- func (o EntityAliasOutput) CanonicalId() pulumi.StringOutput
- func (o EntityAliasOutput) CustomMetadata() pulumi.StringMapOutput
- func (EntityAliasOutput) ElementType() reflect.Type
- func (o EntityAliasOutput) MountAccessor() pulumi.StringOutput
- func (o EntityAliasOutput) Name() pulumi.StringOutput
- func (o EntityAliasOutput) Namespace() pulumi.StringPtrOutput
- func (o EntityAliasOutput) ToEntityAliasOutput() EntityAliasOutput
- func (o EntityAliasOutput) ToEntityAliasOutputWithContext(ctx context.Context) EntityAliasOutput
- type EntityAliasState
- type EntityArgs
- type EntityArray
- type EntityArrayInput
- type EntityArrayOutput
- type EntityInput
- type EntityMap
- type EntityMapInput
- type EntityMapOutput
- type EntityOutput
- func (o EntityOutput) Disabled() pulumi.BoolPtrOutput
- func (EntityOutput) ElementType() reflect.Type
- func (o EntityOutput) ExternalPolicies() pulumi.BoolPtrOutput
- func (o EntityOutput) Metadata() pulumi.StringMapOutput
- func (o EntityOutput) Name() pulumi.StringOutput
- func (o EntityOutput) Namespace() pulumi.StringPtrOutput
- func (o EntityOutput) Policies() pulumi.StringArrayOutput
- func (o EntityOutput) ToEntityOutput() EntityOutput
- func (o EntityOutput) ToEntityOutputWithContext(ctx context.Context) EntityOutput
- type EntityPolicies
- type EntityPoliciesArgs
- type EntityPoliciesArray
- type EntityPoliciesArrayInput
- type EntityPoliciesArrayOutput
- func (EntityPoliciesArrayOutput) ElementType() reflect.Type
- func (o EntityPoliciesArrayOutput) Index(i pulumi.IntInput) EntityPoliciesOutput
- func (o EntityPoliciesArrayOutput) ToEntityPoliciesArrayOutput() EntityPoliciesArrayOutput
- func (o EntityPoliciesArrayOutput) ToEntityPoliciesArrayOutputWithContext(ctx context.Context) EntityPoliciesArrayOutput
- type EntityPoliciesInput
- type EntityPoliciesMap
- type EntityPoliciesMapInput
- type EntityPoliciesMapOutput
- func (EntityPoliciesMapOutput) ElementType() reflect.Type
- func (o EntityPoliciesMapOutput) MapIndex(k pulumi.StringInput) EntityPoliciesOutput
- func (o EntityPoliciesMapOutput) ToEntityPoliciesMapOutput() EntityPoliciesMapOutput
- func (o EntityPoliciesMapOutput) ToEntityPoliciesMapOutputWithContext(ctx context.Context) EntityPoliciesMapOutput
- type EntityPoliciesOutput
- func (EntityPoliciesOutput) ElementType() reflect.Type
- func (o EntityPoliciesOutput) EntityId() pulumi.StringOutput
- func (o EntityPoliciesOutput) EntityName() pulumi.StringOutput
- func (o EntityPoliciesOutput) Exclusive() pulumi.BoolPtrOutput
- func (o EntityPoliciesOutput) Namespace() pulumi.StringPtrOutput
- func (o EntityPoliciesOutput) Policies() pulumi.StringArrayOutput
- func (o EntityPoliciesOutput) ToEntityPoliciesOutput() EntityPoliciesOutput
- func (o EntityPoliciesOutput) ToEntityPoliciesOutputWithContext(ctx context.Context) EntityPoliciesOutput
- type EntityPoliciesState
- type EntityState
- type GetEntityAliasType
- type GetEntityAliasTypeArgs
- type GetEntityAliasTypeArray
- type GetEntityAliasTypeArrayInput
- type GetEntityAliasTypeArrayOutput
- func (GetEntityAliasTypeArrayOutput) ElementType() reflect.Type
- func (o GetEntityAliasTypeArrayOutput) Index(i pulumi.IntInput) GetEntityAliasTypeOutput
- func (o GetEntityAliasTypeArrayOutput) ToGetEntityAliasTypeArrayOutput() GetEntityAliasTypeArrayOutput
- func (o GetEntityAliasTypeArrayOutput) ToGetEntityAliasTypeArrayOutputWithContext(ctx context.Context) GetEntityAliasTypeArrayOutput
- type GetEntityAliasTypeInput
- type GetEntityAliasTypeOutput
- func (o GetEntityAliasTypeOutput) CanonicalId() pulumi.StringOutput
- func (o GetEntityAliasTypeOutput) CreationTime() pulumi.StringOutput
- func (GetEntityAliasTypeOutput) ElementType() reflect.Type
- func (o GetEntityAliasTypeOutput) Id() pulumi.StringOutput
- func (o GetEntityAliasTypeOutput) LastUpdateTime() pulumi.StringOutput
- func (o GetEntityAliasTypeOutput) MergedFromCanonicalIds() pulumi.StringArrayOutput
- func (o GetEntityAliasTypeOutput) Metadata() pulumi.MapOutput
- func (o GetEntityAliasTypeOutput) MountAccessor() pulumi.StringOutput
- func (o GetEntityAliasTypeOutput) MountPath() pulumi.StringOutput
- func (o GetEntityAliasTypeOutput) MountType() pulumi.StringOutput
- func (o GetEntityAliasTypeOutput) Name() pulumi.StringOutput
- func (o GetEntityAliasTypeOutput) ToGetEntityAliasTypeOutput() GetEntityAliasTypeOutput
- func (o GetEntityAliasTypeOutput) ToGetEntityAliasTypeOutputWithContext(ctx context.Context) GetEntityAliasTypeOutput
- type GetOidcClientCredsArgs
- type GetOidcClientCredsOutputArgs
- type GetOidcClientCredsResult
- type GetOidcClientCredsResultOutput
- func (o GetOidcClientCredsResultOutput) ClientId() pulumi.StringOutput
- func (o GetOidcClientCredsResultOutput) ClientSecret() pulumi.StringOutput
- func (GetOidcClientCredsResultOutput) ElementType() reflect.Type
- func (o GetOidcClientCredsResultOutput) Id() pulumi.StringOutput
- func (o GetOidcClientCredsResultOutput) Name() pulumi.StringOutput
- func (o GetOidcClientCredsResultOutput) Namespace() pulumi.StringPtrOutput
- func (o GetOidcClientCredsResultOutput) ToGetOidcClientCredsResultOutput() GetOidcClientCredsResultOutput
- func (o GetOidcClientCredsResultOutput) ToGetOidcClientCredsResultOutputWithContext(ctx context.Context) GetOidcClientCredsResultOutput
- type GetOidcOpenidConfigArgs
- type GetOidcOpenidConfigOutputArgs
- type GetOidcOpenidConfigResult
- type GetOidcOpenidConfigResultOutput
- func (o GetOidcOpenidConfigResultOutput) AuthorizationEndpoint() pulumi.StringOutput
- func (GetOidcOpenidConfigResultOutput) ElementType() reflect.Type
- func (o GetOidcOpenidConfigResultOutput) GrantTypesSupporteds() pulumi.StringArrayOutput
- func (o GetOidcOpenidConfigResultOutput) Id() pulumi.StringOutput
- func (o GetOidcOpenidConfigResultOutput) IdTokenSigningAlgValuesSupporteds() pulumi.StringArrayOutput
- func (o GetOidcOpenidConfigResultOutput) Issuer() pulumi.StringOutput
- func (o GetOidcOpenidConfigResultOutput) JwksUri() pulumi.StringOutput
- func (o GetOidcOpenidConfigResultOutput) Name() pulumi.StringOutput
- func (o GetOidcOpenidConfigResultOutput) Namespace() pulumi.StringPtrOutput
- func (o GetOidcOpenidConfigResultOutput) RequestUriParameterSupported() pulumi.BoolOutput
- func (o GetOidcOpenidConfigResultOutput) ResponseTypesSupporteds() pulumi.StringArrayOutput
- func (o GetOidcOpenidConfigResultOutput) ScopesSupporteds() pulumi.StringArrayOutput
- func (o GetOidcOpenidConfigResultOutput) SubjectTypesSupporteds() pulumi.StringArrayOutput
- func (o GetOidcOpenidConfigResultOutput) ToGetOidcOpenidConfigResultOutput() GetOidcOpenidConfigResultOutput
- func (o GetOidcOpenidConfigResultOutput) ToGetOidcOpenidConfigResultOutputWithContext(ctx context.Context) GetOidcOpenidConfigResultOutput
- func (o GetOidcOpenidConfigResultOutput) TokenEndpoint() pulumi.StringOutput
- func (o GetOidcOpenidConfigResultOutput) TokenEndpointAuthMethodsSupporteds() pulumi.StringArrayOutput
- func (o GetOidcOpenidConfigResultOutput) UserinfoEndpoint() pulumi.StringOutput
- type GetOidcPublicKeysArgs
- type GetOidcPublicKeysOutputArgs
- type GetOidcPublicKeysResult
- type GetOidcPublicKeysResultOutput
- func (GetOidcPublicKeysResultOutput) ElementType() reflect.Type
- func (o GetOidcPublicKeysResultOutput) Id() pulumi.StringOutput
- func (o GetOidcPublicKeysResultOutput) Keys() pulumi.MapArrayOutput
- func (o GetOidcPublicKeysResultOutput) Name() pulumi.StringOutput
- func (o GetOidcPublicKeysResultOutput) Namespace() pulumi.StringPtrOutput
- func (o GetOidcPublicKeysResultOutput) ToGetOidcPublicKeysResultOutput() GetOidcPublicKeysResultOutput
- func (o GetOidcPublicKeysResultOutput) ToGetOidcPublicKeysResultOutputWithContext(ctx context.Context) GetOidcPublicKeysResultOutput
- type Group
- type GroupAlias
- type GroupAliasArgs
- type GroupAliasArray
- type GroupAliasArrayInput
- type GroupAliasArrayOutput
- func (GroupAliasArrayOutput) ElementType() reflect.Type
- func (o GroupAliasArrayOutput) Index(i pulumi.IntInput) GroupAliasOutput
- func (o GroupAliasArrayOutput) ToGroupAliasArrayOutput() GroupAliasArrayOutput
- func (o GroupAliasArrayOutput) ToGroupAliasArrayOutputWithContext(ctx context.Context) GroupAliasArrayOutput
- type GroupAliasInput
- type GroupAliasMap
- type GroupAliasMapInput
- type GroupAliasMapOutput
- func (GroupAliasMapOutput) ElementType() reflect.Type
- func (o GroupAliasMapOutput) MapIndex(k pulumi.StringInput) GroupAliasOutput
- func (o GroupAliasMapOutput) ToGroupAliasMapOutput() GroupAliasMapOutput
- func (o GroupAliasMapOutput) ToGroupAliasMapOutputWithContext(ctx context.Context) GroupAliasMapOutput
- type GroupAliasOutput
- func (o GroupAliasOutput) CanonicalId() pulumi.StringOutput
- func (GroupAliasOutput) ElementType() reflect.Type
- func (o GroupAliasOutput) MountAccessor() pulumi.StringOutput
- func (o GroupAliasOutput) Name() pulumi.StringOutput
- func (o GroupAliasOutput) Namespace() pulumi.StringPtrOutput
- func (o GroupAliasOutput) ToGroupAliasOutput() GroupAliasOutput
- func (o GroupAliasOutput) ToGroupAliasOutputWithContext(ctx context.Context) GroupAliasOutput
- type GroupAliasState
- type GroupArgs
- type GroupArray
- type GroupArrayInput
- type GroupArrayOutput
- type GroupInput
- type GroupMap
- type GroupMapInput
- type GroupMapOutput
- type GroupMemberEntityIds
- type GroupMemberEntityIdsArgs
- type GroupMemberEntityIdsArray
- type GroupMemberEntityIdsArrayInput
- type GroupMemberEntityIdsArrayOutput
- func (GroupMemberEntityIdsArrayOutput) ElementType() reflect.Type
- func (o GroupMemberEntityIdsArrayOutput) Index(i pulumi.IntInput) GroupMemberEntityIdsOutput
- func (o GroupMemberEntityIdsArrayOutput) ToGroupMemberEntityIdsArrayOutput() GroupMemberEntityIdsArrayOutput
- func (o GroupMemberEntityIdsArrayOutput) ToGroupMemberEntityIdsArrayOutputWithContext(ctx context.Context) GroupMemberEntityIdsArrayOutput
- type GroupMemberEntityIdsInput
- type GroupMemberEntityIdsMap
- type GroupMemberEntityIdsMapInput
- type GroupMemberEntityIdsMapOutput
- func (GroupMemberEntityIdsMapOutput) ElementType() reflect.Type
- func (o GroupMemberEntityIdsMapOutput) MapIndex(k pulumi.StringInput) GroupMemberEntityIdsOutput
- func (o GroupMemberEntityIdsMapOutput) ToGroupMemberEntityIdsMapOutput() GroupMemberEntityIdsMapOutput
- func (o GroupMemberEntityIdsMapOutput) ToGroupMemberEntityIdsMapOutputWithContext(ctx context.Context) GroupMemberEntityIdsMapOutput
- type GroupMemberEntityIdsOutput
- func (GroupMemberEntityIdsOutput) ElementType() reflect.Type
- func (o GroupMemberEntityIdsOutput) Exclusive() pulumi.BoolPtrOutput
- func (o GroupMemberEntityIdsOutput) GroupId() pulumi.StringOutput
- func (o GroupMemberEntityIdsOutput) MemberEntityIds() pulumi.StringArrayOutput
- func (o GroupMemberEntityIdsOutput) Namespace() pulumi.StringPtrOutput
- func (o GroupMemberEntityIdsOutput) ToGroupMemberEntityIdsOutput() GroupMemberEntityIdsOutput
- func (o GroupMemberEntityIdsOutput) ToGroupMemberEntityIdsOutputWithContext(ctx context.Context) GroupMemberEntityIdsOutput
- type GroupMemberEntityIdsState
- type GroupMemberGroupIds
- type GroupMemberGroupIdsArgs
- type GroupMemberGroupIdsArray
- type GroupMemberGroupIdsArrayInput
- type GroupMemberGroupIdsArrayOutput
- func (GroupMemberGroupIdsArrayOutput) ElementType() reflect.Type
- func (o GroupMemberGroupIdsArrayOutput) Index(i pulumi.IntInput) GroupMemberGroupIdsOutput
- func (o GroupMemberGroupIdsArrayOutput) ToGroupMemberGroupIdsArrayOutput() GroupMemberGroupIdsArrayOutput
- func (o GroupMemberGroupIdsArrayOutput) ToGroupMemberGroupIdsArrayOutputWithContext(ctx context.Context) GroupMemberGroupIdsArrayOutput
- type GroupMemberGroupIdsInput
- type GroupMemberGroupIdsMap
- type GroupMemberGroupIdsMapInput
- type GroupMemberGroupIdsMapOutput
- func (GroupMemberGroupIdsMapOutput) ElementType() reflect.Type
- func (o GroupMemberGroupIdsMapOutput) MapIndex(k pulumi.StringInput) GroupMemberGroupIdsOutput
- func (o GroupMemberGroupIdsMapOutput) ToGroupMemberGroupIdsMapOutput() GroupMemberGroupIdsMapOutput
- func (o GroupMemberGroupIdsMapOutput) ToGroupMemberGroupIdsMapOutputWithContext(ctx context.Context) GroupMemberGroupIdsMapOutput
- type GroupMemberGroupIdsOutput
- func (GroupMemberGroupIdsOutput) ElementType() reflect.Type
- func (o GroupMemberGroupIdsOutput) Exclusive() pulumi.BoolPtrOutput
- func (o GroupMemberGroupIdsOutput) GroupId() pulumi.StringOutput
- func (o GroupMemberGroupIdsOutput) MemberGroupIds() pulumi.StringArrayOutput
- func (o GroupMemberGroupIdsOutput) Namespace() pulumi.StringPtrOutput
- func (o GroupMemberGroupIdsOutput) ToGroupMemberGroupIdsOutput() GroupMemberGroupIdsOutput
- func (o GroupMemberGroupIdsOutput) ToGroupMemberGroupIdsOutputWithContext(ctx context.Context) GroupMemberGroupIdsOutput
- type GroupMemberGroupIdsState
- type GroupOutput
- func (GroupOutput) ElementType() reflect.Type
- func (o GroupOutput) ExternalMemberEntityIds() pulumi.BoolPtrOutput
- func (o GroupOutput) ExternalMemberGroupIds() pulumi.BoolPtrOutput
- func (o GroupOutput) ExternalPolicies() pulumi.BoolPtrOutput
- func (o GroupOutput) MemberEntityIds() pulumi.StringArrayOutput
- func (o GroupOutput) MemberGroupIds() pulumi.StringArrayOutput
- func (o GroupOutput) Metadata() pulumi.StringMapOutput
- func (o GroupOutput) Name() pulumi.StringOutput
- func (o GroupOutput) Namespace() pulumi.StringPtrOutput
- func (o GroupOutput) Policies() pulumi.StringArrayOutput
- func (o GroupOutput) ToGroupOutput() GroupOutput
- func (o GroupOutput) ToGroupOutputWithContext(ctx context.Context) GroupOutput
- func (o GroupOutput) Type() pulumi.StringPtrOutput
- type GroupPolicies
- type GroupPoliciesArgs
- type GroupPoliciesArray
- type GroupPoliciesArrayInput
- type GroupPoliciesArrayOutput
- func (GroupPoliciesArrayOutput) ElementType() reflect.Type
- func (o GroupPoliciesArrayOutput) Index(i pulumi.IntInput) GroupPoliciesOutput
- func (o GroupPoliciesArrayOutput) ToGroupPoliciesArrayOutput() GroupPoliciesArrayOutput
- func (o GroupPoliciesArrayOutput) ToGroupPoliciesArrayOutputWithContext(ctx context.Context) GroupPoliciesArrayOutput
- type GroupPoliciesInput
- type GroupPoliciesMap
- type GroupPoliciesMapInput
- type GroupPoliciesMapOutput
- func (GroupPoliciesMapOutput) ElementType() reflect.Type
- func (o GroupPoliciesMapOutput) MapIndex(k pulumi.StringInput) GroupPoliciesOutput
- func (o GroupPoliciesMapOutput) ToGroupPoliciesMapOutput() GroupPoliciesMapOutput
- func (o GroupPoliciesMapOutput) ToGroupPoliciesMapOutputWithContext(ctx context.Context) GroupPoliciesMapOutput
- type GroupPoliciesOutput
- func (GroupPoliciesOutput) ElementType() reflect.Type
- func (o GroupPoliciesOutput) Exclusive() pulumi.BoolPtrOutput
- func (o GroupPoliciesOutput) GroupId() pulumi.StringOutput
- func (o GroupPoliciesOutput) GroupName() pulumi.StringOutput
- func (o GroupPoliciesOutput) Namespace() pulumi.StringPtrOutput
- func (o GroupPoliciesOutput) Policies() pulumi.StringArrayOutput
- func (o GroupPoliciesOutput) ToGroupPoliciesOutput() GroupPoliciesOutput
- func (o GroupPoliciesOutput) ToGroupPoliciesOutputWithContext(ctx context.Context) GroupPoliciesOutput
- type GroupPoliciesState
- type GroupState
- type LookupEntityArgs
- type LookupEntityOutputArgs
- type LookupEntityResult
- type LookupEntityResultOutput
- func (o LookupEntityResultOutput) AliasId() pulumi.StringOutput
- func (o LookupEntityResultOutput) AliasMountAccessor() pulumi.StringOutput
- func (o LookupEntityResultOutput) AliasName() pulumi.StringOutput
- func (o LookupEntityResultOutput) Aliases() GetEntityAliasTypeArrayOutput
- func (o LookupEntityResultOutput) CreationTime() pulumi.StringOutput
- func (o LookupEntityResultOutput) DataJson() pulumi.StringOutput
- func (o LookupEntityResultOutput) DirectGroupIds() pulumi.StringArrayOutput
- func (o LookupEntityResultOutput) Disabled() pulumi.BoolOutput
- func (LookupEntityResultOutput) ElementType() reflect.Type
- func (o LookupEntityResultOutput) EntityId() pulumi.StringOutput
- func (o LookupEntityResultOutput) EntityName() pulumi.StringOutput
- func (o LookupEntityResultOutput) GroupIds() pulumi.StringArrayOutput
- func (o LookupEntityResultOutput) Id() pulumi.StringOutput
- func (o LookupEntityResultOutput) InheritedGroupIds() pulumi.StringArrayOutput
- func (o LookupEntityResultOutput) LastUpdateTime() pulumi.StringOutput
- func (o LookupEntityResultOutput) MergedEntityIds() pulumi.StringArrayOutput
- func (o LookupEntityResultOutput) Metadata() pulumi.MapOutput
- func (o LookupEntityResultOutput) Namespace() pulumi.StringPtrOutput
- func (o LookupEntityResultOutput) NamespaceId() pulumi.StringOutput
- func (o LookupEntityResultOutput) Policies() pulumi.StringArrayOutput
- func (o LookupEntityResultOutput) ToLookupEntityResultOutput() LookupEntityResultOutput
- func (o LookupEntityResultOutput) ToLookupEntityResultOutputWithContext(ctx context.Context) LookupEntityResultOutput
- type LookupGroupArgs
- type LookupGroupOutputArgs
- type LookupGroupResult
- type LookupGroupResultOutput
- func (o LookupGroupResultOutput) AliasCanonicalId() pulumi.StringOutput
- func (o LookupGroupResultOutput) AliasCreationTime() pulumi.StringOutput
- func (o LookupGroupResultOutput) AliasId() pulumi.StringOutput
- func (o LookupGroupResultOutput) AliasLastUpdateTime() pulumi.StringOutput
- func (o LookupGroupResultOutput) AliasMergedFromCanonicalIds() pulumi.StringArrayOutput
- func (o LookupGroupResultOutput) AliasMetadata() pulumi.MapOutput
- func (o LookupGroupResultOutput) AliasMountAccessor() pulumi.StringOutput
- func (o LookupGroupResultOutput) AliasMountPath() pulumi.StringOutput
- func (o LookupGroupResultOutput) AliasMountType() pulumi.StringOutput
- func (o LookupGroupResultOutput) AliasName() pulumi.StringOutput
- func (o LookupGroupResultOutput) CreationTime() pulumi.StringOutput
- func (o LookupGroupResultOutput) DataJson() pulumi.StringOutput
- func (LookupGroupResultOutput) ElementType() reflect.Type
- func (o LookupGroupResultOutput) GroupId() pulumi.StringOutput
- func (o LookupGroupResultOutput) GroupName() pulumi.StringOutput
- func (o LookupGroupResultOutput) Id() pulumi.StringOutput
- func (o LookupGroupResultOutput) LastUpdateTime() pulumi.StringOutput
- func (o LookupGroupResultOutput) MemberEntityIds() pulumi.StringArrayOutput
- func (o LookupGroupResultOutput) MemberGroupIds() pulumi.StringArrayOutput
- func (o LookupGroupResultOutput) Metadata() pulumi.MapOutput
- func (o LookupGroupResultOutput) ModifyIndex() pulumi.IntOutput
- func (o LookupGroupResultOutput) Namespace() pulumi.StringPtrOutput
- func (o LookupGroupResultOutput) NamespaceId() pulumi.StringOutput
- func (o LookupGroupResultOutput) ParentGroupIds() pulumi.StringArrayOutput
- func (o LookupGroupResultOutput) Policies() pulumi.StringArrayOutput
- func (o LookupGroupResultOutput) ToLookupGroupResultOutput() LookupGroupResultOutput
- func (o LookupGroupResultOutput) ToLookupGroupResultOutputWithContext(ctx context.Context) LookupGroupResultOutput
- func (o LookupGroupResultOutput) Type() pulumi.StringOutput
- type MfaDuo
- type MfaDuoArgs
- type MfaDuoArray
- type MfaDuoArrayInput
- type MfaDuoArrayOutput
- type MfaDuoInput
- type MfaDuoMap
- type MfaDuoMapInput
- type MfaDuoMapOutput
- type MfaDuoOutput
- func (o MfaDuoOutput) ApiHostname() pulumi.StringOutput
- func (MfaDuoOutput) ElementType() reflect.Type
- func (o MfaDuoOutput) IntegrationKey() pulumi.StringOutput
- func (o MfaDuoOutput) MethodId() pulumi.StringOutput
- func (o MfaDuoOutput) MountAccessor() pulumi.StringOutput
- func (o MfaDuoOutput) Name() pulumi.StringOutput
- func (o MfaDuoOutput) Namespace() pulumi.StringPtrOutput
- func (o MfaDuoOutput) NamespaceId() pulumi.StringOutput
- func (o MfaDuoOutput) NamespacePath() pulumi.StringOutput
- func (o MfaDuoOutput) PushInfo() pulumi.StringPtrOutput
- func (o MfaDuoOutput) SecretKey() pulumi.StringOutput
- func (o MfaDuoOutput) ToMfaDuoOutput() MfaDuoOutput
- func (o MfaDuoOutput) ToMfaDuoOutputWithContext(ctx context.Context) MfaDuoOutput
- func (o MfaDuoOutput) Type() pulumi.StringOutput
- func (o MfaDuoOutput) UsePasscode() pulumi.BoolPtrOutput
- func (o MfaDuoOutput) UsernameFormat() pulumi.StringPtrOutput
- func (o MfaDuoOutput) Uuid() pulumi.StringOutput
- type MfaDuoState
- type MfaLoginEnforcement
- type MfaLoginEnforcementArgs
- type MfaLoginEnforcementArray
- type MfaLoginEnforcementArrayInput
- type MfaLoginEnforcementArrayOutput
- func (MfaLoginEnforcementArrayOutput) ElementType() reflect.Type
- func (o MfaLoginEnforcementArrayOutput) Index(i pulumi.IntInput) MfaLoginEnforcementOutput
- func (o MfaLoginEnforcementArrayOutput) ToMfaLoginEnforcementArrayOutput() MfaLoginEnforcementArrayOutput
- func (o MfaLoginEnforcementArrayOutput) ToMfaLoginEnforcementArrayOutputWithContext(ctx context.Context) MfaLoginEnforcementArrayOutput
- type MfaLoginEnforcementInput
- type MfaLoginEnforcementMap
- type MfaLoginEnforcementMapInput
- type MfaLoginEnforcementMapOutput
- func (MfaLoginEnforcementMapOutput) ElementType() reflect.Type
- func (o MfaLoginEnforcementMapOutput) MapIndex(k pulumi.StringInput) MfaLoginEnforcementOutput
- func (o MfaLoginEnforcementMapOutput) ToMfaLoginEnforcementMapOutput() MfaLoginEnforcementMapOutput
- func (o MfaLoginEnforcementMapOutput) ToMfaLoginEnforcementMapOutputWithContext(ctx context.Context) MfaLoginEnforcementMapOutput
- type MfaLoginEnforcementOutput
- func (o MfaLoginEnforcementOutput) AuthMethodAccessors() pulumi.StringArrayOutput
- func (o MfaLoginEnforcementOutput) AuthMethodTypes() pulumi.StringArrayOutput
- func (MfaLoginEnforcementOutput) ElementType() reflect.Type
- func (o MfaLoginEnforcementOutput) IdentityEntityIds() pulumi.StringArrayOutput
- func (o MfaLoginEnforcementOutput) IdentityGroupIds() pulumi.StringArrayOutput
- func (o MfaLoginEnforcementOutput) MfaMethodIds() pulumi.StringArrayOutput
- func (o MfaLoginEnforcementOutput) Name() pulumi.StringOutput
- func (o MfaLoginEnforcementOutput) Namespace() pulumi.StringPtrOutput
- func (o MfaLoginEnforcementOutput) NamespaceId() pulumi.StringOutput
- func (o MfaLoginEnforcementOutput) NamespacePath() pulumi.StringOutput
- func (o MfaLoginEnforcementOutput) ToMfaLoginEnforcementOutput() MfaLoginEnforcementOutput
- func (o MfaLoginEnforcementOutput) ToMfaLoginEnforcementOutputWithContext(ctx context.Context) MfaLoginEnforcementOutput
- func (o MfaLoginEnforcementOutput) Uuid() pulumi.StringOutput
- type MfaLoginEnforcementState
- type MfaOkta
- type MfaOktaArgs
- type MfaOktaArray
- type MfaOktaArrayInput
- type MfaOktaArrayOutput
- type MfaOktaInput
- type MfaOktaMap
- type MfaOktaMapInput
- type MfaOktaMapOutput
- type MfaOktaOutput
- func (o MfaOktaOutput) ApiToken() pulumi.StringOutput
- func (o MfaOktaOutput) BaseUrl() pulumi.StringPtrOutput
- func (MfaOktaOutput) ElementType() reflect.Type
- func (o MfaOktaOutput) MethodId() pulumi.StringOutput
- func (o MfaOktaOutput) MountAccessor() pulumi.StringOutput
- func (o MfaOktaOutput) Name() pulumi.StringOutput
- func (o MfaOktaOutput) Namespace() pulumi.StringPtrOutput
- func (o MfaOktaOutput) NamespaceId() pulumi.StringOutput
- func (o MfaOktaOutput) NamespacePath() pulumi.StringOutput
- func (o MfaOktaOutput) OrgName() pulumi.StringOutput
- func (o MfaOktaOutput) PrimaryEmail() pulumi.BoolPtrOutput
- func (o MfaOktaOutput) ToMfaOktaOutput() MfaOktaOutput
- func (o MfaOktaOutput) ToMfaOktaOutputWithContext(ctx context.Context) MfaOktaOutput
- func (o MfaOktaOutput) Type() pulumi.StringOutput
- func (o MfaOktaOutput) UsernameFormat() pulumi.StringPtrOutput
- func (o MfaOktaOutput) Uuid() pulumi.StringOutput
- type MfaOktaState
- type MfaPingid
- type MfaPingidArgs
- type MfaPingidArray
- type MfaPingidArrayInput
- type MfaPingidArrayOutput
- func (MfaPingidArrayOutput) ElementType() reflect.Type
- func (o MfaPingidArrayOutput) Index(i pulumi.IntInput) MfaPingidOutput
- func (o MfaPingidArrayOutput) ToMfaPingidArrayOutput() MfaPingidArrayOutput
- func (o MfaPingidArrayOutput) ToMfaPingidArrayOutputWithContext(ctx context.Context) MfaPingidArrayOutput
- type MfaPingidInput
- type MfaPingidMap
- type MfaPingidMapInput
- type MfaPingidMapOutput
- type MfaPingidOutput
- func (o MfaPingidOutput) AdminUrl() pulumi.StringOutput
- func (o MfaPingidOutput) AuthenticatorUrl() pulumi.StringOutput
- func (MfaPingidOutput) ElementType() reflect.Type
- func (o MfaPingidOutput) IdpUrl() pulumi.StringOutput
- func (o MfaPingidOutput) MethodId() pulumi.StringOutput
- func (o MfaPingidOutput) MountAccessor() pulumi.StringOutput
- func (o MfaPingidOutput) Name() pulumi.StringOutput
- func (o MfaPingidOutput) Namespace() pulumi.StringPtrOutput
- func (o MfaPingidOutput) NamespaceId() pulumi.StringOutput
- func (o MfaPingidOutput) NamespacePath() pulumi.StringOutput
- func (o MfaPingidOutput) OrgAlias() pulumi.StringOutput
- func (o MfaPingidOutput) SettingsFileBase64() pulumi.StringOutput
- func (o MfaPingidOutput) ToMfaPingidOutput() MfaPingidOutput
- func (o MfaPingidOutput) ToMfaPingidOutputWithContext(ctx context.Context) MfaPingidOutput
- func (o MfaPingidOutput) Type() pulumi.StringOutput
- func (o MfaPingidOutput) UseSignature() pulumi.BoolOutput
- func (o MfaPingidOutput) UsernameFormat() pulumi.StringPtrOutput
- func (o MfaPingidOutput) Uuid() pulumi.StringOutput
- type MfaPingidState
- type MfaTotp
- type MfaTotpArgs
- type MfaTotpArray
- type MfaTotpArrayInput
- type MfaTotpArrayOutput
- type MfaTotpInput
- type MfaTotpMap
- type MfaTotpMapInput
- type MfaTotpMapOutput
- type MfaTotpOutput
- func (o MfaTotpOutput) Algorithm() pulumi.StringPtrOutput
- func (o MfaTotpOutput) Digits() pulumi.IntPtrOutput
- func (MfaTotpOutput) ElementType() reflect.Type
- func (o MfaTotpOutput) Issuer() pulumi.StringOutput
- func (o MfaTotpOutput) KeySize() pulumi.IntPtrOutput
- func (o MfaTotpOutput) MaxValidationAttempts() pulumi.IntPtrOutput
- func (o MfaTotpOutput) MethodId() pulumi.StringOutput
- func (o MfaTotpOutput) MountAccessor() pulumi.StringOutput
- func (o MfaTotpOutput) Name() pulumi.StringOutput
- func (o MfaTotpOutput) Namespace() pulumi.StringPtrOutput
- func (o MfaTotpOutput) NamespaceId() pulumi.StringOutput
- func (o MfaTotpOutput) NamespacePath() pulumi.StringOutput
- func (o MfaTotpOutput) Period() pulumi.IntPtrOutput
- func (o MfaTotpOutput) QrSize() pulumi.IntOutput
- func (o MfaTotpOutput) Skew() pulumi.IntPtrOutput
- func (o MfaTotpOutput) ToMfaTotpOutput() MfaTotpOutput
- func (o MfaTotpOutput) ToMfaTotpOutputWithContext(ctx context.Context) MfaTotpOutput
- func (o MfaTotpOutput) Type() pulumi.StringOutput
- func (o MfaTotpOutput) Uuid() pulumi.StringOutput
- type MfaTotpState
- type Oidc
- type OidcArgs
- type OidcArray
- type OidcArrayInput
- type OidcArrayOutput
- type OidcAssignment
- type OidcAssignmentArgs
- type OidcAssignmentArray
- type OidcAssignmentArrayInput
- type OidcAssignmentArrayOutput
- func (OidcAssignmentArrayOutput) ElementType() reflect.Type
- func (o OidcAssignmentArrayOutput) Index(i pulumi.IntInput) OidcAssignmentOutput
- func (o OidcAssignmentArrayOutput) ToOidcAssignmentArrayOutput() OidcAssignmentArrayOutput
- func (o OidcAssignmentArrayOutput) ToOidcAssignmentArrayOutputWithContext(ctx context.Context) OidcAssignmentArrayOutput
- type OidcAssignmentInput
- type OidcAssignmentMap
- type OidcAssignmentMapInput
- type OidcAssignmentMapOutput
- func (OidcAssignmentMapOutput) ElementType() reflect.Type
- func (o OidcAssignmentMapOutput) MapIndex(k pulumi.StringInput) OidcAssignmentOutput
- func (o OidcAssignmentMapOutput) ToOidcAssignmentMapOutput() OidcAssignmentMapOutput
- func (o OidcAssignmentMapOutput) ToOidcAssignmentMapOutputWithContext(ctx context.Context) OidcAssignmentMapOutput
- type OidcAssignmentOutput
- func (OidcAssignmentOutput) ElementType() reflect.Type
- func (o OidcAssignmentOutput) EntityIds() pulumi.StringArrayOutput
- func (o OidcAssignmentOutput) GroupIds() pulumi.StringArrayOutput
- func (o OidcAssignmentOutput) Name() pulumi.StringOutput
- func (o OidcAssignmentOutput) Namespace() pulumi.StringPtrOutput
- func (o OidcAssignmentOutput) ToOidcAssignmentOutput() OidcAssignmentOutput
- func (o OidcAssignmentOutput) ToOidcAssignmentOutputWithContext(ctx context.Context) OidcAssignmentOutput
- type OidcAssignmentState
- type OidcClient
- type OidcClientArgs
- type OidcClientArray
- type OidcClientArrayInput
- type OidcClientArrayOutput
- func (OidcClientArrayOutput) ElementType() reflect.Type
- func (o OidcClientArrayOutput) Index(i pulumi.IntInput) OidcClientOutput
- func (o OidcClientArrayOutput) ToOidcClientArrayOutput() OidcClientArrayOutput
- func (o OidcClientArrayOutput) ToOidcClientArrayOutputWithContext(ctx context.Context) OidcClientArrayOutput
- type OidcClientInput
- type OidcClientMap
- type OidcClientMapInput
- type OidcClientMapOutput
- func (OidcClientMapOutput) ElementType() reflect.Type
- func (o OidcClientMapOutput) MapIndex(k pulumi.StringInput) OidcClientOutput
- func (o OidcClientMapOutput) ToOidcClientMapOutput() OidcClientMapOutput
- func (o OidcClientMapOutput) ToOidcClientMapOutputWithContext(ctx context.Context) OidcClientMapOutput
- type OidcClientOutput
- func (o OidcClientOutput) AccessTokenTtl() pulumi.IntOutput
- func (o OidcClientOutput) Assignments() pulumi.StringArrayOutput
- func (o OidcClientOutput) ClientId() pulumi.StringOutput
- func (o OidcClientOutput) ClientSecret() pulumi.StringOutput
- func (o OidcClientOutput) ClientType() pulumi.StringOutput
- func (OidcClientOutput) ElementType() reflect.Type
- func (o OidcClientOutput) IdTokenTtl() pulumi.IntOutput
- func (o OidcClientOutput) Key() pulumi.StringOutput
- func (o OidcClientOutput) Name() pulumi.StringOutput
- func (o OidcClientOutput) Namespace() pulumi.StringPtrOutput
- func (o OidcClientOutput) RedirectUris() pulumi.StringArrayOutput
- func (o OidcClientOutput) ToOidcClientOutput() OidcClientOutput
- func (o OidcClientOutput) ToOidcClientOutputWithContext(ctx context.Context) OidcClientOutput
- type OidcClientState
- type OidcInput
- type OidcKey
- type OidcKeyAllowedClientID
- type OidcKeyAllowedClientIDArgs
- type OidcKeyAllowedClientIDArray
- func (OidcKeyAllowedClientIDArray) ElementType() reflect.Type
- func (i OidcKeyAllowedClientIDArray) ToOidcKeyAllowedClientIDArrayOutput() OidcKeyAllowedClientIDArrayOutput
- func (i OidcKeyAllowedClientIDArray) ToOidcKeyAllowedClientIDArrayOutputWithContext(ctx context.Context) OidcKeyAllowedClientIDArrayOutput
- type OidcKeyAllowedClientIDArrayInput
- type OidcKeyAllowedClientIDArrayOutput
- func (OidcKeyAllowedClientIDArrayOutput) ElementType() reflect.Type
- func (o OidcKeyAllowedClientIDArrayOutput) Index(i pulumi.IntInput) OidcKeyAllowedClientIDOutput
- func (o OidcKeyAllowedClientIDArrayOutput) ToOidcKeyAllowedClientIDArrayOutput() OidcKeyAllowedClientIDArrayOutput
- func (o OidcKeyAllowedClientIDArrayOutput) ToOidcKeyAllowedClientIDArrayOutputWithContext(ctx context.Context) OidcKeyAllowedClientIDArrayOutput
- type OidcKeyAllowedClientIDInput
- type OidcKeyAllowedClientIDMap
- type OidcKeyAllowedClientIDMapInput
- type OidcKeyAllowedClientIDMapOutput
- func (OidcKeyAllowedClientIDMapOutput) ElementType() reflect.Type
- func (o OidcKeyAllowedClientIDMapOutput) MapIndex(k pulumi.StringInput) OidcKeyAllowedClientIDOutput
- func (o OidcKeyAllowedClientIDMapOutput) ToOidcKeyAllowedClientIDMapOutput() OidcKeyAllowedClientIDMapOutput
- func (o OidcKeyAllowedClientIDMapOutput) ToOidcKeyAllowedClientIDMapOutputWithContext(ctx context.Context) OidcKeyAllowedClientIDMapOutput
- type OidcKeyAllowedClientIDOutput
- func (o OidcKeyAllowedClientIDOutput) AllowedClientId() pulumi.StringOutput
- func (OidcKeyAllowedClientIDOutput) ElementType() reflect.Type
- func (o OidcKeyAllowedClientIDOutput) KeyName() pulumi.StringOutput
- func (o OidcKeyAllowedClientIDOutput) Namespace() pulumi.StringPtrOutput
- func (o OidcKeyAllowedClientIDOutput) ToOidcKeyAllowedClientIDOutput() OidcKeyAllowedClientIDOutput
- func (o OidcKeyAllowedClientIDOutput) ToOidcKeyAllowedClientIDOutputWithContext(ctx context.Context) OidcKeyAllowedClientIDOutput
- type OidcKeyAllowedClientIDState
- type OidcKeyArgs
- type OidcKeyArray
- type OidcKeyArrayInput
- type OidcKeyArrayOutput
- type OidcKeyInput
- type OidcKeyMap
- type OidcKeyMapInput
- type OidcKeyMapOutput
- type OidcKeyOutput
- func (o OidcKeyOutput) Algorithm() pulumi.StringPtrOutput
- func (o OidcKeyOutput) AllowedClientIds() pulumi.StringArrayOutput
- func (OidcKeyOutput) ElementType() reflect.Type
- func (o OidcKeyOutput) Name() pulumi.StringOutput
- func (o OidcKeyOutput) Namespace() pulumi.StringPtrOutput
- func (o OidcKeyOutput) RotationPeriod() pulumi.IntPtrOutput
- func (o OidcKeyOutput) ToOidcKeyOutput() OidcKeyOutput
- func (o OidcKeyOutput) ToOidcKeyOutputWithContext(ctx context.Context) OidcKeyOutput
- func (o OidcKeyOutput) VerificationTtl() pulumi.IntPtrOutput
- type OidcKeyState
- type OidcMap
- type OidcMapInput
- type OidcMapOutput
- type OidcOutput
- type OidcProvider
- type OidcProviderArgs
- type OidcProviderArray
- type OidcProviderArrayInput
- type OidcProviderArrayOutput
- func (OidcProviderArrayOutput) ElementType() reflect.Type
- func (o OidcProviderArrayOutput) Index(i pulumi.IntInput) OidcProviderOutput
- func (o OidcProviderArrayOutput) ToOidcProviderArrayOutput() OidcProviderArrayOutput
- func (o OidcProviderArrayOutput) ToOidcProviderArrayOutputWithContext(ctx context.Context) OidcProviderArrayOutput
- type OidcProviderInput
- type OidcProviderMap
- type OidcProviderMapInput
- type OidcProviderMapOutput
- func (OidcProviderMapOutput) ElementType() reflect.Type
- func (o OidcProviderMapOutput) MapIndex(k pulumi.StringInput) OidcProviderOutput
- func (o OidcProviderMapOutput) ToOidcProviderMapOutput() OidcProviderMapOutput
- func (o OidcProviderMapOutput) ToOidcProviderMapOutputWithContext(ctx context.Context) OidcProviderMapOutput
- type OidcProviderOutput
- func (o OidcProviderOutput) AllowedClientIds() pulumi.StringArrayOutput
- func (OidcProviderOutput) ElementType() reflect.Type
- func (o OidcProviderOutput) HttpsEnabled() pulumi.BoolPtrOutput
- func (o OidcProviderOutput) Issuer() pulumi.StringOutput
- func (o OidcProviderOutput) IssuerHost() pulumi.StringPtrOutput
- func (o OidcProviderOutput) Name() pulumi.StringOutput
- func (o OidcProviderOutput) Namespace() pulumi.StringPtrOutput
- func (o OidcProviderOutput) ScopesSupporteds() pulumi.StringArrayOutput
- func (o OidcProviderOutput) ToOidcProviderOutput() OidcProviderOutput
- func (o OidcProviderOutput) ToOidcProviderOutputWithContext(ctx context.Context) OidcProviderOutput
- type OidcProviderState
- type OidcRole
- type OidcRoleArgs
- type OidcRoleArray
- type OidcRoleArrayInput
- type OidcRoleArrayOutput
- type OidcRoleInput
- type OidcRoleMap
- type OidcRoleMapInput
- type OidcRoleMapOutput
- type OidcRoleOutput
- func (o OidcRoleOutput) ClientId() pulumi.StringOutput
- func (OidcRoleOutput) ElementType() reflect.Type
- func (o OidcRoleOutput) Key() pulumi.StringOutput
- func (o OidcRoleOutput) Name() pulumi.StringOutput
- func (o OidcRoleOutput) Namespace() pulumi.StringPtrOutput
- func (o OidcRoleOutput) Template() pulumi.StringPtrOutput
- func (o OidcRoleOutput) ToOidcRoleOutput() OidcRoleOutput
- func (o OidcRoleOutput) ToOidcRoleOutputWithContext(ctx context.Context) OidcRoleOutput
- func (o OidcRoleOutput) Ttl() pulumi.IntPtrOutput
- type OidcRoleState
- type OidcScope
- type OidcScopeArgs
- type OidcScopeArray
- type OidcScopeArrayInput
- type OidcScopeArrayOutput
- func (OidcScopeArrayOutput) ElementType() reflect.Type
- func (o OidcScopeArrayOutput) Index(i pulumi.IntInput) OidcScopeOutput
- func (o OidcScopeArrayOutput) ToOidcScopeArrayOutput() OidcScopeArrayOutput
- func (o OidcScopeArrayOutput) ToOidcScopeArrayOutputWithContext(ctx context.Context) OidcScopeArrayOutput
- type OidcScopeInput
- type OidcScopeMap
- type OidcScopeMapInput
- type OidcScopeMapOutput
- type OidcScopeOutput
- func (o OidcScopeOutput) Description() pulumi.StringPtrOutput
- func (OidcScopeOutput) ElementType() reflect.Type
- func (o OidcScopeOutput) Name() pulumi.StringOutput
- func (o OidcScopeOutput) Namespace() pulumi.StringPtrOutput
- func (o OidcScopeOutput) Template() pulumi.StringPtrOutput
- func (o OidcScopeOutput) ToOidcScopeOutput() OidcScopeOutput
- func (o OidcScopeOutput) ToOidcScopeOutputWithContext(ctx context.Context) OidcScopeOutput
- type OidcScopeState
- type OidcState
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Entity ¶
type Entity struct { pulumi.CustomResourceState // True/false Is this entity currently disabled. Defaults to `false` Disabled pulumi.BoolPtrOutput `pulumi:"disabled"` // `false` by default. If set to `true`, this resource will ignore any policies return from Vault or specified in the resource. You can use `identity.EntityPolicies` to manage policies for this entity in a decoupled manner. ExternalPolicies pulumi.BoolPtrOutput `pulumi:"externalPolicies"` // A Map of additional metadata to associate with the user. Metadata pulumi.StringMapOutput `pulumi:"metadata"` // Name of the identity entity to create. Name pulumi.StringOutput `pulumi:"name"` // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrOutput `pulumi:"namespace"` // A list of policies to apply to the entity. Policies pulumi.StringArrayOutput `pulumi:"policies"` }
## Example Usage
<!--Start PulumiCodeChooser --> ```go package main
import (
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := identity.NewEntity(ctx, "test", &identity.EntityArgs{ Metadata: pulumi.StringMap{ "foo": pulumi.String("bar"), }, Policies: pulumi.StringArray{ pulumi.String("test"), }, }) if err != nil { return err } return nil }) }
``` <!--End PulumiCodeChooser -->
## Import
Identity entity can be imported using the `id`, e.g.
```sh $ pulumi import vault:identity/entity:Entity test "ae6f8ued-0f1a-9f6b-2915-1a2be20dc053" ```
func GetEntity ¶
func GetEntity(ctx *pulumi.Context, name string, id pulumi.IDInput, state *EntityState, opts ...pulumi.ResourceOption) (*Entity, error)
GetEntity gets an existing Entity resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewEntity ¶
func NewEntity(ctx *pulumi.Context, name string, args *EntityArgs, opts ...pulumi.ResourceOption) (*Entity, error)
NewEntity registers a new resource with the given unique name, arguments, and options.
func (*Entity) ElementType ¶
func (*Entity) ToEntityOutput ¶
func (i *Entity) ToEntityOutput() EntityOutput
func (*Entity) ToEntityOutputWithContext ¶
func (i *Entity) ToEntityOutputWithContext(ctx context.Context) EntityOutput
type EntityAlias ¶
type EntityAlias struct { pulumi.CustomResourceState // Entity ID to which this alias belongs to. CanonicalId pulumi.StringOutput `pulumi:"canonicalId"` // Custom metadata to be associated with this alias. CustomMetadata pulumi.StringMapOutput `pulumi:"customMetadata"` // Accessor of the mount to which the alias should belong to. MountAccessor pulumi.StringOutput `pulumi:"mountAccessor"` // Name of the alias. Name should be the identifier of the client in the authentication source. For example, if the alias belongs to userpass backend, the name should be a valid username within userpass backend. If alias belongs to GitHub, it should be the GitHub username. Name pulumi.StringOutput `pulumi:"name"` // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrOutput `pulumi:"namespace"` }
## Example Usage
<!--Start PulumiCodeChooser --> ```go package main
import (
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := identity.NewEntityAlias(ctx, "test", &identity.EntityAliasArgs{ CanonicalId: pulumi.String("49877D63-07AD-4B85-BDA8-B61626C477E8"), MountAccessor: pulumi.String("token_1f2bd5"), }) if err != nil { return err } return nil }) }
``` <!--End PulumiCodeChooser -->
## Import
Identity entity alias can be imported using the `id`, e.g.
```sh $ pulumi import vault:identity/entityAlias:EntityAlias test "3856fb4d-3c91-dcaf-2401-68f446796bfb" ```
func GetEntityAlias ¶
func GetEntityAlias(ctx *pulumi.Context, name string, id pulumi.IDInput, state *EntityAliasState, opts ...pulumi.ResourceOption) (*EntityAlias, error)
GetEntityAlias gets an existing EntityAlias resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewEntityAlias ¶
func NewEntityAlias(ctx *pulumi.Context, name string, args *EntityAliasArgs, opts ...pulumi.ResourceOption) (*EntityAlias, error)
NewEntityAlias registers a new resource with the given unique name, arguments, and options.
func (*EntityAlias) ElementType ¶
func (*EntityAlias) ElementType() reflect.Type
func (*EntityAlias) ToEntityAliasOutput ¶
func (i *EntityAlias) ToEntityAliasOutput() EntityAliasOutput
func (*EntityAlias) ToEntityAliasOutputWithContext ¶
func (i *EntityAlias) ToEntityAliasOutputWithContext(ctx context.Context) EntityAliasOutput
type EntityAliasArgs ¶
type EntityAliasArgs struct { // Entity ID to which this alias belongs to. CanonicalId pulumi.StringInput // Custom metadata to be associated with this alias. CustomMetadata pulumi.StringMapInput // Accessor of the mount to which the alias should belong to. MountAccessor pulumi.StringInput // Name of the alias. Name should be the identifier of the client in the authentication source. For example, if the alias belongs to userpass backend, the name should be a valid username within userpass backend. If alias belongs to GitHub, it should be the GitHub username. Name pulumi.StringPtrInput // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrInput }
The set of arguments for constructing a EntityAlias resource.
func (EntityAliasArgs) ElementType ¶
func (EntityAliasArgs) ElementType() reflect.Type
type EntityAliasArray ¶
type EntityAliasArray []EntityAliasInput
func (EntityAliasArray) ElementType ¶
func (EntityAliasArray) ElementType() reflect.Type
func (EntityAliasArray) ToEntityAliasArrayOutput ¶
func (i EntityAliasArray) ToEntityAliasArrayOutput() EntityAliasArrayOutput
func (EntityAliasArray) ToEntityAliasArrayOutputWithContext ¶
func (i EntityAliasArray) ToEntityAliasArrayOutputWithContext(ctx context.Context) EntityAliasArrayOutput
type EntityAliasArrayInput ¶
type EntityAliasArrayInput interface { pulumi.Input ToEntityAliasArrayOutput() EntityAliasArrayOutput ToEntityAliasArrayOutputWithContext(context.Context) EntityAliasArrayOutput }
EntityAliasArrayInput is an input type that accepts EntityAliasArray and EntityAliasArrayOutput values. You can construct a concrete instance of `EntityAliasArrayInput` via:
EntityAliasArray{ EntityAliasArgs{...} }
type EntityAliasArrayOutput ¶
type EntityAliasArrayOutput struct{ *pulumi.OutputState }
func (EntityAliasArrayOutput) ElementType ¶
func (EntityAliasArrayOutput) ElementType() reflect.Type
func (EntityAliasArrayOutput) Index ¶
func (o EntityAliasArrayOutput) Index(i pulumi.IntInput) EntityAliasOutput
func (EntityAliasArrayOutput) ToEntityAliasArrayOutput ¶
func (o EntityAliasArrayOutput) ToEntityAliasArrayOutput() EntityAliasArrayOutput
func (EntityAliasArrayOutput) ToEntityAliasArrayOutputWithContext ¶
func (o EntityAliasArrayOutput) ToEntityAliasArrayOutputWithContext(ctx context.Context) EntityAliasArrayOutput
type EntityAliasInput ¶
type EntityAliasInput interface { pulumi.Input ToEntityAliasOutput() EntityAliasOutput ToEntityAliasOutputWithContext(ctx context.Context) EntityAliasOutput }
type EntityAliasMap ¶
type EntityAliasMap map[string]EntityAliasInput
func (EntityAliasMap) ElementType ¶
func (EntityAliasMap) ElementType() reflect.Type
func (EntityAliasMap) ToEntityAliasMapOutput ¶
func (i EntityAliasMap) ToEntityAliasMapOutput() EntityAliasMapOutput
func (EntityAliasMap) ToEntityAliasMapOutputWithContext ¶
func (i EntityAliasMap) ToEntityAliasMapOutputWithContext(ctx context.Context) EntityAliasMapOutput
type EntityAliasMapInput ¶
type EntityAliasMapInput interface { pulumi.Input ToEntityAliasMapOutput() EntityAliasMapOutput ToEntityAliasMapOutputWithContext(context.Context) EntityAliasMapOutput }
EntityAliasMapInput is an input type that accepts EntityAliasMap and EntityAliasMapOutput values. You can construct a concrete instance of `EntityAliasMapInput` via:
EntityAliasMap{ "key": EntityAliasArgs{...} }
type EntityAliasMapOutput ¶
type EntityAliasMapOutput struct{ *pulumi.OutputState }
func (EntityAliasMapOutput) ElementType ¶
func (EntityAliasMapOutput) ElementType() reflect.Type
func (EntityAliasMapOutput) MapIndex ¶
func (o EntityAliasMapOutput) MapIndex(k pulumi.StringInput) EntityAliasOutput
func (EntityAliasMapOutput) ToEntityAliasMapOutput ¶
func (o EntityAliasMapOutput) ToEntityAliasMapOutput() EntityAliasMapOutput
func (EntityAliasMapOutput) ToEntityAliasMapOutputWithContext ¶
func (o EntityAliasMapOutput) ToEntityAliasMapOutputWithContext(ctx context.Context) EntityAliasMapOutput
type EntityAliasOutput ¶
type EntityAliasOutput struct{ *pulumi.OutputState }
func (EntityAliasOutput) CanonicalId ¶
func (o EntityAliasOutput) CanonicalId() pulumi.StringOutput
Entity ID to which this alias belongs to.
func (EntityAliasOutput) CustomMetadata ¶
func (o EntityAliasOutput) CustomMetadata() pulumi.StringMapOutput
Custom metadata to be associated with this alias.
func (EntityAliasOutput) ElementType ¶
func (EntityAliasOutput) ElementType() reflect.Type
func (EntityAliasOutput) MountAccessor ¶
func (o EntityAliasOutput) MountAccessor() pulumi.StringOutput
Accessor of the mount to which the alias should belong to.
func (EntityAliasOutput) Name ¶
func (o EntityAliasOutput) Name() pulumi.StringOutput
Name of the alias. Name should be the identifier of the client in the authentication source. For example, if the alias belongs to userpass backend, the name should be a valid username within userpass backend. If alias belongs to GitHub, it should be the GitHub username.
func (EntityAliasOutput) Namespace ¶
func (o EntityAliasOutput) Namespace() pulumi.StringPtrOutput
The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). *Available only for Vault Enterprise*.
func (EntityAliasOutput) ToEntityAliasOutput ¶
func (o EntityAliasOutput) ToEntityAliasOutput() EntityAliasOutput
func (EntityAliasOutput) ToEntityAliasOutputWithContext ¶
func (o EntityAliasOutput) ToEntityAliasOutputWithContext(ctx context.Context) EntityAliasOutput
type EntityAliasState ¶
type EntityAliasState struct { // Entity ID to which this alias belongs to. CanonicalId pulumi.StringPtrInput // Custom metadata to be associated with this alias. CustomMetadata pulumi.StringMapInput // Accessor of the mount to which the alias should belong to. MountAccessor pulumi.StringPtrInput // Name of the alias. Name should be the identifier of the client in the authentication source. For example, if the alias belongs to userpass backend, the name should be a valid username within userpass backend. If alias belongs to GitHub, it should be the GitHub username. Name pulumi.StringPtrInput // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrInput }
func (EntityAliasState) ElementType ¶
func (EntityAliasState) ElementType() reflect.Type
type EntityArgs ¶
type EntityArgs struct { // True/false Is this entity currently disabled. Defaults to `false` Disabled pulumi.BoolPtrInput // `false` by default. If set to `true`, this resource will ignore any policies return from Vault or specified in the resource. You can use `identity.EntityPolicies` to manage policies for this entity in a decoupled manner. ExternalPolicies pulumi.BoolPtrInput // A Map of additional metadata to associate with the user. Metadata pulumi.StringMapInput // Name of the identity entity to create. Name pulumi.StringPtrInput // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrInput // A list of policies to apply to the entity. Policies pulumi.StringArrayInput }
The set of arguments for constructing a Entity resource.
func (EntityArgs) ElementType ¶
func (EntityArgs) ElementType() reflect.Type
type EntityArray ¶
type EntityArray []EntityInput
func (EntityArray) ElementType ¶
func (EntityArray) ElementType() reflect.Type
func (EntityArray) ToEntityArrayOutput ¶
func (i EntityArray) ToEntityArrayOutput() EntityArrayOutput
func (EntityArray) ToEntityArrayOutputWithContext ¶
func (i EntityArray) ToEntityArrayOutputWithContext(ctx context.Context) EntityArrayOutput
type EntityArrayInput ¶
type EntityArrayInput interface { pulumi.Input ToEntityArrayOutput() EntityArrayOutput ToEntityArrayOutputWithContext(context.Context) EntityArrayOutput }
EntityArrayInput is an input type that accepts EntityArray and EntityArrayOutput values. You can construct a concrete instance of `EntityArrayInput` via:
EntityArray{ EntityArgs{...} }
type EntityArrayOutput ¶
type EntityArrayOutput struct{ *pulumi.OutputState }
func (EntityArrayOutput) ElementType ¶
func (EntityArrayOutput) ElementType() reflect.Type
func (EntityArrayOutput) Index ¶
func (o EntityArrayOutput) Index(i pulumi.IntInput) EntityOutput
func (EntityArrayOutput) ToEntityArrayOutput ¶
func (o EntityArrayOutput) ToEntityArrayOutput() EntityArrayOutput
func (EntityArrayOutput) ToEntityArrayOutputWithContext ¶
func (o EntityArrayOutput) ToEntityArrayOutputWithContext(ctx context.Context) EntityArrayOutput
type EntityInput ¶
type EntityInput interface { pulumi.Input ToEntityOutput() EntityOutput ToEntityOutputWithContext(ctx context.Context) EntityOutput }
type EntityMap ¶
type EntityMap map[string]EntityInput
func (EntityMap) ElementType ¶
func (EntityMap) ToEntityMapOutput ¶
func (i EntityMap) ToEntityMapOutput() EntityMapOutput
func (EntityMap) ToEntityMapOutputWithContext ¶
func (i EntityMap) ToEntityMapOutputWithContext(ctx context.Context) EntityMapOutput
type EntityMapInput ¶
type EntityMapInput interface { pulumi.Input ToEntityMapOutput() EntityMapOutput ToEntityMapOutputWithContext(context.Context) EntityMapOutput }
EntityMapInput is an input type that accepts EntityMap and EntityMapOutput values. You can construct a concrete instance of `EntityMapInput` via:
EntityMap{ "key": EntityArgs{...} }
type EntityMapOutput ¶
type EntityMapOutput struct{ *pulumi.OutputState }
func (EntityMapOutput) ElementType ¶
func (EntityMapOutput) ElementType() reflect.Type
func (EntityMapOutput) MapIndex ¶
func (o EntityMapOutput) MapIndex(k pulumi.StringInput) EntityOutput
func (EntityMapOutput) ToEntityMapOutput ¶
func (o EntityMapOutput) ToEntityMapOutput() EntityMapOutput
func (EntityMapOutput) ToEntityMapOutputWithContext ¶
func (o EntityMapOutput) ToEntityMapOutputWithContext(ctx context.Context) EntityMapOutput
type EntityOutput ¶
type EntityOutput struct{ *pulumi.OutputState }
func (EntityOutput) Disabled ¶
func (o EntityOutput) Disabled() pulumi.BoolPtrOutput
True/false Is this entity currently disabled. Defaults to `false`
func (EntityOutput) ElementType ¶
func (EntityOutput) ElementType() reflect.Type
func (EntityOutput) ExternalPolicies ¶
func (o EntityOutput) ExternalPolicies() pulumi.BoolPtrOutput
`false` by default. If set to `true`, this resource will ignore any policies return from Vault or specified in the resource. You can use `identity.EntityPolicies` to manage policies for this entity in a decoupled manner.
func (EntityOutput) Metadata ¶
func (o EntityOutput) Metadata() pulumi.StringMapOutput
A Map of additional metadata to associate with the user.
func (EntityOutput) Name ¶
func (o EntityOutput) Name() pulumi.StringOutput
Name of the identity entity to create.
func (EntityOutput) Namespace ¶
func (o EntityOutput) Namespace() pulumi.StringPtrOutput
The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). *Available only for Vault Enterprise*.
func (EntityOutput) Policies ¶
func (o EntityOutput) Policies() pulumi.StringArrayOutput
A list of policies to apply to the entity.
func (EntityOutput) ToEntityOutput ¶
func (o EntityOutput) ToEntityOutput() EntityOutput
func (EntityOutput) ToEntityOutputWithContext ¶
func (o EntityOutput) ToEntityOutputWithContext(ctx context.Context) EntityOutput
type EntityPolicies ¶
type EntityPolicies struct { pulumi.CustomResourceState // Entity ID to assign policies to. EntityId pulumi.StringOutput `pulumi:"entityId"` // The name of the entity that are assigned the policies. EntityName pulumi.StringOutput `pulumi:"entityName"` // Defaults to `true`. // // If `true`, this resource will take exclusive control of the policies assigned to the entity and will set it equal to what is specified in the resource. // // If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the entity. When destroying the resource, the resource will ensure that the policies specified in the resource are removed. Exclusive pulumi.BoolPtrOutput `pulumi:"exclusive"` // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrOutput `pulumi:"namespace"` // List of policies to assign to the entity Policies pulumi.StringArrayOutput `pulumi:"policies"` }
Manages policies for an Identity Entity for Vault. The [Identity secrets engine](https://www.vaultproject.io/docs/secrets/identity/index.html) is the identity management solution for Vault.
## Example Usage
### Exclusive Policies
<!--Start PulumiCodeChooser --> ```go package main
import (
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { entity, err := identity.NewEntity(ctx, "entity", &identity.EntityArgs{ ExternalPolicies: pulumi.Bool(true), }) if err != nil { return err } _, err = identity.NewEntityPolicies(ctx, "policies", &identity.EntityPoliciesArgs{ Policies: pulumi.StringArray{ pulumi.String("default"), pulumi.String("test"), }, Exclusive: pulumi.Bool(true), EntityId: entity.ID(), }) if err != nil { return err } return nil }) }
``` <!--End PulumiCodeChooser -->
### Non-exclusive Policies
<!--Start PulumiCodeChooser --> ```go package main
import (
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { entity, err := identity.NewEntity(ctx, "entity", &identity.EntityArgs{ ExternalPolicies: pulumi.Bool(true), }) if err != nil { return err } _, err = identity.NewEntityPolicies(ctx, "default", &identity.EntityPoliciesArgs{ Policies: pulumi.StringArray{ pulumi.String("default"), pulumi.String("test"), }, Exclusive: pulumi.Bool(false), EntityId: entity.ID(), }) if err != nil { return err } _, err = identity.NewEntityPolicies(ctx, "others", &identity.EntityPoliciesArgs{ Policies: pulumi.StringArray{ pulumi.String("others"), }, Exclusive: pulumi.Bool(false), EntityId: entity.ID(), }) if err != nil { return err } return nil }) }
``` <!--End PulumiCodeChooser -->
func GetEntityPolicies ¶
func GetEntityPolicies(ctx *pulumi.Context, name string, id pulumi.IDInput, state *EntityPoliciesState, opts ...pulumi.ResourceOption) (*EntityPolicies, error)
GetEntityPolicies gets an existing EntityPolicies resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewEntityPolicies ¶
func NewEntityPolicies(ctx *pulumi.Context, name string, args *EntityPoliciesArgs, opts ...pulumi.ResourceOption) (*EntityPolicies, error)
NewEntityPolicies registers a new resource with the given unique name, arguments, and options.
func (*EntityPolicies) ElementType ¶
func (*EntityPolicies) ElementType() reflect.Type
func (*EntityPolicies) ToEntityPoliciesOutput ¶
func (i *EntityPolicies) ToEntityPoliciesOutput() EntityPoliciesOutput
func (*EntityPolicies) ToEntityPoliciesOutputWithContext ¶
func (i *EntityPolicies) ToEntityPoliciesOutputWithContext(ctx context.Context) EntityPoliciesOutput
type EntityPoliciesArgs ¶
type EntityPoliciesArgs struct { // Entity ID to assign policies to. EntityId pulumi.StringInput // Defaults to `true`. // // If `true`, this resource will take exclusive control of the policies assigned to the entity and will set it equal to what is specified in the resource. // // If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the entity. When destroying the resource, the resource will ensure that the policies specified in the resource are removed. Exclusive pulumi.BoolPtrInput // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrInput // List of policies to assign to the entity Policies pulumi.StringArrayInput }
The set of arguments for constructing a EntityPolicies resource.
func (EntityPoliciesArgs) ElementType ¶
func (EntityPoliciesArgs) ElementType() reflect.Type
type EntityPoliciesArray ¶
type EntityPoliciesArray []EntityPoliciesInput
func (EntityPoliciesArray) ElementType ¶
func (EntityPoliciesArray) ElementType() reflect.Type
func (EntityPoliciesArray) ToEntityPoliciesArrayOutput ¶
func (i EntityPoliciesArray) ToEntityPoliciesArrayOutput() EntityPoliciesArrayOutput
func (EntityPoliciesArray) ToEntityPoliciesArrayOutputWithContext ¶
func (i EntityPoliciesArray) ToEntityPoliciesArrayOutputWithContext(ctx context.Context) EntityPoliciesArrayOutput
type EntityPoliciesArrayInput ¶
type EntityPoliciesArrayInput interface { pulumi.Input ToEntityPoliciesArrayOutput() EntityPoliciesArrayOutput ToEntityPoliciesArrayOutputWithContext(context.Context) EntityPoliciesArrayOutput }
EntityPoliciesArrayInput is an input type that accepts EntityPoliciesArray and EntityPoliciesArrayOutput values. You can construct a concrete instance of `EntityPoliciesArrayInput` via:
EntityPoliciesArray{ EntityPoliciesArgs{...} }
type EntityPoliciesArrayOutput ¶
type EntityPoliciesArrayOutput struct{ *pulumi.OutputState }
func (EntityPoliciesArrayOutput) ElementType ¶
func (EntityPoliciesArrayOutput) ElementType() reflect.Type
func (EntityPoliciesArrayOutput) Index ¶
func (o EntityPoliciesArrayOutput) Index(i pulumi.IntInput) EntityPoliciesOutput
func (EntityPoliciesArrayOutput) ToEntityPoliciesArrayOutput ¶
func (o EntityPoliciesArrayOutput) ToEntityPoliciesArrayOutput() EntityPoliciesArrayOutput
func (EntityPoliciesArrayOutput) ToEntityPoliciesArrayOutputWithContext ¶
func (o EntityPoliciesArrayOutput) ToEntityPoliciesArrayOutputWithContext(ctx context.Context) EntityPoliciesArrayOutput
type EntityPoliciesInput ¶
type EntityPoliciesInput interface { pulumi.Input ToEntityPoliciesOutput() EntityPoliciesOutput ToEntityPoliciesOutputWithContext(ctx context.Context) EntityPoliciesOutput }
type EntityPoliciesMap ¶
type EntityPoliciesMap map[string]EntityPoliciesInput
func (EntityPoliciesMap) ElementType ¶
func (EntityPoliciesMap) ElementType() reflect.Type
func (EntityPoliciesMap) ToEntityPoliciesMapOutput ¶
func (i EntityPoliciesMap) ToEntityPoliciesMapOutput() EntityPoliciesMapOutput
func (EntityPoliciesMap) ToEntityPoliciesMapOutputWithContext ¶
func (i EntityPoliciesMap) ToEntityPoliciesMapOutputWithContext(ctx context.Context) EntityPoliciesMapOutput
type EntityPoliciesMapInput ¶
type EntityPoliciesMapInput interface { pulumi.Input ToEntityPoliciesMapOutput() EntityPoliciesMapOutput ToEntityPoliciesMapOutputWithContext(context.Context) EntityPoliciesMapOutput }
EntityPoliciesMapInput is an input type that accepts EntityPoliciesMap and EntityPoliciesMapOutput values. You can construct a concrete instance of `EntityPoliciesMapInput` via:
EntityPoliciesMap{ "key": EntityPoliciesArgs{...} }
type EntityPoliciesMapOutput ¶
type EntityPoliciesMapOutput struct{ *pulumi.OutputState }
func (EntityPoliciesMapOutput) ElementType ¶
func (EntityPoliciesMapOutput) ElementType() reflect.Type
func (EntityPoliciesMapOutput) MapIndex ¶
func (o EntityPoliciesMapOutput) MapIndex(k pulumi.StringInput) EntityPoliciesOutput
func (EntityPoliciesMapOutput) ToEntityPoliciesMapOutput ¶
func (o EntityPoliciesMapOutput) ToEntityPoliciesMapOutput() EntityPoliciesMapOutput
func (EntityPoliciesMapOutput) ToEntityPoliciesMapOutputWithContext ¶
func (o EntityPoliciesMapOutput) ToEntityPoliciesMapOutputWithContext(ctx context.Context) EntityPoliciesMapOutput
type EntityPoliciesOutput ¶
type EntityPoliciesOutput struct{ *pulumi.OutputState }
func (EntityPoliciesOutput) ElementType ¶
func (EntityPoliciesOutput) ElementType() reflect.Type
func (EntityPoliciesOutput) EntityId ¶
func (o EntityPoliciesOutput) EntityId() pulumi.StringOutput
Entity ID to assign policies to.
func (EntityPoliciesOutput) EntityName ¶
func (o EntityPoliciesOutput) EntityName() pulumi.StringOutput
The name of the entity that are assigned the policies.
func (EntityPoliciesOutput) Exclusive ¶
func (o EntityPoliciesOutput) Exclusive() pulumi.BoolPtrOutput
Defaults to `true`.
If `true`, this resource will take exclusive control of the policies assigned to the entity and will set it equal to what is specified in the resource.
If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the entity. When destroying the resource, the resource will ensure that the policies specified in the resource are removed.
func (EntityPoliciesOutput) Namespace ¶
func (o EntityPoliciesOutput) Namespace() pulumi.StringPtrOutput
The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). *Available only for Vault Enterprise*.
func (EntityPoliciesOutput) Policies ¶
func (o EntityPoliciesOutput) Policies() pulumi.StringArrayOutput
List of policies to assign to the entity
func (EntityPoliciesOutput) ToEntityPoliciesOutput ¶
func (o EntityPoliciesOutput) ToEntityPoliciesOutput() EntityPoliciesOutput
func (EntityPoliciesOutput) ToEntityPoliciesOutputWithContext ¶
func (o EntityPoliciesOutput) ToEntityPoliciesOutputWithContext(ctx context.Context) EntityPoliciesOutput
type EntityPoliciesState ¶
type EntityPoliciesState struct { // Entity ID to assign policies to. EntityId pulumi.StringPtrInput // The name of the entity that are assigned the policies. EntityName pulumi.StringPtrInput // Defaults to `true`. // // If `true`, this resource will take exclusive control of the policies assigned to the entity and will set it equal to what is specified in the resource. // // If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the entity. When destroying the resource, the resource will ensure that the policies specified in the resource are removed. Exclusive pulumi.BoolPtrInput // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrInput // List of policies to assign to the entity Policies pulumi.StringArrayInput }
func (EntityPoliciesState) ElementType ¶
func (EntityPoliciesState) ElementType() reflect.Type
type EntityState ¶
type EntityState struct { // True/false Is this entity currently disabled. Defaults to `false` Disabled pulumi.BoolPtrInput // `false` by default. If set to `true`, this resource will ignore any policies return from Vault or specified in the resource. You can use `identity.EntityPolicies` to manage policies for this entity in a decoupled manner. ExternalPolicies pulumi.BoolPtrInput // A Map of additional metadata to associate with the user. Metadata pulumi.StringMapInput // Name of the identity entity to create. Name pulumi.StringPtrInput // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrInput // A list of policies to apply to the entity. Policies pulumi.StringArrayInput }
func (EntityState) ElementType ¶
func (EntityState) ElementType() reflect.Type
type GetEntityAliasType ¶
type GetEntityAliasType struct { // Canonical ID of the Alias CanonicalId string `pulumi:"canonicalId"` // Creation time of the Alias CreationTime string `pulumi:"creationTime"` // ID of the alias Id string `pulumi:"id"` // Last update time of the alias LastUpdateTime string `pulumi:"lastUpdateTime"` // List of canonical IDs merged with this alias MergedFromCanonicalIds []string `pulumi:"mergedFromCanonicalIds"` // Arbitrary metadata Metadata map[string]interface{} `pulumi:"metadata"` // Authentication mount acccessor which this alias belongs to MountAccessor string `pulumi:"mountAccessor"` // Authentication mount path which this alias belongs to MountPath string `pulumi:"mountPath"` // Authentication mount type which this alias belongs to MountType string `pulumi:"mountType"` // Name of the alias Name string `pulumi:"name"` }
type GetEntityAliasTypeArgs ¶
type GetEntityAliasTypeArgs struct { // Canonical ID of the Alias CanonicalId pulumi.StringInput `pulumi:"canonicalId"` // Creation time of the Alias CreationTime pulumi.StringInput `pulumi:"creationTime"` // ID of the alias Id pulumi.StringInput `pulumi:"id"` // Last update time of the alias LastUpdateTime pulumi.StringInput `pulumi:"lastUpdateTime"` // List of canonical IDs merged with this alias MergedFromCanonicalIds pulumi.StringArrayInput `pulumi:"mergedFromCanonicalIds"` // Arbitrary metadata Metadata pulumi.MapInput `pulumi:"metadata"` // Authentication mount acccessor which this alias belongs to MountAccessor pulumi.StringInput `pulumi:"mountAccessor"` // Authentication mount path which this alias belongs to MountPath pulumi.StringInput `pulumi:"mountPath"` // Authentication mount type which this alias belongs to MountType pulumi.StringInput `pulumi:"mountType"` // Name of the alias Name pulumi.StringInput `pulumi:"name"` }
func (GetEntityAliasTypeArgs) ElementType ¶
func (GetEntityAliasTypeArgs) ElementType() reflect.Type
func (GetEntityAliasTypeArgs) ToGetEntityAliasTypeOutput ¶
func (i GetEntityAliasTypeArgs) ToGetEntityAliasTypeOutput() GetEntityAliasTypeOutput
func (GetEntityAliasTypeArgs) ToGetEntityAliasTypeOutputWithContext ¶
func (i GetEntityAliasTypeArgs) ToGetEntityAliasTypeOutputWithContext(ctx context.Context) GetEntityAliasTypeOutput
type GetEntityAliasTypeArray ¶
type GetEntityAliasTypeArray []GetEntityAliasTypeInput
func (GetEntityAliasTypeArray) ElementType ¶
func (GetEntityAliasTypeArray) ElementType() reflect.Type
func (GetEntityAliasTypeArray) ToGetEntityAliasTypeArrayOutput ¶
func (i GetEntityAliasTypeArray) ToGetEntityAliasTypeArrayOutput() GetEntityAliasTypeArrayOutput
func (GetEntityAliasTypeArray) ToGetEntityAliasTypeArrayOutputWithContext ¶
func (i GetEntityAliasTypeArray) ToGetEntityAliasTypeArrayOutputWithContext(ctx context.Context) GetEntityAliasTypeArrayOutput
type GetEntityAliasTypeArrayInput ¶
type GetEntityAliasTypeArrayInput interface { pulumi.Input ToGetEntityAliasTypeArrayOutput() GetEntityAliasTypeArrayOutput ToGetEntityAliasTypeArrayOutputWithContext(context.Context) GetEntityAliasTypeArrayOutput }
GetEntityAliasTypeArrayInput is an input type that accepts GetEntityAliasTypeArray and GetEntityAliasTypeArrayOutput values. You can construct a concrete instance of `GetEntityAliasTypeArrayInput` via:
GetEntityAliasTypeArray{ GetEntityAliasTypeArgs{...} }
type GetEntityAliasTypeArrayOutput ¶
type GetEntityAliasTypeArrayOutput struct{ *pulumi.OutputState }
func (GetEntityAliasTypeArrayOutput) ElementType ¶
func (GetEntityAliasTypeArrayOutput) ElementType() reflect.Type
func (GetEntityAliasTypeArrayOutput) Index ¶
func (o GetEntityAliasTypeArrayOutput) Index(i pulumi.IntInput) GetEntityAliasTypeOutput
func (GetEntityAliasTypeArrayOutput) ToGetEntityAliasTypeArrayOutput ¶
func (o GetEntityAliasTypeArrayOutput) ToGetEntityAliasTypeArrayOutput() GetEntityAliasTypeArrayOutput
func (GetEntityAliasTypeArrayOutput) ToGetEntityAliasTypeArrayOutputWithContext ¶
func (o GetEntityAliasTypeArrayOutput) ToGetEntityAliasTypeArrayOutputWithContext(ctx context.Context) GetEntityAliasTypeArrayOutput
type GetEntityAliasTypeInput ¶
type GetEntityAliasTypeInput interface { pulumi.Input ToGetEntityAliasTypeOutput() GetEntityAliasTypeOutput ToGetEntityAliasTypeOutputWithContext(context.Context) GetEntityAliasTypeOutput }
GetEntityAliasTypeInput is an input type that accepts GetEntityAliasTypeArgs and GetEntityAliasTypeOutput values. You can construct a concrete instance of `GetEntityAliasTypeInput` via:
GetEntityAliasTypeArgs{...}
type GetEntityAliasTypeOutput ¶
type GetEntityAliasTypeOutput struct{ *pulumi.OutputState }
func (GetEntityAliasTypeOutput) CanonicalId ¶
func (o GetEntityAliasTypeOutput) CanonicalId() pulumi.StringOutput
Canonical ID of the Alias
func (GetEntityAliasTypeOutput) CreationTime ¶
func (o GetEntityAliasTypeOutput) CreationTime() pulumi.StringOutput
Creation time of the Alias
func (GetEntityAliasTypeOutput) ElementType ¶
func (GetEntityAliasTypeOutput) ElementType() reflect.Type
func (GetEntityAliasTypeOutput) Id ¶
func (o GetEntityAliasTypeOutput) Id() pulumi.StringOutput
ID of the alias
func (GetEntityAliasTypeOutput) LastUpdateTime ¶
func (o GetEntityAliasTypeOutput) LastUpdateTime() pulumi.StringOutput
Last update time of the alias
func (GetEntityAliasTypeOutput) MergedFromCanonicalIds ¶
func (o GetEntityAliasTypeOutput) MergedFromCanonicalIds() pulumi.StringArrayOutput
List of canonical IDs merged with this alias
func (GetEntityAliasTypeOutput) Metadata ¶
func (o GetEntityAliasTypeOutput) Metadata() pulumi.MapOutput
Arbitrary metadata
func (GetEntityAliasTypeOutput) MountAccessor ¶
func (o GetEntityAliasTypeOutput) MountAccessor() pulumi.StringOutput
Authentication mount acccessor which this alias belongs to
func (GetEntityAliasTypeOutput) MountPath ¶
func (o GetEntityAliasTypeOutput) MountPath() pulumi.StringOutput
Authentication mount path which this alias belongs to
func (GetEntityAliasTypeOutput) MountType ¶
func (o GetEntityAliasTypeOutput) MountType() pulumi.StringOutput
Authentication mount type which this alias belongs to
func (GetEntityAliasTypeOutput) Name ¶
func (o GetEntityAliasTypeOutput) Name() pulumi.StringOutput
Name of the alias
func (GetEntityAliasTypeOutput) ToGetEntityAliasTypeOutput ¶
func (o GetEntityAliasTypeOutput) ToGetEntityAliasTypeOutput() GetEntityAliasTypeOutput
func (GetEntityAliasTypeOutput) ToGetEntityAliasTypeOutputWithContext ¶
func (o GetEntityAliasTypeOutput) ToGetEntityAliasTypeOutputWithContext(ctx context.Context) GetEntityAliasTypeOutput
type GetOidcClientCredsArgs ¶
type GetOidcClientCredsArgs struct { // The name of the OIDC Client in Vault. Name string `pulumi:"name"` // The namespace of the target resource. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). // *Available only for Vault Enterprise*. Namespace *string `pulumi:"namespace"` }
A collection of arguments for invoking getOidcClientCreds.
type GetOidcClientCredsOutputArgs ¶
type GetOidcClientCredsOutputArgs struct { // The name of the OIDC Client in Vault. Name pulumi.StringInput `pulumi:"name"` // The namespace of the target resource. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrInput `pulumi:"namespace"` }
A collection of arguments for invoking getOidcClientCreds.
func (GetOidcClientCredsOutputArgs) ElementType ¶
func (GetOidcClientCredsOutputArgs) ElementType() reflect.Type
type GetOidcClientCredsResult ¶
type GetOidcClientCredsResult struct { // The Client ID returned by Vault. ClientId string `pulumi:"clientId"` // The Client Secret Key returned by Vault. // For public OpenID Clients `clientSecret` is set to an empty string `""` ClientSecret string `pulumi:"clientSecret"` // The provider-assigned unique ID for this managed resource. Id string `pulumi:"id"` Name string `pulumi:"name"` Namespace *string `pulumi:"namespace"` }
A collection of values returned by getOidcClientCreds.
func GetOidcClientCreds ¶
func GetOidcClientCreds(ctx *pulumi.Context, args *GetOidcClientCredsArgs, opts ...pulumi.InvokeOption) (*GetOidcClientCredsResult, error)
## Example Usage
<!--Start PulumiCodeChooser --> ```go package main
import (
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { app, err := identity.NewOidcClient(ctx, "app", &identity.OidcClientArgs{ RedirectUris: pulumi.StringArray{ pulumi.String("http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback"), pulumi.String("http://127.0.0.1:8251/callback"), pulumi.String("http://127.0.0.1:8080/callback"), }, IdTokenTtl: pulumi.Int(2400), AccessTokenTtl: pulumi.Int(7200), }) if err != nil { return err } _ = identity.GetOidcClientCredsOutput(ctx, identity.GetOidcClientCredsOutputArgs{ Name: app.Name, }, nil) return nil }) }
``` <!--End PulumiCodeChooser -->
type GetOidcClientCredsResultOutput ¶
type GetOidcClientCredsResultOutput struct{ *pulumi.OutputState }
A collection of values returned by getOidcClientCreds.
func GetOidcClientCredsOutput ¶
func GetOidcClientCredsOutput(ctx *pulumi.Context, args GetOidcClientCredsOutputArgs, opts ...pulumi.InvokeOption) GetOidcClientCredsResultOutput
func (GetOidcClientCredsResultOutput) ClientId ¶
func (o GetOidcClientCredsResultOutput) ClientId() pulumi.StringOutput
The Client ID returned by Vault.
func (GetOidcClientCredsResultOutput) ClientSecret ¶
func (o GetOidcClientCredsResultOutput) ClientSecret() pulumi.StringOutput
The Client Secret Key returned by Vault. For public OpenID Clients `clientSecret` is set to an empty string `""`
func (GetOidcClientCredsResultOutput) ElementType ¶
func (GetOidcClientCredsResultOutput) ElementType() reflect.Type
func (GetOidcClientCredsResultOutput) Id ¶
func (o GetOidcClientCredsResultOutput) Id() pulumi.StringOutput
The provider-assigned unique ID for this managed resource.
func (GetOidcClientCredsResultOutput) Name ¶
func (o GetOidcClientCredsResultOutput) Name() pulumi.StringOutput
func (GetOidcClientCredsResultOutput) Namespace ¶
func (o GetOidcClientCredsResultOutput) Namespace() pulumi.StringPtrOutput
func (GetOidcClientCredsResultOutput) ToGetOidcClientCredsResultOutput ¶
func (o GetOidcClientCredsResultOutput) ToGetOidcClientCredsResultOutput() GetOidcClientCredsResultOutput
func (GetOidcClientCredsResultOutput) ToGetOidcClientCredsResultOutputWithContext ¶
func (o GetOidcClientCredsResultOutput) ToGetOidcClientCredsResultOutputWithContext(ctx context.Context) GetOidcClientCredsResultOutput
type GetOidcOpenidConfigArgs ¶
type GetOidcOpenidConfigArgs struct { // The name of the OIDC Provider in Vault. Name string `pulumi:"name"` // The namespace of the target resource. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). // *Available only for Vault Enterprise*. Namespace *string `pulumi:"namespace"` }
A collection of arguments for invoking getOidcOpenidConfig.
type GetOidcOpenidConfigOutputArgs ¶
type GetOidcOpenidConfigOutputArgs struct { // The name of the OIDC Provider in Vault. Name pulumi.StringInput `pulumi:"name"` // The namespace of the target resource. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrInput `pulumi:"namespace"` }
A collection of arguments for invoking getOidcOpenidConfig.
func (GetOidcOpenidConfigOutputArgs) ElementType ¶
func (GetOidcOpenidConfigOutputArgs) ElementType() reflect.Type
type GetOidcOpenidConfigResult ¶
type GetOidcOpenidConfigResult struct { // The Authorization Endpoint for the provider. AuthorizationEndpoint string `pulumi:"authorizationEndpoint"` // The grant types supported by the provider. GrantTypesSupporteds []string `pulumi:"grantTypesSupporteds"` // The provider-assigned unique ID for this managed resource. Id string `pulumi:"id"` // The signing algorithms supported by // the provider. IdTokenSigningAlgValuesSupporteds []string `pulumi:"idTokenSigningAlgValuesSupporteds"` // The URL of the issuer for the provider. Issuer string `pulumi:"issuer"` // The well known keys URI for the provider. JwksUri string `pulumi:"jwksUri"` Name string `pulumi:"name"` Namespace *string `pulumi:"namespace"` // Specifies whether Request URI Parameter is // supported by the provider. RequestUriParameterSupported bool `pulumi:"requestUriParameterSupported"` // The response types supported by the provider. ResponseTypesSupporteds []string `pulumi:"responseTypesSupporteds"` // The scopes supported by the provider. ScopesSupporteds []string `pulumi:"scopesSupporteds"` // The subject types supported by the provider. SubjectTypesSupporteds []string `pulumi:"subjectTypesSupporteds"` // The Token Endpoint for the provider. TokenEndpoint string `pulumi:"tokenEndpoint"` // The token endpoint auth methods supported by the provider. TokenEndpointAuthMethodsSupporteds []string `pulumi:"tokenEndpointAuthMethodsSupporteds"` // The User Info Endpoint for the provider UserinfoEndpoint string `pulumi:"userinfoEndpoint"` }
A collection of values returned by getOidcOpenidConfig.
func GetOidcOpenidConfig ¶
func GetOidcOpenidConfig(ctx *pulumi.Context, args *GetOidcOpenidConfigArgs, opts ...pulumi.InvokeOption) (*GetOidcOpenidConfigResult, error)
## Example Usage
<!--Start PulumiCodeChooser --> ```go package main
import (
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { key, err := identity.NewOidcKey(ctx, "key", &identity.OidcKeyArgs{ AllowedClientIds: pulumi.StringArray{ pulumi.String("*"), }, RotationPeriod: pulumi.Int(3600), VerificationTtl: pulumi.Int(3600), }) if err != nil { return err } _, err = identity.NewOidcClient(ctx, "app", &identity.OidcClientArgs{ Key: key.Name, RedirectUris: pulumi.StringArray{ pulumi.String("http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback"), pulumi.String("http://127.0.0.1:8251/callback"), pulumi.String("http://127.0.0.1:8080/callback"), }, IdTokenTtl: pulumi.Int(2400), AccessTokenTtl: pulumi.Int(7200), }) if err != nil { return err } provider, err := identity.NewOidcProvider(ctx, "provider", &identity.OidcProviderArgs{ AllowedClientIds: pulumi.StringArray{ vault_identity_oidc_client.Test.Client_id, }, }) if err != nil { return err } _ = identity.GetOidcOpenidConfigOutput(ctx, identity.GetOidcOpenidConfigOutputArgs{ Name: provider.Name, }, nil) return nil }) }
``` <!--End PulumiCodeChooser -->
type GetOidcOpenidConfigResultOutput ¶
type GetOidcOpenidConfigResultOutput struct{ *pulumi.OutputState }
A collection of values returned by getOidcOpenidConfig.
func GetOidcOpenidConfigOutput ¶
func GetOidcOpenidConfigOutput(ctx *pulumi.Context, args GetOidcOpenidConfigOutputArgs, opts ...pulumi.InvokeOption) GetOidcOpenidConfigResultOutput
func (GetOidcOpenidConfigResultOutput) AuthorizationEndpoint ¶
func (o GetOidcOpenidConfigResultOutput) AuthorizationEndpoint() pulumi.StringOutput
The Authorization Endpoint for the provider.
func (GetOidcOpenidConfigResultOutput) ElementType ¶
func (GetOidcOpenidConfigResultOutput) ElementType() reflect.Type
func (GetOidcOpenidConfigResultOutput) GrantTypesSupporteds ¶
func (o GetOidcOpenidConfigResultOutput) GrantTypesSupporteds() pulumi.StringArrayOutput
The grant types supported by the provider.
func (GetOidcOpenidConfigResultOutput) Id ¶
func (o GetOidcOpenidConfigResultOutput) Id() pulumi.StringOutput
The provider-assigned unique ID for this managed resource.
func (GetOidcOpenidConfigResultOutput) IdTokenSigningAlgValuesSupporteds ¶
func (o GetOidcOpenidConfigResultOutput) IdTokenSigningAlgValuesSupporteds() pulumi.StringArrayOutput
The signing algorithms supported by the provider.
func (GetOidcOpenidConfigResultOutput) Issuer ¶
func (o GetOidcOpenidConfigResultOutput) Issuer() pulumi.StringOutput
The URL of the issuer for the provider.
func (GetOidcOpenidConfigResultOutput) JwksUri ¶
func (o GetOidcOpenidConfigResultOutput) JwksUri() pulumi.StringOutput
The well known keys URI for the provider.
func (GetOidcOpenidConfigResultOutput) Name ¶
func (o GetOidcOpenidConfigResultOutput) Name() pulumi.StringOutput
func (GetOidcOpenidConfigResultOutput) Namespace ¶
func (o GetOidcOpenidConfigResultOutput) Namespace() pulumi.StringPtrOutput
func (GetOidcOpenidConfigResultOutput) RequestUriParameterSupported ¶
func (o GetOidcOpenidConfigResultOutput) RequestUriParameterSupported() pulumi.BoolOutput
Specifies whether Request URI Parameter is supported by the provider.
func (GetOidcOpenidConfigResultOutput) ResponseTypesSupporteds ¶
func (o GetOidcOpenidConfigResultOutput) ResponseTypesSupporteds() pulumi.StringArrayOutput
The response types supported by the provider.
func (GetOidcOpenidConfigResultOutput) ScopesSupporteds ¶
func (o GetOidcOpenidConfigResultOutput) ScopesSupporteds() pulumi.StringArrayOutput
The scopes supported by the provider.
func (GetOidcOpenidConfigResultOutput) SubjectTypesSupporteds ¶
func (o GetOidcOpenidConfigResultOutput) SubjectTypesSupporteds() pulumi.StringArrayOutput
The subject types supported by the provider.
func (GetOidcOpenidConfigResultOutput) ToGetOidcOpenidConfigResultOutput ¶
func (o GetOidcOpenidConfigResultOutput) ToGetOidcOpenidConfigResultOutput() GetOidcOpenidConfigResultOutput
func (GetOidcOpenidConfigResultOutput) ToGetOidcOpenidConfigResultOutputWithContext ¶
func (o GetOidcOpenidConfigResultOutput) ToGetOidcOpenidConfigResultOutputWithContext(ctx context.Context) GetOidcOpenidConfigResultOutput
func (GetOidcOpenidConfigResultOutput) TokenEndpoint ¶
func (o GetOidcOpenidConfigResultOutput) TokenEndpoint() pulumi.StringOutput
The Token Endpoint for the provider.
func (GetOidcOpenidConfigResultOutput) TokenEndpointAuthMethodsSupporteds ¶
func (o GetOidcOpenidConfigResultOutput) TokenEndpointAuthMethodsSupporteds() pulumi.StringArrayOutput
The token endpoint auth methods supported by the provider.
func (GetOidcOpenidConfigResultOutput) UserinfoEndpoint ¶
func (o GetOidcOpenidConfigResultOutput) UserinfoEndpoint() pulumi.StringOutput
The User Info Endpoint for the provider
type GetOidcPublicKeysArgs ¶
type GetOidcPublicKeysArgs struct { // The name of the OIDC Provider in Vault. Name string `pulumi:"name"` // The namespace of the target resource. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). // *Available only for Vault Enterprise*. Namespace *string `pulumi:"namespace"` }
A collection of arguments for invoking getOidcPublicKeys.
type GetOidcPublicKeysOutputArgs ¶
type GetOidcPublicKeysOutputArgs struct { // The name of the OIDC Provider in Vault. Name pulumi.StringInput `pulumi:"name"` // The namespace of the target resource. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrInput `pulumi:"namespace"` }
A collection of arguments for invoking getOidcPublicKeys.
func (GetOidcPublicKeysOutputArgs) ElementType ¶
func (GetOidcPublicKeysOutputArgs) ElementType() reflect.Type
type GetOidcPublicKeysResult ¶
type GetOidcPublicKeysResult struct { // The provider-assigned unique ID for this managed resource. Id string `pulumi:"id"` // The public portion of keys for an OIDC provider. // Clients can use them to validate the authenticity of an identity token. Keys []map[string]interface{} `pulumi:"keys"` Name string `pulumi:"name"` Namespace *string `pulumi:"namespace"` }
A collection of values returned by getOidcPublicKeys.
func GetOidcPublicKeys ¶
func GetOidcPublicKeys(ctx *pulumi.Context, args *GetOidcPublicKeysArgs, opts ...pulumi.InvokeOption) (*GetOidcPublicKeysResult, error)
## Example Usage
<!--Start PulumiCodeChooser --> ```go package main
import (
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { key, err := identity.NewOidcKey(ctx, "key", &identity.OidcKeyArgs{ AllowedClientIds: pulumi.StringArray{ pulumi.String("*"), }, RotationPeriod: pulumi.Int(3600), VerificationTtl: pulumi.Int(3600), }) if err != nil { return err } _, err = identity.NewOidcClient(ctx, "app", &identity.OidcClientArgs{ Key: key.Name, RedirectUris: pulumi.StringArray{ pulumi.String("http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback"), pulumi.String("http://127.0.0.1:8251/callback"), pulumi.String("http://127.0.0.1:8080/callback"), }, IdTokenTtl: pulumi.Int(2400), AccessTokenTtl: pulumi.Int(7200), }) if err != nil { return err } provider, err := identity.NewOidcProvider(ctx, "provider", &identity.OidcProviderArgs{ AllowedClientIds: pulumi.StringArray{ vault_identity_oidc_client.Test.Client_id, }, }) if err != nil { return err } _ = identity.GetOidcPublicKeysOutput(ctx, identity.GetOidcPublicKeysOutputArgs{ Name: provider.Name, }, nil) return nil }) }
``` <!--End PulumiCodeChooser -->
type GetOidcPublicKeysResultOutput ¶
type GetOidcPublicKeysResultOutput struct{ *pulumi.OutputState }
A collection of values returned by getOidcPublicKeys.
func GetOidcPublicKeysOutput ¶
func GetOidcPublicKeysOutput(ctx *pulumi.Context, args GetOidcPublicKeysOutputArgs, opts ...pulumi.InvokeOption) GetOidcPublicKeysResultOutput
func (GetOidcPublicKeysResultOutput) ElementType ¶
func (GetOidcPublicKeysResultOutput) ElementType() reflect.Type
func (GetOidcPublicKeysResultOutput) Id ¶
func (o GetOidcPublicKeysResultOutput) Id() pulumi.StringOutput
The provider-assigned unique ID for this managed resource.
func (GetOidcPublicKeysResultOutput) Keys ¶
func (o GetOidcPublicKeysResultOutput) Keys() pulumi.MapArrayOutput
The public portion of keys for an OIDC provider. Clients can use them to validate the authenticity of an identity token.
func (GetOidcPublicKeysResultOutput) Name ¶
func (o GetOidcPublicKeysResultOutput) Name() pulumi.StringOutput
func (GetOidcPublicKeysResultOutput) Namespace ¶
func (o GetOidcPublicKeysResultOutput) Namespace() pulumi.StringPtrOutput
func (GetOidcPublicKeysResultOutput) ToGetOidcPublicKeysResultOutput ¶
func (o GetOidcPublicKeysResultOutput) ToGetOidcPublicKeysResultOutput() GetOidcPublicKeysResultOutput
func (GetOidcPublicKeysResultOutput) ToGetOidcPublicKeysResultOutputWithContext ¶
func (o GetOidcPublicKeysResultOutput) ToGetOidcPublicKeysResultOutputWithContext(ctx context.Context) GetOidcPublicKeysResultOutput
type Group ¶
type Group struct { pulumi.CustomResourceState // `false` by default. If set to `true`, this resource will ignore any Entity IDs // returned from Vault or specified in the resource. You can use // `identity.GroupMemberEntityIds` to manage Entity IDs for this group in a // decoupled manner. ExternalMemberEntityIds pulumi.BoolPtrOutput `pulumi:"externalMemberEntityIds"` // `false` by default. If set to `true`, this resource will ignore any Group IDs // returned from Vault or specified in the resource. You can use // `identity.GroupMemberGroupIds` to manage Group IDs for this group in a // decoupled manner. ExternalMemberGroupIds pulumi.BoolPtrOutput `pulumi:"externalMemberGroupIds"` // `false` by default. If set to `true`, this resource will ignore any policies returned from // Vault or specified in the resource. You can use `identity.GroupPolicies` to manage // policies for this group in a decoupled manner. ExternalPolicies pulumi.BoolPtrOutput `pulumi:"externalPolicies"` // A list of Entity IDs to be assigned as group members. Not allowed on `external` groups. MemberEntityIds pulumi.StringArrayOutput `pulumi:"memberEntityIds"` // A list of Group IDs to be assigned as group members. Not allowed on `external` groups. MemberGroupIds pulumi.StringArrayOutput `pulumi:"memberGroupIds"` // A Map of additional metadata to associate with the group. Metadata pulumi.StringMapOutput `pulumi:"metadata"` // Name of the identity group to create. Name pulumi.StringOutput `pulumi:"name"` // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrOutput `pulumi:"namespace"` // A list of policies to apply to the group. Policies pulumi.StringArrayOutput `pulumi:"policies"` // Type of the group, internal or external. Defaults to `internal`. Type pulumi.StringPtrOutput `pulumi:"type"` }
Creates an Identity Group for Vault. The [Identity secrets engine](https://www.vaultproject.io/docs/secrets/identity/index.html) is the identity management solution for Vault.
A group can contain multiple entities as its members. A group can also have subgroups. Policies set on the group is granted to all members of the group. During request time, when the token's entity ID is being evaluated for the policies that it has access to; along with the policies on the entity itself, policies that are inherited due to group memberships are also granted.
## Example Usage
### Internal Group
<!--Start PulumiCodeChooser --> ```go package main
import (
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := identity.NewGroup(ctx, "internal", &identity.GroupArgs{ Metadata: pulumi.StringMap{ "version": pulumi.String("2"), }, Policies: pulumi.StringArray{ pulumi.String("dev"), pulumi.String("test"), }, Type: pulumi.String("internal"), }) if err != nil { return err } return nil }) }
``` <!--End PulumiCodeChooser -->
### External Group
<!--Start PulumiCodeChooser --> ```go package main
import (
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := identity.NewGroup(ctx, "group", &identity.GroupArgs{ Metadata: pulumi.StringMap{ "version": pulumi.String("1"), }, Policies: pulumi.StringArray{ pulumi.String("test"), }, Type: pulumi.String("external"), }) if err != nil { return err } return nil }) }
``` <!--End PulumiCodeChooser -->
## Caveats
It's important to note that Vault identity groups names are *case-insensitive*. For example the following resources would be equivalent. Applying this configuration would result in the provider failing to create one of the identity groups, since the resources share the same `name`.
This sort of pattern should be avoided: <!--Start PulumiCodeChooser --> ```go package main
import (
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := identity.NewGroup(ctx, "internalIdentity/groupGroup", &identity.GroupArgs{ Metadata: pulumi.StringMap{ "version": pulumi.String("2"), }, Policies: pulumi.StringArray{ pulumi.String("dev"), pulumi.String("test"), }, Type: pulumi.String("internal"), }) if err != nil { return err } _, err = identity.NewGroup(ctx, "internalGroup", &identity.GroupArgs{ Metadata: pulumi.StringMap{ "version": pulumi.String("2"), }, Policies: pulumi.StringArray{ pulumi.String("dev"), pulumi.String("test"), }, Type: pulumi.String("internal"), }) if err != nil { return err } return nil }) }
``` <!--End PulumiCodeChooser -->
## Import
Identity group can be imported using the `id`, e.g.
```sh $ pulumi import vault:identity/group:Group test 'fcbf1efb-2b69-4209-bed8-811e3475dad3' ```
func GetGroup ¶
func GetGroup(ctx *pulumi.Context, name string, id pulumi.IDInput, state *GroupState, opts ...pulumi.ResourceOption) (*Group, error)
GetGroup gets an existing Group resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewGroup ¶
func NewGroup(ctx *pulumi.Context, name string, args *GroupArgs, opts ...pulumi.ResourceOption) (*Group, error)
NewGroup registers a new resource with the given unique name, arguments, and options.
func (*Group) ElementType ¶
func (*Group) ToGroupOutput ¶
func (i *Group) ToGroupOutput() GroupOutput
func (*Group) ToGroupOutputWithContext ¶
func (i *Group) ToGroupOutputWithContext(ctx context.Context) GroupOutput
type GroupAlias ¶
type GroupAlias struct { pulumi.CustomResourceState // ID of the group to which this is an alias. CanonicalId pulumi.StringOutput `pulumi:"canonicalId"` // Mount accessor of the authentication backend to which this alias belongs to. MountAccessor pulumi.StringOutput `pulumi:"mountAccessor"` // Name of the group alias to create. Name pulumi.StringOutput `pulumi:"name"` // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrOutput `pulumi:"namespace"` }
Creates an Identity Group Alias for Vault. The [Identity secrets engine](https://www.vaultproject.io/docs/secrets/identity/index.html) is the identity management solution for Vault.
Group aliases allows entity membership in external groups to be managed semi-automatically. External group serves as a mapping to a group that is outside of the identity store. External groups can have one (and only one) alias. This alias should map to a notion of group that is outside of the identity store. For example, groups in LDAP, and teams in GitHub. A username in LDAP, belonging to a group in LDAP, can get its entity ID added as a member of a group in Vault automatically during logins and token renewals. This works only if the group in Vault is an external group and has an alias that maps to the group in LDAP. If the user is removed from the group in LDAP, that change gets reflected in Vault only upon the subsequent login or renewal operation.
## Example Usage
<!--Start PulumiCodeChooser --> ```go package main
import (
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault" "github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { group, err := identity.NewGroup(ctx, "group", &identity.GroupArgs{ Type: pulumi.String("external"), Policies: pulumi.StringArray{ pulumi.String("test"), }, }) if err != nil { return err } github, err := vault.NewAuthBackend(ctx, "github", &vault.AuthBackendArgs{ Type: pulumi.String("github"), Path: pulumi.String("github"), }) if err != nil { return err } _, err = identity.NewGroupAlias(ctx, "group-alias", &identity.GroupAliasArgs{ Name: pulumi.String("Github_Team_Slug"), MountAccessor: github.Accessor, CanonicalId: group.ID(), }) if err != nil { return err } return nil }) }
``` <!--End PulumiCodeChooser -->
## Import
The group alias can be imported with the group alias `id`, for example:
```sh $ pulumi import vault:identity/groupAlias:GroupAlias group-alias id ```
Group aliases can also be imported using the UUID of the alias record, e.g.
```sh $ pulumi import vault:identity/groupAlias:GroupAlias alias_name 63104e20-88e4-11eb-8d04-cf7ac9d60157 ```
func GetGroupAlias ¶
func GetGroupAlias(ctx *pulumi.Context, name string, id pulumi.IDInput, state *GroupAliasState, opts ...pulumi.ResourceOption) (*GroupAlias, error)
GetGroupAlias gets an existing GroupAlias resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewGroupAlias ¶
func NewGroupAlias(ctx *pulumi.Context, name string, args *GroupAliasArgs, opts ...pulumi.ResourceOption) (*GroupAlias, error)
NewGroupAlias registers a new resource with the given unique name, arguments, and options.
func (*GroupAlias) ElementType ¶
func (*GroupAlias) ElementType() reflect.Type
func (*GroupAlias) ToGroupAliasOutput ¶
func (i *GroupAlias) ToGroupAliasOutput() GroupAliasOutput
func (*GroupAlias) ToGroupAliasOutputWithContext ¶
func (i *GroupAlias) ToGroupAliasOutputWithContext(ctx context.Context) GroupAliasOutput
type GroupAliasArgs ¶
type GroupAliasArgs struct { // ID of the group to which this is an alias. CanonicalId pulumi.StringInput // Mount accessor of the authentication backend to which this alias belongs to. MountAccessor pulumi.StringInput // Name of the group alias to create. Name pulumi.StringInput // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrInput }
The set of arguments for constructing a GroupAlias resource.
func (GroupAliasArgs) ElementType ¶
func (GroupAliasArgs) ElementType() reflect.Type
type GroupAliasArray ¶
type GroupAliasArray []GroupAliasInput
func (GroupAliasArray) ElementType ¶
func (GroupAliasArray) ElementType() reflect.Type
func (GroupAliasArray) ToGroupAliasArrayOutput ¶
func (i GroupAliasArray) ToGroupAliasArrayOutput() GroupAliasArrayOutput
func (GroupAliasArray) ToGroupAliasArrayOutputWithContext ¶
func (i GroupAliasArray) ToGroupAliasArrayOutputWithContext(ctx context.Context) GroupAliasArrayOutput
type GroupAliasArrayInput ¶
type GroupAliasArrayInput interface { pulumi.Input ToGroupAliasArrayOutput() GroupAliasArrayOutput ToGroupAliasArrayOutputWithContext(context.Context) GroupAliasArrayOutput }
GroupAliasArrayInput is an input type that accepts GroupAliasArray and GroupAliasArrayOutput values. You can construct a concrete instance of `GroupAliasArrayInput` via:
GroupAliasArray{ GroupAliasArgs{...} }
type GroupAliasArrayOutput ¶
type GroupAliasArrayOutput struct{ *pulumi.OutputState }
func (GroupAliasArrayOutput) ElementType ¶
func (GroupAliasArrayOutput) ElementType() reflect.Type
func (GroupAliasArrayOutput) Index ¶
func (o GroupAliasArrayOutput) Index(i pulumi.IntInput) GroupAliasOutput
func (GroupAliasArrayOutput) ToGroupAliasArrayOutput ¶
func (o GroupAliasArrayOutput) ToGroupAliasArrayOutput() GroupAliasArrayOutput
func (GroupAliasArrayOutput) ToGroupAliasArrayOutputWithContext ¶
func (o GroupAliasArrayOutput) ToGroupAliasArrayOutputWithContext(ctx context.Context) GroupAliasArrayOutput
type GroupAliasInput ¶
type GroupAliasInput interface { pulumi.Input ToGroupAliasOutput() GroupAliasOutput ToGroupAliasOutputWithContext(ctx context.Context) GroupAliasOutput }
type GroupAliasMap ¶
type GroupAliasMap map[string]GroupAliasInput
func (GroupAliasMap) ElementType ¶
func (GroupAliasMap) ElementType() reflect.Type
func (GroupAliasMap) ToGroupAliasMapOutput ¶
func (i GroupAliasMap) ToGroupAliasMapOutput() GroupAliasMapOutput
func (GroupAliasMap) ToGroupAliasMapOutputWithContext ¶
func (i GroupAliasMap) ToGroupAliasMapOutputWithContext(ctx context.Context) GroupAliasMapOutput
type GroupAliasMapInput ¶
type GroupAliasMapInput interface { pulumi.Input ToGroupAliasMapOutput() GroupAliasMapOutput ToGroupAliasMapOutputWithContext(context.Context) GroupAliasMapOutput }
GroupAliasMapInput is an input type that accepts GroupAliasMap and GroupAliasMapOutput values. You can construct a concrete instance of `GroupAliasMapInput` via:
GroupAliasMap{ "key": GroupAliasArgs{...} }
type GroupAliasMapOutput ¶
type GroupAliasMapOutput struct{ *pulumi.OutputState }
func (GroupAliasMapOutput) ElementType ¶
func (GroupAliasMapOutput) ElementType() reflect.Type
func (GroupAliasMapOutput) MapIndex ¶
func (o GroupAliasMapOutput) MapIndex(k pulumi.StringInput) GroupAliasOutput
func (GroupAliasMapOutput) ToGroupAliasMapOutput ¶
func (o GroupAliasMapOutput) ToGroupAliasMapOutput() GroupAliasMapOutput
func (GroupAliasMapOutput) ToGroupAliasMapOutputWithContext ¶
func (o GroupAliasMapOutput) ToGroupAliasMapOutputWithContext(ctx context.Context) GroupAliasMapOutput
type GroupAliasOutput ¶
type GroupAliasOutput struct{ *pulumi.OutputState }
func (GroupAliasOutput) CanonicalId ¶
func (o GroupAliasOutput) CanonicalId() pulumi.StringOutput
ID of the group to which this is an alias.
func (GroupAliasOutput) ElementType ¶
func (GroupAliasOutput) ElementType() reflect.Type
func (GroupAliasOutput) MountAccessor ¶
func (o GroupAliasOutput) MountAccessor() pulumi.StringOutput
Mount accessor of the authentication backend to which this alias belongs to.
func (GroupAliasOutput) Name ¶
func (o GroupAliasOutput) Name() pulumi.StringOutput
Name of the group alias to create.
func (GroupAliasOutput) Namespace ¶
func (o GroupAliasOutput) Namespace() pulumi.StringPtrOutput
The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). *Available only for Vault Enterprise*.
func (GroupAliasOutput) ToGroupAliasOutput ¶
func (o GroupAliasOutput) ToGroupAliasOutput() GroupAliasOutput
func (GroupAliasOutput) ToGroupAliasOutputWithContext ¶
func (o GroupAliasOutput) ToGroupAliasOutputWithContext(ctx context.Context) GroupAliasOutput
type GroupAliasState ¶
type GroupAliasState struct { // ID of the group to which this is an alias. CanonicalId pulumi.StringPtrInput // Mount accessor of the authentication backend to which this alias belongs to. MountAccessor pulumi.StringPtrInput // Name of the group alias to create. Name pulumi.StringPtrInput // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrInput }
func (GroupAliasState) ElementType ¶
func (GroupAliasState) ElementType() reflect.Type
type GroupArgs ¶
type GroupArgs struct { // `false` by default. If set to `true`, this resource will ignore any Entity IDs // returned from Vault or specified in the resource. You can use // `identity.GroupMemberEntityIds` to manage Entity IDs for this group in a // decoupled manner. ExternalMemberEntityIds pulumi.BoolPtrInput // `false` by default. If set to `true`, this resource will ignore any Group IDs // returned from Vault or specified in the resource. You can use // `identity.GroupMemberGroupIds` to manage Group IDs for this group in a // decoupled manner. ExternalMemberGroupIds pulumi.BoolPtrInput // `false` by default. If set to `true`, this resource will ignore any policies returned from // Vault or specified in the resource. You can use `identity.GroupPolicies` to manage // policies for this group in a decoupled manner. ExternalPolicies pulumi.BoolPtrInput // A list of Entity IDs to be assigned as group members. Not allowed on `external` groups. MemberEntityIds pulumi.StringArrayInput // A list of Group IDs to be assigned as group members. Not allowed on `external` groups. MemberGroupIds pulumi.StringArrayInput // A Map of additional metadata to associate with the group. Metadata pulumi.StringMapInput // Name of the identity group to create. Name pulumi.StringPtrInput // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrInput // A list of policies to apply to the group. Policies pulumi.StringArrayInput // Type of the group, internal or external. Defaults to `internal`. Type pulumi.StringPtrInput }
The set of arguments for constructing a Group resource.
func (GroupArgs) ElementType ¶
type GroupArray ¶
type GroupArray []GroupInput
func (GroupArray) ElementType ¶
func (GroupArray) ElementType() reflect.Type
func (GroupArray) ToGroupArrayOutput ¶
func (i GroupArray) ToGroupArrayOutput() GroupArrayOutput
func (GroupArray) ToGroupArrayOutputWithContext ¶
func (i GroupArray) ToGroupArrayOutputWithContext(ctx context.Context) GroupArrayOutput
type GroupArrayInput ¶
type GroupArrayInput interface { pulumi.Input ToGroupArrayOutput() GroupArrayOutput ToGroupArrayOutputWithContext(context.Context) GroupArrayOutput }
GroupArrayInput is an input type that accepts GroupArray and GroupArrayOutput values. You can construct a concrete instance of `GroupArrayInput` via:
GroupArray{ GroupArgs{...} }
type GroupArrayOutput ¶
type GroupArrayOutput struct{ *pulumi.OutputState }
func (GroupArrayOutput) ElementType ¶
func (GroupArrayOutput) ElementType() reflect.Type
func (GroupArrayOutput) Index ¶
func (o GroupArrayOutput) Index(i pulumi.IntInput) GroupOutput
func (GroupArrayOutput) ToGroupArrayOutput ¶
func (o GroupArrayOutput) ToGroupArrayOutput() GroupArrayOutput
func (GroupArrayOutput) ToGroupArrayOutputWithContext ¶
func (o GroupArrayOutput) ToGroupArrayOutputWithContext(ctx context.Context) GroupArrayOutput
type GroupInput ¶
type GroupInput interface { pulumi.Input ToGroupOutput() GroupOutput ToGroupOutputWithContext(ctx context.Context) GroupOutput }
type GroupMap ¶
type GroupMap map[string]GroupInput
func (GroupMap) ElementType ¶
func (GroupMap) ToGroupMapOutput ¶
func (i GroupMap) ToGroupMapOutput() GroupMapOutput
func (GroupMap) ToGroupMapOutputWithContext ¶
func (i GroupMap) ToGroupMapOutputWithContext(ctx context.Context) GroupMapOutput
type GroupMapInput ¶
type GroupMapInput interface { pulumi.Input ToGroupMapOutput() GroupMapOutput ToGroupMapOutputWithContext(context.Context) GroupMapOutput }
GroupMapInput is an input type that accepts GroupMap and GroupMapOutput values. You can construct a concrete instance of `GroupMapInput` via:
GroupMap{ "key": GroupArgs{...} }
type GroupMapOutput ¶
type GroupMapOutput struct{ *pulumi.OutputState }
func (GroupMapOutput) ElementType ¶
func (GroupMapOutput) ElementType() reflect.Type
func (GroupMapOutput) MapIndex ¶
func (o GroupMapOutput) MapIndex(k pulumi.StringInput) GroupOutput
func (GroupMapOutput) ToGroupMapOutput ¶
func (o GroupMapOutput) ToGroupMapOutput() GroupMapOutput
func (GroupMapOutput) ToGroupMapOutputWithContext ¶
func (o GroupMapOutput) ToGroupMapOutputWithContext(ctx context.Context) GroupMapOutput
type GroupMemberEntityIds ¶
type GroupMemberEntityIds struct { pulumi.CustomResourceState // Defaults to `true`. // // If `true`, this resource will take exclusive control of the member entities that belong to the group and will set it equal to what is specified in the resource. // // If set to `false`, this resource will simply ensure that the member entities specified in the resource are present in the group. When destroying the resource, the resource will ensure that the member entities specified in the resource are removed. Exclusive pulumi.BoolPtrOutput `pulumi:"exclusive"` // Group ID to assign member entities to. GroupId pulumi.StringOutput `pulumi:"groupId"` // List of member entities that belong to the group MemberEntityIds pulumi.StringArrayOutput `pulumi:"memberEntityIds"` // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrOutput `pulumi:"namespace"` }
Manages member entities for an Identity Group for Vault. The [Identity secrets engine](https://www.vaultproject.io/docs/secrets/identity/index.html) is the identity management solution for Vault.
## Example Usage
### Exclusive Member Entities
<!--Start PulumiCodeChooser --> ```go package main
import (
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { internal, err := identity.NewGroup(ctx, "internal", &identity.GroupArgs{ Type: pulumi.String("internal"), ExternalMemberEntityIds: pulumi.Bool(true), Metadata: pulumi.StringMap{ "version": pulumi.String("2"), }, }) if err != nil { return err } user, err := identity.NewEntity(ctx, "user", nil) if err != nil { return err } _, err = identity.NewGroupMemberEntityIds(ctx, "members", &identity.GroupMemberEntityIdsArgs{ Exclusive: pulumi.Bool(true), MemberEntityIds: pulumi.StringArray{ user.ID(), }, GroupId: internal.ID(), }) if err != nil { return err } return nil }) }
``` <!--End PulumiCodeChooser -->
### Non-exclusive Member Entities
<!--Start PulumiCodeChooser --> ```go package main
import (
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { internal, err := identity.NewGroup(ctx, "internal", &identity.GroupArgs{ Type: pulumi.String("internal"), ExternalMemberEntityIds: pulumi.Bool(true), Metadata: pulumi.StringMap{ "version": pulumi.String("2"), }, }) if err != nil { return err } testUser, err := identity.NewEntity(ctx, "testUser", nil) if err != nil { return err } secondTestUser, err := identity.NewEntity(ctx, "secondTestUser", nil) if err != nil { return err } devUser, err := identity.NewEntity(ctx, "devUser", nil) if err != nil { return err } _, err = identity.NewGroupMemberEntityIds(ctx, "test", &identity.GroupMemberEntityIdsArgs{ MemberEntityIds: pulumi.StringArray{ testUser.ID(), secondTestUser.ID(), }, Exclusive: pulumi.Bool(false), GroupId: internal.ID(), }) if err != nil { return err } _, err = identity.NewGroupMemberEntityIds(ctx, "others", &identity.GroupMemberEntityIdsArgs{ MemberEntityIds: pulumi.StringArray{ devUser.ID(), }, Exclusive: pulumi.Bool(false), GroupId: internal.ID(), }) if err != nil { return err } return nil }) }
``` <!--End PulumiCodeChooser -->
func GetGroupMemberEntityIds ¶
func GetGroupMemberEntityIds(ctx *pulumi.Context, name string, id pulumi.IDInput, state *GroupMemberEntityIdsState, opts ...pulumi.ResourceOption) (*GroupMemberEntityIds, error)
GetGroupMemberEntityIds gets an existing GroupMemberEntityIds resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewGroupMemberEntityIds ¶
func NewGroupMemberEntityIds(ctx *pulumi.Context, name string, args *GroupMemberEntityIdsArgs, opts ...pulumi.ResourceOption) (*GroupMemberEntityIds, error)
NewGroupMemberEntityIds registers a new resource with the given unique name, arguments, and options.
func (*GroupMemberEntityIds) ElementType ¶
func (*GroupMemberEntityIds) ElementType() reflect.Type
func (*GroupMemberEntityIds) ToGroupMemberEntityIdsOutput ¶
func (i *GroupMemberEntityIds) ToGroupMemberEntityIdsOutput() GroupMemberEntityIdsOutput
func (*GroupMemberEntityIds) ToGroupMemberEntityIdsOutputWithContext ¶
func (i *GroupMemberEntityIds) ToGroupMemberEntityIdsOutputWithContext(ctx context.Context) GroupMemberEntityIdsOutput
type GroupMemberEntityIdsArgs ¶
type GroupMemberEntityIdsArgs struct { // Defaults to `true`. // // If `true`, this resource will take exclusive control of the member entities that belong to the group and will set it equal to what is specified in the resource. // // If set to `false`, this resource will simply ensure that the member entities specified in the resource are present in the group. When destroying the resource, the resource will ensure that the member entities specified in the resource are removed. Exclusive pulumi.BoolPtrInput // Group ID to assign member entities to. GroupId pulumi.StringInput // List of member entities that belong to the group MemberEntityIds pulumi.StringArrayInput // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrInput }
The set of arguments for constructing a GroupMemberEntityIds resource.
func (GroupMemberEntityIdsArgs) ElementType ¶
func (GroupMemberEntityIdsArgs) ElementType() reflect.Type
type GroupMemberEntityIdsArray ¶
type GroupMemberEntityIdsArray []GroupMemberEntityIdsInput
func (GroupMemberEntityIdsArray) ElementType ¶
func (GroupMemberEntityIdsArray) ElementType() reflect.Type
func (GroupMemberEntityIdsArray) ToGroupMemberEntityIdsArrayOutput ¶
func (i GroupMemberEntityIdsArray) ToGroupMemberEntityIdsArrayOutput() GroupMemberEntityIdsArrayOutput
func (GroupMemberEntityIdsArray) ToGroupMemberEntityIdsArrayOutputWithContext ¶
func (i GroupMemberEntityIdsArray) ToGroupMemberEntityIdsArrayOutputWithContext(ctx context.Context) GroupMemberEntityIdsArrayOutput
type GroupMemberEntityIdsArrayInput ¶
type GroupMemberEntityIdsArrayInput interface { pulumi.Input ToGroupMemberEntityIdsArrayOutput() GroupMemberEntityIdsArrayOutput ToGroupMemberEntityIdsArrayOutputWithContext(context.Context) GroupMemberEntityIdsArrayOutput }
GroupMemberEntityIdsArrayInput is an input type that accepts GroupMemberEntityIdsArray and GroupMemberEntityIdsArrayOutput values. You can construct a concrete instance of `GroupMemberEntityIdsArrayInput` via:
GroupMemberEntityIdsArray{ GroupMemberEntityIdsArgs{...} }
type GroupMemberEntityIdsArrayOutput ¶
type GroupMemberEntityIdsArrayOutput struct{ *pulumi.OutputState }
func (GroupMemberEntityIdsArrayOutput) ElementType ¶
func (GroupMemberEntityIdsArrayOutput) ElementType() reflect.Type
func (GroupMemberEntityIdsArrayOutput) Index ¶
func (o GroupMemberEntityIdsArrayOutput) Index(i pulumi.IntInput) GroupMemberEntityIdsOutput
func (GroupMemberEntityIdsArrayOutput) ToGroupMemberEntityIdsArrayOutput ¶
func (o GroupMemberEntityIdsArrayOutput) ToGroupMemberEntityIdsArrayOutput() GroupMemberEntityIdsArrayOutput
func (GroupMemberEntityIdsArrayOutput) ToGroupMemberEntityIdsArrayOutputWithContext ¶
func (o GroupMemberEntityIdsArrayOutput) ToGroupMemberEntityIdsArrayOutputWithContext(ctx context.Context) GroupMemberEntityIdsArrayOutput
type GroupMemberEntityIdsInput ¶
type GroupMemberEntityIdsInput interface { pulumi.Input ToGroupMemberEntityIdsOutput() GroupMemberEntityIdsOutput ToGroupMemberEntityIdsOutputWithContext(ctx context.Context) GroupMemberEntityIdsOutput }
type GroupMemberEntityIdsMap ¶
type GroupMemberEntityIdsMap map[string]GroupMemberEntityIdsInput
func (GroupMemberEntityIdsMap) ElementType ¶
func (GroupMemberEntityIdsMap) ElementType() reflect.Type
func (GroupMemberEntityIdsMap) ToGroupMemberEntityIdsMapOutput ¶
func (i GroupMemberEntityIdsMap) ToGroupMemberEntityIdsMapOutput() GroupMemberEntityIdsMapOutput
func (GroupMemberEntityIdsMap) ToGroupMemberEntityIdsMapOutputWithContext ¶
func (i GroupMemberEntityIdsMap) ToGroupMemberEntityIdsMapOutputWithContext(ctx context.Context) GroupMemberEntityIdsMapOutput
type GroupMemberEntityIdsMapInput ¶
type GroupMemberEntityIdsMapInput interface { pulumi.Input ToGroupMemberEntityIdsMapOutput() GroupMemberEntityIdsMapOutput ToGroupMemberEntityIdsMapOutputWithContext(context.Context) GroupMemberEntityIdsMapOutput }
GroupMemberEntityIdsMapInput is an input type that accepts GroupMemberEntityIdsMap and GroupMemberEntityIdsMapOutput values. You can construct a concrete instance of `GroupMemberEntityIdsMapInput` via:
GroupMemberEntityIdsMap{ "key": GroupMemberEntityIdsArgs{...} }
type GroupMemberEntityIdsMapOutput ¶
type GroupMemberEntityIdsMapOutput struct{ *pulumi.OutputState }
func (GroupMemberEntityIdsMapOutput) ElementType ¶
func (GroupMemberEntityIdsMapOutput) ElementType() reflect.Type
func (GroupMemberEntityIdsMapOutput) MapIndex ¶
func (o GroupMemberEntityIdsMapOutput) MapIndex(k pulumi.StringInput) GroupMemberEntityIdsOutput
func (GroupMemberEntityIdsMapOutput) ToGroupMemberEntityIdsMapOutput ¶
func (o GroupMemberEntityIdsMapOutput) ToGroupMemberEntityIdsMapOutput() GroupMemberEntityIdsMapOutput
func (GroupMemberEntityIdsMapOutput) ToGroupMemberEntityIdsMapOutputWithContext ¶
func (o GroupMemberEntityIdsMapOutput) ToGroupMemberEntityIdsMapOutputWithContext(ctx context.Context) GroupMemberEntityIdsMapOutput
type GroupMemberEntityIdsOutput ¶
type GroupMemberEntityIdsOutput struct{ *pulumi.OutputState }
func (GroupMemberEntityIdsOutput) ElementType ¶
func (GroupMemberEntityIdsOutput) ElementType() reflect.Type
func (GroupMemberEntityIdsOutput) Exclusive ¶
func (o GroupMemberEntityIdsOutput) Exclusive() pulumi.BoolPtrOutput
Defaults to `true`.
If `true`, this resource will take exclusive control of the member entities that belong to the group and will set it equal to what is specified in the resource.
If set to `false`, this resource will simply ensure that the member entities specified in the resource are present in the group. When destroying the resource, the resource will ensure that the member entities specified in the resource are removed.
func (GroupMemberEntityIdsOutput) GroupId ¶
func (o GroupMemberEntityIdsOutput) GroupId() pulumi.StringOutput
Group ID to assign member entities to.
func (GroupMemberEntityIdsOutput) MemberEntityIds ¶
func (o GroupMemberEntityIdsOutput) MemberEntityIds() pulumi.StringArrayOutput
List of member entities that belong to the group
func (GroupMemberEntityIdsOutput) Namespace ¶
func (o GroupMemberEntityIdsOutput) Namespace() pulumi.StringPtrOutput
The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). *Available only for Vault Enterprise*.
func (GroupMemberEntityIdsOutput) ToGroupMemberEntityIdsOutput ¶
func (o GroupMemberEntityIdsOutput) ToGroupMemberEntityIdsOutput() GroupMemberEntityIdsOutput
func (GroupMemberEntityIdsOutput) ToGroupMemberEntityIdsOutputWithContext ¶
func (o GroupMemberEntityIdsOutput) ToGroupMemberEntityIdsOutputWithContext(ctx context.Context) GroupMemberEntityIdsOutput
type GroupMemberEntityIdsState ¶
type GroupMemberEntityIdsState struct { // Defaults to `true`. // // If `true`, this resource will take exclusive control of the member entities that belong to the group and will set it equal to what is specified in the resource. // // If set to `false`, this resource will simply ensure that the member entities specified in the resource are present in the group. When destroying the resource, the resource will ensure that the member entities specified in the resource are removed. Exclusive pulumi.BoolPtrInput // Group ID to assign member entities to. GroupId pulumi.StringPtrInput // List of member entities that belong to the group MemberEntityIds pulumi.StringArrayInput // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrInput }
func (GroupMemberEntityIdsState) ElementType ¶
func (GroupMemberEntityIdsState) ElementType() reflect.Type
type GroupMemberGroupIds ¶
type GroupMemberGroupIds struct { pulumi.CustomResourceState // Defaults to `true`. // // If `true`, this resource will take exclusive control of the member groups that belong to the group and will set // it equal to what is specified in the resource. // // If set to `false`, this resource will simply ensure that the member groups specified in the resource are present // in the group. When destroying the resource, the resource will ensure that the member groups specified in the resource // are removed. Exclusive pulumi.BoolPtrOutput `pulumi:"exclusive"` // Group ID to assign member entities to. GroupId pulumi.StringOutput `pulumi:"groupId"` // List of member groups that belong to the group MemberGroupIds pulumi.StringArrayOutput `pulumi:"memberGroupIds"` // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrOutput `pulumi:"namespace"` }
Manages member groups for an Identity Group for Vault. The [Identity secrets engine](https://www.vaultproject.io/docs/secrets/identity/index.html) is the identity management solution for Vault.
## Example Usage
### Exclusive Member Groups
<!--Start PulumiCodeChooser --> ```go package main
import (
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { internal, err := identity.NewGroup(ctx, "internal", &identity.GroupArgs{ Type: pulumi.String("internal"), ExternalMemberGroupIds: pulumi.Bool(true), Metadata: pulumi.StringMap{ "version": pulumi.String("2"), }, }) if err != nil { return err } users, err := identity.NewGroup(ctx, "users", &identity.GroupArgs{ Metadata: pulumi.StringMap{ "version": pulumi.String("2"), }, }) if err != nil { return err } _, err = identity.NewGroupMemberGroupIds(ctx, "members", &identity.GroupMemberGroupIdsArgs{ Exclusive: pulumi.Bool(true), MemberGroupIds: pulumi.StringArray{ users.ID(), }, GroupId: internal.ID(), }) if err != nil { return err } return nil }) }
``` <!--End PulumiCodeChooser -->
### Non-Exclusive Member Groups
<!--Start PulumiCodeChooser --> ```go package main
import (
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { internal, err := identity.NewGroup(ctx, "internal", &identity.GroupArgs{ Type: pulumi.String("internal"), ExternalMemberGroupIds: pulumi.Bool(true), Metadata: pulumi.StringMap{ "version": pulumi.String("2"), }, }) if err != nil { return err } users, err := identity.NewGroup(ctx, "users", &identity.GroupArgs{ Metadata: pulumi.StringMap{ "version": pulumi.String("2"), }, }) if err != nil { return err } _, err = identity.NewGroupMemberGroupIds(ctx, "members", &identity.GroupMemberGroupIdsArgs{ Exclusive: pulumi.Bool(false), MemberGroupIds: pulumi.StringArray{ users.ID(), }, GroupId: internal.ID(), }) if err != nil { return err } return nil }) }
``` <!--End PulumiCodeChooser -->
func GetGroupMemberGroupIds ¶
func GetGroupMemberGroupIds(ctx *pulumi.Context, name string, id pulumi.IDInput, state *GroupMemberGroupIdsState, opts ...pulumi.ResourceOption) (*GroupMemberGroupIds, error)
GetGroupMemberGroupIds gets an existing GroupMemberGroupIds resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewGroupMemberGroupIds ¶
func NewGroupMemberGroupIds(ctx *pulumi.Context, name string, args *GroupMemberGroupIdsArgs, opts ...pulumi.ResourceOption) (*GroupMemberGroupIds, error)
NewGroupMemberGroupIds registers a new resource with the given unique name, arguments, and options.
func (*GroupMemberGroupIds) ElementType ¶
func (*GroupMemberGroupIds) ElementType() reflect.Type
func (*GroupMemberGroupIds) ToGroupMemberGroupIdsOutput ¶
func (i *GroupMemberGroupIds) ToGroupMemberGroupIdsOutput() GroupMemberGroupIdsOutput
func (*GroupMemberGroupIds) ToGroupMemberGroupIdsOutputWithContext ¶
func (i *GroupMemberGroupIds) ToGroupMemberGroupIdsOutputWithContext(ctx context.Context) GroupMemberGroupIdsOutput
type GroupMemberGroupIdsArgs ¶
type GroupMemberGroupIdsArgs struct { // Defaults to `true`. // // If `true`, this resource will take exclusive control of the member groups that belong to the group and will set // it equal to what is specified in the resource. // // If set to `false`, this resource will simply ensure that the member groups specified in the resource are present // in the group. When destroying the resource, the resource will ensure that the member groups specified in the resource // are removed. Exclusive pulumi.BoolPtrInput // Group ID to assign member entities to. GroupId pulumi.StringInput // List of member groups that belong to the group MemberGroupIds pulumi.StringArrayInput // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrInput }
The set of arguments for constructing a GroupMemberGroupIds resource.
func (GroupMemberGroupIdsArgs) ElementType ¶
func (GroupMemberGroupIdsArgs) ElementType() reflect.Type
type GroupMemberGroupIdsArray ¶
type GroupMemberGroupIdsArray []GroupMemberGroupIdsInput
func (GroupMemberGroupIdsArray) ElementType ¶
func (GroupMemberGroupIdsArray) ElementType() reflect.Type
func (GroupMemberGroupIdsArray) ToGroupMemberGroupIdsArrayOutput ¶
func (i GroupMemberGroupIdsArray) ToGroupMemberGroupIdsArrayOutput() GroupMemberGroupIdsArrayOutput
func (GroupMemberGroupIdsArray) ToGroupMemberGroupIdsArrayOutputWithContext ¶
func (i GroupMemberGroupIdsArray) ToGroupMemberGroupIdsArrayOutputWithContext(ctx context.Context) GroupMemberGroupIdsArrayOutput
type GroupMemberGroupIdsArrayInput ¶
type GroupMemberGroupIdsArrayInput interface { pulumi.Input ToGroupMemberGroupIdsArrayOutput() GroupMemberGroupIdsArrayOutput ToGroupMemberGroupIdsArrayOutputWithContext(context.Context) GroupMemberGroupIdsArrayOutput }
GroupMemberGroupIdsArrayInput is an input type that accepts GroupMemberGroupIdsArray and GroupMemberGroupIdsArrayOutput values. You can construct a concrete instance of `GroupMemberGroupIdsArrayInput` via:
GroupMemberGroupIdsArray{ GroupMemberGroupIdsArgs{...} }
type GroupMemberGroupIdsArrayOutput ¶
type GroupMemberGroupIdsArrayOutput struct{ *pulumi.OutputState }
func (GroupMemberGroupIdsArrayOutput) ElementType ¶
func (GroupMemberGroupIdsArrayOutput) ElementType() reflect.Type
func (GroupMemberGroupIdsArrayOutput) Index ¶
func (o GroupMemberGroupIdsArrayOutput) Index(i pulumi.IntInput) GroupMemberGroupIdsOutput
func (GroupMemberGroupIdsArrayOutput) ToGroupMemberGroupIdsArrayOutput ¶
func (o GroupMemberGroupIdsArrayOutput) ToGroupMemberGroupIdsArrayOutput() GroupMemberGroupIdsArrayOutput
func (GroupMemberGroupIdsArrayOutput) ToGroupMemberGroupIdsArrayOutputWithContext ¶
func (o GroupMemberGroupIdsArrayOutput) ToGroupMemberGroupIdsArrayOutputWithContext(ctx context.Context) GroupMemberGroupIdsArrayOutput
type GroupMemberGroupIdsInput ¶
type GroupMemberGroupIdsInput interface { pulumi.Input ToGroupMemberGroupIdsOutput() GroupMemberGroupIdsOutput ToGroupMemberGroupIdsOutputWithContext(ctx context.Context) GroupMemberGroupIdsOutput }
type GroupMemberGroupIdsMap ¶
type GroupMemberGroupIdsMap map[string]GroupMemberGroupIdsInput
func (GroupMemberGroupIdsMap) ElementType ¶
func (GroupMemberGroupIdsMap) ElementType() reflect.Type
func (GroupMemberGroupIdsMap) ToGroupMemberGroupIdsMapOutput ¶
func (i GroupMemberGroupIdsMap) ToGroupMemberGroupIdsMapOutput() GroupMemberGroupIdsMapOutput
func (GroupMemberGroupIdsMap) ToGroupMemberGroupIdsMapOutputWithContext ¶
func (i GroupMemberGroupIdsMap) ToGroupMemberGroupIdsMapOutputWithContext(ctx context.Context) GroupMemberGroupIdsMapOutput
type GroupMemberGroupIdsMapInput ¶
type GroupMemberGroupIdsMapInput interface { pulumi.Input ToGroupMemberGroupIdsMapOutput() GroupMemberGroupIdsMapOutput ToGroupMemberGroupIdsMapOutputWithContext(context.Context) GroupMemberGroupIdsMapOutput }
GroupMemberGroupIdsMapInput is an input type that accepts GroupMemberGroupIdsMap and GroupMemberGroupIdsMapOutput values. You can construct a concrete instance of `GroupMemberGroupIdsMapInput` via:
GroupMemberGroupIdsMap{ "key": GroupMemberGroupIdsArgs{...} }
type GroupMemberGroupIdsMapOutput ¶
type GroupMemberGroupIdsMapOutput struct{ *pulumi.OutputState }
func (GroupMemberGroupIdsMapOutput) ElementType ¶
func (GroupMemberGroupIdsMapOutput) ElementType() reflect.Type
func (GroupMemberGroupIdsMapOutput) MapIndex ¶
func (o GroupMemberGroupIdsMapOutput) MapIndex(k pulumi.StringInput) GroupMemberGroupIdsOutput
func (GroupMemberGroupIdsMapOutput) ToGroupMemberGroupIdsMapOutput ¶
func (o GroupMemberGroupIdsMapOutput) ToGroupMemberGroupIdsMapOutput() GroupMemberGroupIdsMapOutput
func (GroupMemberGroupIdsMapOutput) ToGroupMemberGroupIdsMapOutputWithContext ¶
func (o GroupMemberGroupIdsMapOutput) ToGroupMemberGroupIdsMapOutputWithContext(ctx context.Context) GroupMemberGroupIdsMapOutput
type GroupMemberGroupIdsOutput ¶
type GroupMemberGroupIdsOutput struct{ *pulumi.OutputState }
func (GroupMemberGroupIdsOutput) ElementType ¶
func (GroupMemberGroupIdsOutput) ElementType() reflect.Type
func (GroupMemberGroupIdsOutput) Exclusive ¶
func (o GroupMemberGroupIdsOutput) Exclusive() pulumi.BoolPtrOutput
Defaults to `true`.
If `true`, this resource will take exclusive control of the member groups that belong to the group and will set it equal to what is specified in the resource.
If set to `false`, this resource will simply ensure that the member groups specified in the resource are present in the group. When destroying the resource, the resource will ensure that the member groups specified in the resource are removed.
func (GroupMemberGroupIdsOutput) GroupId ¶
func (o GroupMemberGroupIdsOutput) GroupId() pulumi.StringOutput
Group ID to assign member entities to.
func (GroupMemberGroupIdsOutput) MemberGroupIds ¶
func (o GroupMemberGroupIdsOutput) MemberGroupIds() pulumi.StringArrayOutput
List of member groups that belong to the group
func (GroupMemberGroupIdsOutput) Namespace ¶
func (o GroupMemberGroupIdsOutput) Namespace() pulumi.StringPtrOutput
The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). *Available only for Vault Enterprise*.
func (GroupMemberGroupIdsOutput) ToGroupMemberGroupIdsOutput ¶
func (o GroupMemberGroupIdsOutput) ToGroupMemberGroupIdsOutput() GroupMemberGroupIdsOutput
func (GroupMemberGroupIdsOutput) ToGroupMemberGroupIdsOutputWithContext ¶
func (o GroupMemberGroupIdsOutput) ToGroupMemberGroupIdsOutputWithContext(ctx context.Context) GroupMemberGroupIdsOutput
type GroupMemberGroupIdsState ¶
type GroupMemberGroupIdsState struct { // Defaults to `true`. // // If `true`, this resource will take exclusive control of the member groups that belong to the group and will set // it equal to what is specified in the resource. // // If set to `false`, this resource will simply ensure that the member groups specified in the resource are present // in the group. When destroying the resource, the resource will ensure that the member groups specified in the resource // are removed. Exclusive pulumi.BoolPtrInput // Group ID to assign member entities to. GroupId pulumi.StringPtrInput // List of member groups that belong to the group MemberGroupIds pulumi.StringArrayInput // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrInput }
func (GroupMemberGroupIdsState) ElementType ¶
func (GroupMemberGroupIdsState) ElementType() reflect.Type
type GroupOutput ¶
type GroupOutput struct{ *pulumi.OutputState }
func (GroupOutput) ElementType ¶
func (GroupOutput) ElementType() reflect.Type
func (GroupOutput) ExternalMemberEntityIds ¶
func (o GroupOutput) ExternalMemberEntityIds() pulumi.BoolPtrOutput
`false` by default. If set to `true`, this resource will ignore any Entity IDs returned from Vault or specified in the resource. You can use `identity.GroupMemberEntityIds` to manage Entity IDs for this group in a decoupled manner.
func (GroupOutput) ExternalMemberGroupIds ¶
func (o GroupOutput) ExternalMemberGroupIds() pulumi.BoolPtrOutput
`false` by default. If set to `true`, this resource will ignore any Group IDs returned from Vault or specified in the resource. You can use `identity.GroupMemberGroupIds` to manage Group IDs for this group in a decoupled manner.
func (GroupOutput) ExternalPolicies ¶
func (o GroupOutput) ExternalPolicies() pulumi.BoolPtrOutput
`false` by default. If set to `true`, this resource will ignore any policies returned from Vault or specified in the resource. You can use `identity.GroupPolicies` to manage policies for this group in a decoupled manner.
func (GroupOutput) MemberEntityIds ¶
func (o GroupOutput) MemberEntityIds() pulumi.StringArrayOutput
A list of Entity IDs to be assigned as group members. Not allowed on `external` groups.
func (GroupOutput) MemberGroupIds ¶
func (o GroupOutput) MemberGroupIds() pulumi.StringArrayOutput
A list of Group IDs to be assigned as group members. Not allowed on `external` groups.
func (GroupOutput) Metadata ¶
func (o GroupOutput) Metadata() pulumi.StringMapOutput
A Map of additional metadata to associate with the group.
func (GroupOutput) Name ¶
func (o GroupOutput) Name() pulumi.StringOutput
Name of the identity group to create.
func (GroupOutput) Namespace ¶
func (o GroupOutput) Namespace() pulumi.StringPtrOutput
The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). *Available only for Vault Enterprise*.
func (GroupOutput) Policies ¶
func (o GroupOutput) Policies() pulumi.StringArrayOutput
A list of policies to apply to the group.
func (GroupOutput) ToGroupOutput ¶
func (o GroupOutput) ToGroupOutput() GroupOutput
func (GroupOutput) ToGroupOutputWithContext ¶
func (o GroupOutput) ToGroupOutputWithContext(ctx context.Context) GroupOutput
func (GroupOutput) Type ¶
func (o GroupOutput) Type() pulumi.StringPtrOutput
Type of the group, internal or external. Defaults to `internal`.
type GroupPolicies ¶
type GroupPolicies struct { pulumi.CustomResourceState // Defaults to `true`. // // If `true`, this resource will take exclusive control of the policies assigned to the group and will set it equal to what is specified in the resource. // // If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the group. When destroying the resource, the resource will ensure that the policies specified in the resource are removed. Exclusive pulumi.BoolPtrOutput `pulumi:"exclusive"` // Group ID to assign policies to. GroupId pulumi.StringOutput `pulumi:"groupId"` // The name of the group that are assigned the policies. GroupName pulumi.StringOutput `pulumi:"groupName"` // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrOutput `pulumi:"namespace"` // List of policies to assign to the group Policies pulumi.StringArrayOutput `pulumi:"policies"` }
Manages policies for an Identity Group for Vault. The [Identity secrets engine](https://www.vaultproject.io/docs/secrets/identity/index.html) is the identity management solution for Vault.
## Example Usage
### Exclusive Policies
<!--Start PulumiCodeChooser --> ```go package main
import (
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { internal, err := identity.NewGroup(ctx, "internal", &identity.GroupArgs{ Type: pulumi.String("internal"), ExternalPolicies: pulumi.Bool(true), Metadata: pulumi.StringMap{ "version": pulumi.String("2"), }, }) if err != nil { return err } _, err = identity.NewGroupPolicies(ctx, "policies", &identity.GroupPoliciesArgs{ Policies: pulumi.StringArray{ pulumi.String("default"), pulumi.String("test"), }, Exclusive: pulumi.Bool(true), GroupId: internal.ID(), }) if err != nil { return err } return nil }) }
``` <!--End PulumiCodeChooser -->
### Non-exclusive Policies
<!--Start PulumiCodeChooser --> ```go package main
import (
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { internal, err := identity.NewGroup(ctx, "internal", &identity.GroupArgs{ Type: pulumi.String("internal"), ExternalPolicies: pulumi.Bool(true), Metadata: pulumi.StringMap{ "version": pulumi.String("2"), }, }) if err != nil { return err } _, err = identity.NewGroupPolicies(ctx, "default", &identity.GroupPoliciesArgs{ Policies: pulumi.StringArray{ pulumi.String("default"), pulumi.String("test"), }, Exclusive: pulumi.Bool(false), GroupId: internal.ID(), }) if err != nil { return err } _, err = identity.NewGroupPolicies(ctx, "others", &identity.GroupPoliciesArgs{ Policies: pulumi.StringArray{ pulumi.String("others"), }, Exclusive: pulumi.Bool(false), GroupId: internal.ID(), }) if err != nil { return err } return nil }) }
``` <!--End PulumiCodeChooser -->
func GetGroupPolicies ¶
func GetGroupPolicies(ctx *pulumi.Context, name string, id pulumi.IDInput, state *GroupPoliciesState, opts ...pulumi.ResourceOption) (*GroupPolicies, error)
GetGroupPolicies gets an existing GroupPolicies resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewGroupPolicies ¶
func NewGroupPolicies(ctx *pulumi.Context, name string, args *GroupPoliciesArgs, opts ...pulumi.ResourceOption) (*GroupPolicies, error)
NewGroupPolicies registers a new resource with the given unique name, arguments, and options.
func (*GroupPolicies) ElementType ¶
func (*GroupPolicies) ElementType() reflect.Type
func (*GroupPolicies) ToGroupPoliciesOutput ¶
func (i *GroupPolicies) ToGroupPoliciesOutput() GroupPoliciesOutput
func (*GroupPolicies) ToGroupPoliciesOutputWithContext ¶
func (i *GroupPolicies) ToGroupPoliciesOutputWithContext(ctx context.Context) GroupPoliciesOutput
type GroupPoliciesArgs ¶
type GroupPoliciesArgs struct { // Defaults to `true`. // // If `true`, this resource will take exclusive control of the policies assigned to the group and will set it equal to what is specified in the resource. // // If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the group. When destroying the resource, the resource will ensure that the policies specified in the resource are removed. Exclusive pulumi.BoolPtrInput // Group ID to assign policies to. GroupId pulumi.StringInput // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrInput // List of policies to assign to the group Policies pulumi.StringArrayInput }
The set of arguments for constructing a GroupPolicies resource.
func (GroupPoliciesArgs) ElementType ¶
func (GroupPoliciesArgs) ElementType() reflect.Type
type GroupPoliciesArray ¶
type GroupPoliciesArray []GroupPoliciesInput
func (GroupPoliciesArray) ElementType ¶
func (GroupPoliciesArray) ElementType() reflect.Type
func (GroupPoliciesArray) ToGroupPoliciesArrayOutput ¶
func (i GroupPoliciesArray) ToGroupPoliciesArrayOutput() GroupPoliciesArrayOutput
func (GroupPoliciesArray) ToGroupPoliciesArrayOutputWithContext ¶
func (i GroupPoliciesArray) ToGroupPoliciesArrayOutputWithContext(ctx context.Context) GroupPoliciesArrayOutput
type GroupPoliciesArrayInput ¶
type GroupPoliciesArrayInput interface { pulumi.Input ToGroupPoliciesArrayOutput() GroupPoliciesArrayOutput ToGroupPoliciesArrayOutputWithContext(context.Context) GroupPoliciesArrayOutput }
GroupPoliciesArrayInput is an input type that accepts GroupPoliciesArray and GroupPoliciesArrayOutput values. You can construct a concrete instance of `GroupPoliciesArrayInput` via:
GroupPoliciesArray{ GroupPoliciesArgs{...} }
type GroupPoliciesArrayOutput ¶
type GroupPoliciesArrayOutput struct{ *pulumi.OutputState }
func (GroupPoliciesArrayOutput) ElementType ¶
func (GroupPoliciesArrayOutput) ElementType() reflect.Type
func (GroupPoliciesArrayOutput) Index ¶
func (o GroupPoliciesArrayOutput) Index(i pulumi.IntInput) GroupPoliciesOutput
func (GroupPoliciesArrayOutput) ToGroupPoliciesArrayOutput ¶
func (o GroupPoliciesArrayOutput) ToGroupPoliciesArrayOutput() GroupPoliciesArrayOutput
func (GroupPoliciesArrayOutput) ToGroupPoliciesArrayOutputWithContext ¶
func (o GroupPoliciesArrayOutput) ToGroupPoliciesArrayOutputWithContext(ctx context.Context) GroupPoliciesArrayOutput
type GroupPoliciesInput ¶
type GroupPoliciesInput interface { pulumi.Input ToGroupPoliciesOutput() GroupPoliciesOutput ToGroupPoliciesOutputWithContext(ctx context.Context) GroupPoliciesOutput }
type GroupPoliciesMap ¶
type GroupPoliciesMap map[string]GroupPoliciesInput
func (GroupPoliciesMap) ElementType ¶
func (GroupPoliciesMap) ElementType() reflect.Type
func (GroupPoliciesMap) ToGroupPoliciesMapOutput ¶
func (i GroupPoliciesMap) ToGroupPoliciesMapOutput() GroupPoliciesMapOutput
func (GroupPoliciesMap) ToGroupPoliciesMapOutputWithContext ¶
func (i GroupPoliciesMap) ToGroupPoliciesMapOutputWithContext(ctx context.Context) GroupPoliciesMapOutput
type GroupPoliciesMapInput ¶
type GroupPoliciesMapInput interface { pulumi.Input ToGroupPoliciesMapOutput() GroupPoliciesMapOutput ToGroupPoliciesMapOutputWithContext(context.Context) GroupPoliciesMapOutput }
GroupPoliciesMapInput is an input type that accepts GroupPoliciesMap and GroupPoliciesMapOutput values. You can construct a concrete instance of `GroupPoliciesMapInput` via:
GroupPoliciesMap{ "key": GroupPoliciesArgs{...} }
type GroupPoliciesMapOutput ¶
type GroupPoliciesMapOutput struct{ *pulumi.OutputState }
func (GroupPoliciesMapOutput) ElementType ¶
func (GroupPoliciesMapOutput) ElementType() reflect.Type
func (GroupPoliciesMapOutput) MapIndex ¶
func (o GroupPoliciesMapOutput) MapIndex(k pulumi.StringInput) GroupPoliciesOutput
func (GroupPoliciesMapOutput) ToGroupPoliciesMapOutput ¶
func (o GroupPoliciesMapOutput) ToGroupPoliciesMapOutput() GroupPoliciesMapOutput
func (GroupPoliciesMapOutput) ToGroupPoliciesMapOutputWithContext ¶
func (o GroupPoliciesMapOutput) ToGroupPoliciesMapOutputWithContext(ctx context.Context) GroupPoliciesMapOutput
type GroupPoliciesOutput ¶
type GroupPoliciesOutput struct{ *pulumi.OutputState }
func (GroupPoliciesOutput) ElementType ¶
func (GroupPoliciesOutput) ElementType() reflect.Type
func (GroupPoliciesOutput) Exclusive ¶
func (o GroupPoliciesOutput) Exclusive() pulumi.BoolPtrOutput
Defaults to `true`.
If `true`, this resource will take exclusive control of the policies assigned to the group and will set it equal to what is specified in the resource.
If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the group. When destroying the resource, the resource will ensure that the policies specified in the resource are removed.
func (GroupPoliciesOutput) GroupId ¶
func (o GroupPoliciesOutput) GroupId() pulumi.StringOutput
Group ID to assign policies to.
func (GroupPoliciesOutput) GroupName ¶
func (o GroupPoliciesOutput) GroupName() pulumi.StringOutput
The name of the group that are assigned the policies.
func (GroupPoliciesOutput) Namespace ¶
func (o GroupPoliciesOutput) Namespace() pulumi.StringPtrOutput
The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). *Available only for Vault Enterprise*.
func (GroupPoliciesOutput) Policies ¶
func (o GroupPoliciesOutput) Policies() pulumi.StringArrayOutput
List of policies to assign to the group
func (GroupPoliciesOutput) ToGroupPoliciesOutput ¶
func (o GroupPoliciesOutput) ToGroupPoliciesOutput() GroupPoliciesOutput
func (GroupPoliciesOutput) ToGroupPoliciesOutputWithContext ¶
func (o GroupPoliciesOutput) ToGroupPoliciesOutputWithContext(ctx context.Context) GroupPoliciesOutput
type GroupPoliciesState ¶
type GroupPoliciesState struct { // Defaults to `true`. // // If `true`, this resource will take exclusive control of the policies assigned to the group and will set it equal to what is specified in the resource. // // If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the group. When destroying the resource, the resource will ensure that the policies specified in the resource are removed. Exclusive pulumi.BoolPtrInput // Group ID to assign policies to. GroupId pulumi.StringPtrInput // The name of the group that are assigned the policies. GroupName pulumi.StringPtrInput // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrInput // List of policies to assign to the group Policies pulumi.StringArrayInput }
func (GroupPoliciesState) ElementType ¶
func (GroupPoliciesState) ElementType() reflect.Type
type GroupState ¶
type GroupState struct { // `false` by default. If set to `true`, this resource will ignore any Entity IDs // returned from Vault or specified in the resource. You can use // `identity.GroupMemberEntityIds` to manage Entity IDs for this group in a // decoupled manner. ExternalMemberEntityIds pulumi.BoolPtrInput // `false` by default. If set to `true`, this resource will ignore any Group IDs // returned from Vault or specified in the resource. You can use // `identity.GroupMemberGroupIds` to manage Group IDs for this group in a // decoupled manner. ExternalMemberGroupIds pulumi.BoolPtrInput // `false` by default. If set to `true`, this resource will ignore any policies returned from // Vault or specified in the resource. You can use `identity.GroupPolicies` to manage // policies for this group in a decoupled manner. ExternalPolicies pulumi.BoolPtrInput // A list of Entity IDs to be assigned as group members. Not allowed on `external` groups. MemberEntityIds pulumi.StringArrayInput // A list of Group IDs to be assigned as group members. Not allowed on `external` groups. MemberGroupIds pulumi.StringArrayInput // A Map of additional metadata to associate with the group. Metadata pulumi.StringMapInput // Name of the identity group to create. Name pulumi.StringPtrInput // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrInput // A list of policies to apply to the group. Policies pulumi.StringArrayInput // Type of the group, internal or external. Defaults to `internal`. Type pulumi.StringPtrInput }
func (GroupState) ElementType ¶
func (GroupState) ElementType() reflect.Type
type LookupEntityArgs ¶
type LookupEntityArgs struct { // ID of the alias. AliasId *string `pulumi:"aliasId"` // Accessor of the mount to which the alias belongs to. // This should be supplied in conjunction with `aliasName`. // // The lookup criteria can be `entityName`, `entityId`, `aliasId`, or a combination of // `aliasName` and `aliasMountAccessor`. AliasMountAccessor *string `pulumi:"aliasMountAccessor"` // Name of the alias. This should be supplied in conjunction with // `aliasMountAccessor`. AliasName *string `pulumi:"aliasName"` // ID of the entity. EntityId *string `pulumi:"entityId"` // Name of the entity. EntityName *string `pulumi:"entityName"` // The namespace of the target resource. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). // *Available only for Vault Enterprise*. Namespace *string `pulumi:"namespace"` }
A collection of arguments for invoking getEntity.
type LookupEntityOutputArgs ¶
type LookupEntityOutputArgs struct { // ID of the alias. AliasId pulumi.StringPtrInput `pulumi:"aliasId"` // Accessor of the mount to which the alias belongs to. // This should be supplied in conjunction with `aliasName`. // // The lookup criteria can be `entityName`, `entityId`, `aliasId`, or a combination of // `aliasName` and `aliasMountAccessor`. AliasMountAccessor pulumi.StringPtrInput `pulumi:"aliasMountAccessor"` // Name of the alias. This should be supplied in conjunction with // `aliasMountAccessor`. AliasName pulumi.StringPtrInput `pulumi:"aliasName"` // ID of the entity. EntityId pulumi.StringPtrInput `pulumi:"entityId"` // Name of the entity. EntityName pulumi.StringPtrInput `pulumi:"entityName"` // The namespace of the target resource. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrInput `pulumi:"namespace"` }
A collection of arguments for invoking getEntity.
func (LookupEntityOutputArgs) ElementType ¶
func (LookupEntityOutputArgs) ElementType() reflect.Type
type LookupEntityResult ¶
type LookupEntityResult struct { AliasId string `pulumi:"aliasId"` AliasMountAccessor string `pulumi:"aliasMountAccessor"` AliasName string `pulumi:"aliasName"` // A list of entity alias. Structure is documented below. Aliases []GetEntityAliasType `pulumi:"aliases"` // Creation time of the Alias CreationTime string `pulumi:"creationTime"` // A string containing the full data payload retrieved from // Vault, serialized in JSON format. DataJson string `pulumi:"dataJson"` // List of Group IDs of which the entity is directly a member of DirectGroupIds []string `pulumi:"directGroupIds"` // Whether the entity is disabled Disabled bool `pulumi:"disabled"` EntityId string `pulumi:"entityId"` EntityName string `pulumi:"entityName"` // List of all Group IDs of which the entity is a member of GroupIds []string `pulumi:"groupIds"` // The provider-assigned unique ID for this managed resource. Id string `pulumi:"id"` // List of all Group IDs of which the entity is a member of transitively InheritedGroupIds []string `pulumi:"inheritedGroupIds"` // Last update time of the alias LastUpdateTime string `pulumi:"lastUpdateTime"` // Other entity IDs which is merged with this entity MergedEntityIds []string `pulumi:"mergedEntityIds"` // Arbitrary metadata Metadata map[string]interface{} `pulumi:"metadata"` Namespace *string `pulumi:"namespace"` // Namespace of which the entity is part of NamespaceId string `pulumi:"namespaceId"` // List of policies attached to the entity Policies []string `pulumi:"policies"` }
A collection of values returned by getEntity.
func LookupEntity ¶
func LookupEntity(ctx *pulumi.Context, args *LookupEntityArgs, opts ...pulumi.InvokeOption) (*LookupEntityResult, error)
## Example Usage
<!--Start PulumiCodeChooser --> ```go package main
import (
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := identity.LookupEntity(ctx, &identity.LookupEntityArgs{ EntityName: pulumi.StringRef("entity_12345"), }, nil) if err != nil { return err } return nil }) }
``` <!--End PulumiCodeChooser -->
## Required Vault Capabilities
Use of this resource requires the `create` capability on `/identity/lookup/entity`.
type LookupEntityResultOutput ¶
type LookupEntityResultOutput struct{ *pulumi.OutputState }
A collection of values returned by getEntity.
func LookupEntityOutput ¶
func LookupEntityOutput(ctx *pulumi.Context, args LookupEntityOutputArgs, opts ...pulumi.InvokeOption) LookupEntityResultOutput
func (LookupEntityResultOutput) AliasId ¶
func (o LookupEntityResultOutput) AliasId() pulumi.StringOutput
func (LookupEntityResultOutput) AliasMountAccessor ¶
func (o LookupEntityResultOutput) AliasMountAccessor() pulumi.StringOutput
func (LookupEntityResultOutput) AliasName ¶
func (o LookupEntityResultOutput) AliasName() pulumi.StringOutput
func (LookupEntityResultOutput) Aliases ¶
func (o LookupEntityResultOutput) Aliases() GetEntityAliasTypeArrayOutput
A list of entity alias. Structure is documented below.
func (LookupEntityResultOutput) CreationTime ¶
func (o LookupEntityResultOutput) CreationTime() pulumi.StringOutput
Creation time of the Alias
func (LookupEntityResultOutput) DataJson ¶
func (o LookupEntityResultOutput) DataJson() pulumi.StringOutput
A string containing the full data payload retrieved from Vault, serialized in JSON format.
func (LookupEntityResultOutput) DirectGroupIds ¶
func (o LookupEntityResultOutput) DirectGroupIds() pulumi.StringArrayOutput
List of Group IDs of which the entity is directly a member of
func (LookupEntityResultOutput) Disabled ¶
func (o LookupEntityResultOutput) Disabled() pulumi.BoolOutput
Whether the entity is disabled
func (LookupEntityResultOutput) ElementType ¶
func (LookupEntityResultOutput) ElementType() reflect.Type
func (LookupEntityResultOutput) EntityId ¶
func (o LookupEntityResultOutput) EntityId() pulumi.StringOutput
func (LookupEntityResultOutput) EntityName ¶
func (o LookupEntityResultOutput) EntityName() pulumi.StringOutput
func (LookupEntityResultOutput) GroupIds ¶
func (o LookupEntityResultOutput) GroupIds() pulumi.StringArrayOutput
List of all Group IDs of which the entity is a member of
func (LookupEntityResultOutput) Id ¶
func (o LookupEntityResultOutput) Id() pulumi.StringOutput
The provider-assigned unique ID for this managed resource.
func (LookupEntityResultOutput) InheritedGroupIds ¶
func (o LookupEntityResultOutput) InheritedGroupIds() pulumi.StringArrayOutput
List of all Group IDs of which the entity is a member of transitively
func (LookupEntityResultOutput) LastUpdateTime ¶
func (o LookupEntityResultOutput) LastUpdateTime() pulumi.StringOutput
Last update time of the alias
func (LookupEntityResultOutput) MergedEntityIds ¶
func (o LookupEntityResultOutput) MergedEntityIds() pulumi.StringArrayOutput
Other entity IDs which is merged with this entity
func (LookupEntityResultOutput) Metadata ¶
func (o LookupEntityResultOutput) Metadata() pulumi.MapOutput
Arbitrary metadata
func (LookupEntityResultOutput) Namespace ¶
func (o LookupEntityResultOutput) Namespace() pulumi.StringPtrOutput
func (LookupEntityResultOutput) NamespaceId ¶
func (o LookupEntityResultOutput) NamespaceId() pulumi.StringOutput
Namespace of which the entity is part of
func (LookupEntityResultOutput) Policies ¶
func (o LookupEntityResultOutput) Policies() pulumi.StringArrayOutput
List of policies attached to the entity
func (LookupEntityResultOutput) ToLookupEntityResultOutput ¶
func (o LookupEntityResultOutput) ToLookupEntityResultOutput() LookupEntityResultOutput
func (LookupEntityResultOutput) ToLookupEntityResultOutputWithContext ¶
func (o LookupEntityResultOutput) ToLookupEntityResultOutputWithContext(ctx context.Context) LookupEntityResultOutput
type LookupGroupArgs ¶
type LookupGroupArgs struct { // ID of the alias. AliasId *string `pulumi:"aliasId"` // Accessor of the mount to which the alias belongs to. // This should be supplied in conjunction with `aliasName`. // // The lookup criteria can be `groupName`, `groupId`, `aliasId`, or a combination of // `aliasName` and `aliasMountAccessor`. AliasMountAccessor *string `pulumi:"aliasMountAccessor"` // Name of the alias. This should be supplied in conjunction with // `aliasMountAccessor`. AliasName *string `pulumi:"aliasName"` // ID of the group. GroupId *string `pulumi:"groupId"` // Name of the group. GroupName *string `pulumi:"groupName"` // The namespace of the target resource. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). // *Available only for Vault Enterprise*. Namespace *string `pulumi:"namespace"` }
A collection of arguments for invoking getGroup.
type LookupGroupOutputArgs ¶
type LookupGroupOutputArgs struct { // ID of the alias. AliasId pulumi.StringPtrInput `pulumi:"aliasId"` // Accessor of the mount to which the alias belongs to. // This should be supplied in conjunction with `aliasName`. // // The lookup criteria can be `groupName`, `groupId`, `aliasId`, or a combination of // `aliasName` and `aliasMountAccessor`. AliasMountAccessor pulumi.StringPtrInput `pulumi:"aliasMountAccessor"` // Name of the alias. This should be supplied in conjunction with // `aliasMountAccessor`. AliasName pulumi.StringPtrInput `pulumi:"aliasName"` // ID of the group. GroupId pulumi.StringPtrInput `pulumi:"groupId"` // Name of the group. GroupName pulumi.StringPtrInput `pulumi:"groupName"` // The namespace of the target resource. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrInput `pulumi:"namespace"` }
A collection of arguments for invoking getGroup.
func (LookupGroupOutputArgs) ElementType ¶
func (LookupGroupOutputArgs) ElementType() reflect.Type
type LookupGroupResult ¶
type LookupGroupResult struct { // Canonical ID of the Alias AliasCanonicalId string `pulumi:"aliasCanonicalId"` // Creation time of the Alias AliasCreationTime string `pulumi:"aliasCreationTime"` AliasId string `pulumi:"aliasId"` // Last update time of the alias AliasLastUpdateTime string `pulumi:"aliasLastUpdateTime"` // List of canonical IDs merged with this alias AliasMergedFromCanonicalIds []string `pulumi:"aliasMergedFromCanonicalIds"` // Arbitrary metadata AliasMetadata map[string]interface{} `pulumi:"aliasMetadata"` AliasMountAccessor string `pulumi:"aliasMountAccessor"` // Authentication mount path which this alias belongs to AliasMountPath string `pulumi:"aliasMountPath"` // Authentication mount type which this alias belongs to AliasMountType string `pulumi:"aliasMountType"` AliasName string `pulumi:"aliasName"` // Creation timestamp of the group CreationTime string `pulumi:"creationTime"` // A string containing the full data payload retrieved from // Vault, serialized in JSON format. DataJson string `pulumi:"dataJson"` GroupId string `pulumi:"groupId"` GroupName string `pulumi:"groupName"` // The provider-assigned unique ID for this managed resource. Id string `pulumi:"id"` // Last updated time of the group LastUpdateTime string `pulumi:"lastUpdateTime"` // List of Entity IDs which are members of this group MemberEntityIds []string `pulumi:"memberEntityIds"` // List of Group IDs which are members of this group MemberGroupIds []string `pulumi:"memberGroupIds"` // Arbitrary metadata Metadata map[string]interface{} `pulumi:"metadata"` // Modify index of the group ModifyIndex int `pulumi:"modifyIndex"` Namespace *string `pulumi:"namespace"` // Namespace of which the group is part of NamespaceId string `pulumi:"namespaceId"` // List of Group IDs which are parents of this group. ParentGroupIds []string `pulumi:"parentGroupIds"` // List of policies attached to the group Policies []string `pulumi:"policies"` // Type of group Type string `pulumi:"type"` }
A collection of values returned by getGroup.
func LookupGroup ¶
func LookupGroup(ctx *pulumi.Context, args *LookupGroupArgs, opts ...pulumi.InvokeOption) (*LookupGroupResult, error)
## Example Usage
<!--Start PulumiCodeChooser --> ```go package main
import (
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := identity.LookupGroup(ctx, &identity.LookupGroupArgs{ GroupName: pulumi.StringRef("user"), }, nil) if err != nil { return err } return nil }) }
``` <!--End PulumiCodeChooser -->
## Required Vault Capabilities
Use of this resource requires the `create` capability on `/identity/lookup/group`.
type LookupGroupResultOutput ¶
type LookupGroupResultOutput struct{ *pulumi.OutputState }
A collection of values returned by getGroup.
func LookupGroupOutput ¶
func LookupGroupOutput(ctx *pulumi.Context, args LookupGroupOutputArgs, opts ...pulumi.InvokeOption) LookupGroupResultOutput
func (LookupGroupResultOutput) AliasCanonicalId ¶
func (o LookupGroupResultOutput) AliasCanonicalId() pulumi.StringOutput
Canonical ID of the Alias
func (LookupGroupResultOutput) AliasCreationTime ¶
func (o LookupGroupResultOutput) AliasCreationTime() pulumi.StringOutput
Creation time of the Alias
func (LookupGroupResultOutput) AliasId ¶
func (o LookupGroupResultOutput) AliasId() pulumi.StringOutput
func (LookupGroupResultOutput) AliasLastUpdateTime ¶
func (o LookupGroupResultOutput) AliasLastUpdateTime() pulumi.StringOutput
Last update time of the alias
func (LookupGroupResultOutput) AliasMergedFromCanonicalIds ¶
func (o LookupGroupResultOutput) AliasMergedFromCanonicalIds() pulumi.StringArrayOutput
List of canonical IDs merged with this alias
func (LookupGroupResultOutput) AliasMetadata ¶
func (o LookupGroupResultOutput) AliasMetadata() pulumi.MapOutput
Arbitrary metadata
func (LookupGroupResultOutput) AliasMountAccessor ¶
func (o LookupGroupResultOutput) AliasMountAccessor() pulumi.StringOutput
func (LookupGroupResultOutput) AliasMountPath ¶
func (o LookupGroupResultOutput) AliasMountPath() pulumi.StringOutput
Authentication mount path which this alias belongs to
func (LookupGroupResultOutput) AliasMountType ¶
func (o LookupGroupResultOutput) AliasMountType() pulumi.StringOutput
Authentication mount type which this alias belongs to
func (LookupGroupResultOutput) AliasName ¶
func (o LookupGroupResultOutput) AliasName() pulumi.StringOutput
func (LookupGroupResultOutput) CreationTime ¶
func (o LookupGroupResultOutput) CreationTime() pulumi.StringOutput
Creation timestamp of the group
func (LookupGroupResultOutput) DataJson ¶
func (o LookupGroupResultOutput) DataJson() pulumi.StringOutput
A string containing the full data payload retrieved from Vault, serialized in JSON format.
func (LookupGroupResultOutput) ElementType ¶
func (LookupGroupResultOutput) ElementType() reflect.Type
func (LookupGroupResultOutput) GroupId ¶
func (o LookupGroupResultOutput) GroupId() pulumi.StringOutput
func (LookupGroupResultOutput) GroupName ¶
func (o LookupGroupResultOutput) GroupName() pulumi.StringOutput
func (LookupGroupResultOutput) Id ¶
func (o LookupGroupResultOutput) Id() pulumi.StringOutput
The provider-assigned unique ID for this managed resource.
func (LookupGroupResultOutput) LastUpdateTime ¶
func (o LookupGroupResultOutput) LastUpdateTime() pulumi.StringOutput
Last updated time of the group
func (LookupGroupResultOutput) MemberEntityIds ¶
func (o LookupGroupResultOutput) MemberEntityIds() pulumi.StringArrayOutput
List of Entity IDs which are members of this group
func (LookupGroupResultOutput) MemberGroupIds ¶
func (o LookupGroupResultOutput) MemberGroupIds() pulumi.StringArrayOutput
List of Group IDs which are members of this group
func (LookupGroupResultOutput) Metadata ¶
func (o LookupGroupResultOutput) Metadata() pulumi.MapOutput
Arbitrary metadata
func (LookupGroupResultOutput) ModifyIndex ¶
func (o LookupGroupResultOutput) ModifyIndex() pulumi.IntOutput
Modify index of the group
func (LookupGroupResultOutput) Namespace ¶
func (o LookupGroupResultOutput) Namespace() pulumi.StringPtrOutput
func (LookupGroupResultOutput) NamespaceId ¶
func (o LookupGroupResultOutput) NamespaceId() pulumi.StringOutput
Namespace of which the group is part of
func (LookupGroupResultOutput) ParentGroupIds ¶
func (o LookupGroupResultOutput) ParentGroupIds() pulumi.StringArrayOutput
List of Group IDs which are parents of this group.
func (LookupGroupResultOutput) Policies ¶
func (o LookupGroupResultOutput) Policies() pulumi.StringArrayOutput
List of policies attached to the group
func (LookupGroupResultOutput) ToLookupGroupResultOutput ¶
func (o LookupGroupResultOutput) ToLookupGroupResultOutput() LookupGroupResultOutput
func (LookupGroupResultOutput) ToLookupGroupResultOutputWithContext ¶
func (o LookupGroupResultOutput) ToLookupGroupResultOutputWithContext(ctx context.Context) LookupGroupResultOutput
func (LookupGroupResultOutput) Type ¶
func (o LookupGroupResultOutput) Type() pulumi.StringOutput
Type of group
type MfaDuo ¶
type MfaDuo struct { pulumi.CustomResourceState // API hostname for Duo ApiHostname pulumi.StringOutput `pulumi:"apiHostname"` // Integration key for Duo IntegrationKey pulumi.StringOutput `pulumi:"integrationKey"` // Method ID. MethodId pulumi.StringOutput `pulumi:"methodId"` // Mount accessor. MountAccessor pulumi.StringOutput `pulumi:"mountAccessor"` // Method name. Name pulumi.StringOutput `pulumi:"name"` // Target namespace. (requires Enterprise) Namespace pulumi.StringPtrOutput `pulumi:"namespace"` // Method's namespace ID. NamespaceId pulumi.StringOutput `pulumi:"namespaceId"` // Method's namespace path. NamespacePath pulumi.StringOutput `pulumi:"namespacePath"` // Push information for Duo. PushInfo pulumi.StringPtrOutput `pulumi:"pushInfo"` // Secret key for Duo SecretKey pulumi.StringOutput `pulumi:"secretKey"` // MFA type. Type pulumi.StringOutput `pulumi:"type"` // Require passcode upon MFA validation. UsePasscode pulumi.BoolPtrOutput `pulumi:"usePasscode"` // A template string for mapping Identity names to MFA methods. UsernameFormat pulumi.StringPtrOutput `pulumi:"usernameFormat"` // Resource UUID. Uuid pulumi.StringOutput `pulumi:"uuid"` }
Resource for configuring the duo MFA method.
## Example Usage
<!--Start PulumiCodeChooser --> ```go package main
import (
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := identity.NewMfaDuo(ctx, "example", &identity.MfaDuoArgs{ ApiHostname: pulumi.String("api-xxxxxxxx.duosecurity.com"), IntegrationKey: pulumi.String("secret-int-key"), SecretKey: pulumi.String("secret-key"), }) if err != nil { return err } return nil }) }
``` <!--End PulumiCodeChooser -->
## Import
Resource can be imported using its `uuid` field, e.g.
```sh $ pulumi import vault:identity/mfaDuo:MfaDuo example 0d89c36a-4ff5-4d70-8749-bb6a5598aeec ```
func GetMfaDuo ¶
func GetMfaDuo(ctx *pulumi.Context, name string, id pulumi.IDInput, state *MfaDuoState, opts ...pulumi.ResourceOption) (*MfaDuo, error)
GetMfaDuo gets an existing MfaDuo resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewMfaDuo ¶
func NewMfaDuo(ctx *pulumi.Context, name string, args *MfaDuoArgs, opts ...pulumi.ResourceOption) (*MfaDuo, error)
NewMfaDuo registers a new resource with the given unique name, arguments, and options.
func (*MfaDuo) ElementType ¶
func (*MfaDuo) ToMfaDuoOutput ¶
func (i *MfaDuo) ToMfaDuoOutput() MfaDuoOutput
func (*MfaDuo) ToMfaDuoOutputWithContext ¶
func (i *MfaDuo) ToMfaDuoOutputWithContext(ctx context.Context) MfaDuoOutput
type MfaDuoArgs ¶
type MfaDuoArgs struct { // API hostname for Duo ApiHostname pulumi.StringInput // Integration key for Duo IntegrationKey pulumi.StringInput // Target namespace. (requires Enterprise) Namespace pulumi.StringPtrInput // Push information for Duo. PushInfo pulumi.StringPtrInput // Secret key for Duo SecretKey pulumi.StringInput // Require passcode upon MFA validation. UsePasscode pulumi.BoolPtrInput // A template string for mapping Identity names to MFA methods. UsernameFormat pulumi.StringPtrInput }
The set of arguments for constructing a MfaDuo resource.
func (MfaDuoArgs) ElementType ¶
func (MfaDuoArgs) ElementType() reflect.Type
type MfaDuoArray ¶
type MfaDuoArray []MfaDuoInput
func (MfaDuoArray) ElementType ¶
func (MfaDuoArray) ElementType() reflect.Type
func (MfaDuoArray) ToMfaDuoArrayOutput ¶
func (i MfaDuoArray) ToMfaDuoArrayOutput() MfaDuoArrayOutput
func (MfaDuoArray) ToMfaDuoArrayOutputWithContext ¶
func (i MfaDuoArray) ToMfaDuoArrayOutputWithContext(ctx context.Context) MfaDuoArrayOutput
type MfaDuoArrayInput ¶
type MfaDuoArrayInput interface { pulumi.Input ToMfaDuoArrayOutput() MfaDuoArrayOutput ToMfaDuoArrayOutputWithContext(context.Context) MfaDuoArrayOutput }
MfaDuoArrayInput is an input type that accepts MfaDuoArray and MfaDuoArrayOutput values. You can construct a concrete instance of `MfaDuoArrayInput` via:
MfaDuoArray{ MfaDuoArgs{...} }
type MfaDuoArrayOutput ¶
type MfaDuoArrayOutput struct{ *pulumi.OutputState }
func (MfaDuoArrayOutput) ElementType ¶
func (MfaDuoArrayOutput) ElementType() reflect.Type
func (MfaDuoArrayOutput) Index ¶
func (o MfaDuoArrayOutput) Index(i pulumi.IntInput) MfaDuoOutput
func (MfaDuoArrayOutput) ToMfaDuoArrayOutput ¶
func (o MfaDuoArrayOutput) ToMfaDuoArrayOutput() MfaDuoArrayOutput
func (MfaDuoArrayOutput) ToMfaDuoArrayOutputWithContext ¶
func (o MfaDuoArrayOutput) ToMfaDuoArrayOutputWithContext(ctx context.Context) MfaDuoArrayOutput
type MfaDuoInput ¶
type MfaDuoInput interface { pulumi.Input ToMfaDuoOutput() MfaDuoOutput ToMfaDuoOutputWithContext(ctx context.Context) MfaDuoOutput }
type MfaDuoMap ¶
type MfaDuoMap map[string]MfaDuoInput
func (MfaDuoMap) ElementType ¶
func (MfaDuoMap) ToMfaDuoMapOutput ¶
func (i MfaDuoMap) ToMfaDuoMapOutput() MfaDuoMapOutput
func (MfaDuoMap) ToMfaDuoMapOutputWithContext ¶
func (i MfaDuoMap) ToMfaDuoMapOutputWithContext(ctx context.Context) MfaDuoMapOutput
type MfaDuoMapInput ¶
type MfaDuoMapInput interface { pulumi.Input ToMfaDuoMapOutput() MfaDuoMapOutput ToMfaDuoMapOutputWithContext(context.Context) MfaDuoMapOutput }
MfaDuoMapInput is an input type that accepts MfaDuoMap and MfaDuoMapOutput values. You can construct a concrete instance of `MfaDuoMapInput` via:
MfaDuoMap{ "key": MfaDuoArgs{...} }
type MfaDuoMapOutput ¶
type MfaDuoMapOutput struct{ *pulumi.OutputState }
func (MfaDuoMapOutput) ElementType ¶
func (MfaDuoMapOutput) ElementType() reflect.Type
func (MfaDuoMapOutput) MapIndex ¶
func (o MfaDuoMapOutput) MapIndex(k pulumi.StringInput) MfaDuoOutput
func (MfaDuoMapOutput) ToMfaDuoMapOutput ¶
func (o MfaDuoMapOutput) ToMfaDuoMapOutput() MfaDuoMapOutput
func (MfaDuoMapOutput) ToMfaDuoMapOutputWithContext ¶
func (o MfaDuoMapOutput) ToMfaDuoMapOutputWithContext(ctx context.Context) MfaDuoMapOutput
type MfaDuoOutput ¶
type MfaDuoOutput struct{ *pulumi.OutputState }
func (MfaDuoOutput) ApiHostname ¶
func (o MfaDuoOutput) ApiHostname() pulumi.StringOutput
API hostname for Duo
func (MfaDuoOutput) ElementType ¶
func (MfaDuoOutput) ElementType() reflect.Type
func (MfaDuoOutput) IntegrationKey ¶
func (o MfaDuoOutput) IntegrationKey() pulumi.StringOutput
Integration key for Duo
func (MfaDuoOutput) MountAccessor ¶
func (o MfaDuoOutput) MountAccessor() pulumi.StringOutput
Mount accessor.
func (MfaDuoOutput) Namespace ¶
func (o MfaDuoOutput) Namespace() pulumi.StringPtrOutput
Target namespace. (requires Enterprise)
func (MfaDuoOutput) NamespaceId ¶
func (o MfaDuoOutput) NamespaceId() pulumi.StringOutput
Method's namespace ID.
func (MfaDuoOutput) NamespacePath ¶
func (o MfaDuoOutput) NamespacePath() pulumi.StringOutput
Method's namespace path.
func (MfaDuoOutput) PushInfo ¶
func (o MfaDuoOutput) PushInfo() pulumi.StringPtrOutput
Push information for Duo.
func (MfaDuoOutput) SecretKey ¶
func (o MfaDuoOutput) SecretKey() pulumi.StringOutput
Secret key for Duo
func (MfaDuoOutput) ToMfaDuoOutput ¶
func (o MfaDuoOutput) ToMfaDuoOutput() MfaDuoOutput
func (MfaDuoOutput) ToMfaDuoOutputWithContext ¶
func (o MfaDuoOutput) ToMfaDuoOutputWithContext(ctx context.Context) MfaDuoOutput
func (MfaDuoOutput) UsePasscode ¶
func (o MfaDuoOutput) UsePasscode() pulumi.BoolPtrOutput
Require passcode upon MFA validation.
func (MfaDuoOutput) UsernameFormat ¶
func (o MfaDuoOutput) UsernameFormat() pulumi.StringPtrOutput
A template string for mapping Identity names to MFA methods.
type MfaDuoState ¶
type MfaDuoState struct { // API hostname for Duo ApiHostname pulumi.StringPtrInput // Integration key for Duo IntegrationKey pulumi.StringPtrInput // Method ID. MethodId pulumi.StringPtrInput // Mount accessor. MountAccessor pulumi.StringPtrInput // Method name. Name pulumi.StringPtrInput // Target namespace. (requires Enterprise) Namespace pulumi.StringPtrInput // Method's namespace ID. NamespaceId pulumi.StringPtrInput // Method's namespace path. NamespacePath pulumi.StringPtrInput // Push information for Duo. PushInfo pulumi.StringPtrInput // Secret key for Duo SecretKey pulumi.StringPtrInput // MFA type. Type pulumi.StringPtrInput // Require passcode upon MFA validation. UsePasscode pulumi.BoolPtrInput // A template string for mapping Identity names to MFA methods. UsernameFormat pulumi.StringPtrInput // Resource UUID. Uuid pulumi.StringPtrInput }
func (MfaDuoState) ElementType ¶
func (MfaDuoState) ElementType() reflect.Type
type MfaLoginEnforcement ¶
type MfaLoginEnforcement struct { pulumi.CustomResourceState // Set of auth method accessor IDs. AuthMethodAccessors pulumi.StringArrayOutput `pulumi:"authMethodAccessors"` // Set of auth method types. AuthMethodTypes pulumi.StringArrayOutput `pulumi:"authMethodTypes"` // Set of identity entity IDs. IdentityEntityIds pulumi.StringArrayOutput `pulumi:"identityEntityIds"` // Set of identity group IDs. IdentityGroupIds pulumi.StringArrayOutput `pulumi:"identityGroupIds"` // Set of MFA method UUIDs. MfaMethodIds pulumi.StringArrayOutput `pulumi:"mfaMethodIds"` // Login enforcement name. Name pulumi.StringOutput `pulumi:"name"` // Target namespace. (requires Enterprise) Namespace pulumi.StringPtrOutput `pulumi:"namespace"` // Method's namespace ID. NamespaceId pulumi.StringOutput `pulumi:"namespaceId"` // Method's namespace path. NamespacePath pulumi.StringOutput `pulumi:"namespacePath"` // Resource UUID. Uuid pulumi.StringOutput `pulumi:"uuid"` }
Resource for configuring MFA login-enforcement
## Example Usage
<!--Start PulumiCodeChooser --> ```go package main
import (
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { exampleMfaDuo, err := identity.NewMfaDuo(ctx, "exampleMfaDuo", &identity.MfaDuoArgs{ SecretKey: pulumi.String("secret-key"), IntegrationKey: pulumi.String("int-key"), ApiHostname: pulumi.String("foo.baz"), PushInfo: pulumi.String("push-info"), }) if err != nil { return err } _, err = identity.NewMfaLoginEnforcement(ctx, "exampleMfaLoginEnforcement", &identity.MfaLoginEnforcementArgs{ MfaMethodIds: pulumi.StringArray{ exampleMfaDuo.MethodId, }, }) if err != nil { return err } return nil }) }
``` <!--End PulumiCodeChooser -->
## Import
Resource can be imported using its `name` field, e.g.
```sh $ pulumi import vault:identity/mfaLoginEnforcement:MfaLoginEnforcement example default ```
func GetMfaLoginEnforcement ¶
func GetMfaLoginEnforcement(ctx *pulumi.Context, name string, id pulumi.IDInput, state *MfaLoginEnforcementState, opts ...pulumi.ResourceOption) (*MfaLoginEnforcement, error)
GetMfaLoginEnforcement gets an existing MfaLoginEnforcement resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewMfaLoginEnforcement ¶
func NewMfaLoginEnforcement(ctx *pulumi.Context, name string, args *MfaLoginEnforcementArgs, opts ...pulumi.ResourceOption) (*MfaLoginEnforcement, error)
NewMfaLoginEnforcement registers a new resource with the given unique name, arguments, and options.
func (*MfaLoginEnforcement) ElementType ¶
func (*MfaLoginEnforcement) ElementType() reflect.Type
func (*MfaLoginEnforcement) ToMfaLoginEnforcementOutput ¶
func (i *MfaLoginEnforcement) ToMfaLoginEnforcementOutput() MfaLoginEnforcementOutput
func (*MfaLoginEnforcement) ToMfaLoginEnforcementOutputWithContext ¶
func (i *MfaLoginEnforcement) ToMfaLoginEnforcementOutputWithContext(ctx context.Context) MfaLoginEnforcementOutput
type MfaLoginEnforcementArgs ¶
type MfaLoginEnforcementArgs struct { // Set of auth method accessor IDs. AuthMethodAccessors pulumi.StringArrayInput // Set of auth method types. AuthMethodTypes pulumi.StringArrayInput // Set of identity entity IDs. IdentityEntityIds pulumi.StringArrayInput // Set of identity group IDs. IdentityGroupIds pulumi.StringArrayInput // Set of MFA method UUIDs. MfaMethodIds pulumi.StringArrayInput // Login enforcement name. Name pulumi.StringPtrInput // Target namespace. (requires Enterprise) Namespace pulumi.StringPtrInput }
The set of arguments for constructing a MfaLoginEnforcement resource.
func (MfaLoginEnforcementArgs) ElementType ¶
func (MfaLoginEnforcementArgs) ElementType() reflect.Type
type MfaLoginEnforcementArray ¶
type MfaLoginEnforcementArray []MfaLoginEnforcementInput
func (MfaLoginEnforcementArray) ElementType ¶
func (MfaLoginEnforcementArray) ElementType() reflect.Type
func (MfaLoginEnforcementArray) ToMfaLoginEnforcementArrayOutput ¶
func (i MfaLoginEnforcementArray) ToMfaLoginEnforcementArrayOutput() MfaLoginEnforcementArrayOutput
func (MfaLoginEnforcementArray) ToMfaLoginEnforcementArrayOutputWithContext ¶
func (i MfaLoginEnforcementArray) ToMfaLoginEnforcementArrayOutputWithContext(ctx context.Context) MfaLoginEnforcementArrayOutput
type MfaLoginEnforcementArrayInput ¶
type MfaLoginEnforcementArrayInput interface { pulumi.Input ToMfaLoginEnforcementArrayOutput() MfaLoginEnforcementArrayOutput ToMfaLoginEnforcementArrayOutputWithContext(context.Context) MfaLoginEnforcementArrayOutput }
MfaLoginEnforcementArrayInput is an input type that accepts MfaLoginEnforcementArray and MfaLoginEnforcementArrayOutput values. You can construct a concrete instance of `MfaLoginEnforcementArrayInput` via:
MfaLoginEnforcementArray{ MfaLoginEnforcementArgs{...} }
type MfaLoginEnforcementArrayOutput ¶
type MfaLoginEnforcementArrayOutput struct{ *pulumi.OutputState }
func (MfaLoginEnforcementArrayOutput) ElementType ¶
func (MfaLoginEnforcementArrayOutput) ElementType() reflect.Type
func (MfaLoginEnforcementArrayOutput) Index ¶
func (o MfaLoginEnforcementArrayOutput) Index(i pulumi.IntInput) MfaLoginEnforcementOutput
func (MfaLoginEnforcementArrayOutput) ToMfaLoginEnforcementArrayOutput ¶
func (o MfaLoginEnforcementArrayOutput) ToMfaLoginEnforcementArrayOutput() MfaLoginEnforcementArrayOutput
func (MfaLoginEnforcementArrayOutput) ToMfaLoginEnforcementArrayOutputWithContext ¶
func (o MfaLoginEnforcementArrayOutput) ToMfaLoginEnforcementArrayOutputWithContext(ctx context.Context) MfaLoginEnforcementArrayOutput
type MfaLoginEnforcementInput ¶
type MfaLoginEnforcementInput interface { pulumi.Input ToMfaLoginEnforcementOutput() MfaLoginEnforcementOutput ToMfaLoginEnforcementOutputWithContext(ctx context.Context) MfaLoginEnforcementOutput }
type MfaLoginEnforcementMap ¶
type MfaLoginEnforcementMap map[string]MfaLoginEnforcementInput
func (MfaLoginEnforcementMap) ElementType ¶
func (MfaLoginEnforcementMap) ElementType() reflect.Type
func (MfaLoginEnforcementMap) ToMfaLoginEnforcementMapOutput ¶
func (i MfaLoginEnforcementMap) ToMfaLoginEnforcementMapOutput() MfaLoginEnforcementMapOutput
func (MfaLoginEnforcementMap) ToMfaLoginEnforcementMapOutputWithContext ¶
func (i MfaLoginEnforcementMap) ToMfaLoginEnforcementMapOutputWithContext(ctx context.Context) MfaLoginEnforcementMapOutput
type MfaLoginEnforcementMapInput ¶
type MfaLoginEnforcementMapInput interface { pulumi.Input ToMfaLoginEnforcementMapOutput() MfaLoginEnforcementMapOutput ToMfaLoginEnforcementMapOutputWithContext(context.Context) MfaLoginEnforcementMapOutput }
MfaLoginEnforcementMapInput is an input type that accepts MfaLoginEnforcementMap and MfaLoginEnforcementMapOutput values. You can construct a concrete instance of `MfaLoginEnforcementMapInput` via:
MfaLoginEnforcementMap{ "key": MfaLoginEnforcementArgs{...} }
type MfaLoginEnforcementMapOutput ¶
type MfaLoginEnforcementMapOutput struct{ *pulumi.OutputState }
func (MfaLoginEnforcementMapOutput) ElementType ¶
func (MfaLoginEnforcementMapOutput) ElementType() reflect.Type
func (MfaLoginEnforcementMapOutput) MapIndex ¶
func (o MfaLoginEnforcementMapOutput) MapIndex(k pulumi.StringInput) MfaLoginEnforcementOutput
func (MfaLoginEnforcementMapOutput) ToMfaLoginEnforcementMapOutput ¶
func (o MfaLoginEnforcementMapOutput) ToMfaLoginEnforcementMapOutput() MfaLoginEnforcementMapOutput
func (MfaLoginEnforcementMapOutput) ToMfaLoginEnforcementMapOutputWithContext ¶
func (o MfaLoginEnforcementMapOutput) ToMfaLoginEnforcementMapOutputWithContext(ctx context.Context) MfaLoginEnforcementMapOutput
type MfaLoginEnforcementOutput ¶
type MfaLoginEnforcementOutput struct{ *pulumi.OutputState }
func (MfaLoginEnforcementOutput) AuthMethodAccessors ¶
func (o MfaLoginEnforcementOutput) AuthMethodAccessors() pulumi.StringArrayOutput
Set of auth method accessor IDs.
func (MfaLoginEnforcementOutput) AuthMethodTypes ¶
func (o MfaLoginEnforcementOutput) AuthMethodTypes() pulumi.StringArrayOutput
Set of auth method types.
func (MfaLoginEnforcementOutput) ElementType ¶
func (MfaLoginEnforcementOutput) ElementType() reflect.Type
func (MfaLoginEnforcementOutput) IdentityEntityIds ¶
func (o MfaLoginEnforcementOutput) IdentityEntityIds() pulumi.StringArrayOutput
Set of identity entity IDs.
func (MfaLoginEnforcementOutput) IdentityGroupIds ¶
func (o MfaLoginEnforcementOutput) IdentityGroupIds() pulumi.StringArrayOutput
Set of identity group IDs.
func (MfaLoginEnforcementOutput) MfaMethodIds ¶
func (o MfaLoginEnforcementOutput) MfaMethodIds() pulumi.StringArrayOutput
Set of MFA method UUIDs.
func (MfaLoginEnforcementOutput) Name ¶
func (o MfaLoginEnforcementOutput) Name() pulumi.StringOutput
Login enforcement name.
func (MfaLoginEnforcementOutput) Namespace ¶
func (o MfaLoginEnforcementOutput) Namespace() pulumi.StringPtrOutput
Target namespace. (requires Enterprise)
func (MfaLoginEnforcementOutput) NamespaceId ¶
func (o MfaLoginEnforcementOutput) NamespaceId() pulumi.StringOutput
Method's namespace ID.
func (MfaLoginEnforcementOutput) NamespacePath ¶
func (o MfaLoginEnforcementOutput) NamespacePath() pulumi.StringOutput
Method's namespace path.
func (MfaLoginEnforcementOutput) ToMfaLoginEnforcementOutput ¶
func (o MfaLoginEnforcementOutput) ToMfaLoginEnforcementOutput() MfaLoginEnforcementOutput
func (MfaLoginEnforcementOutput) ToMfaLoginEnforcementOutputWithContext ¶
func (o MfaLoginEnforcementOutput) ToMfaLoginEnforcementOutputWithContext(ctx context.Context) MfaLoginEnforcementOutput
func (MfaLoginEnforcementOutput) Uuid ¶
func (o MfaLoginEnforcementOutput) Uuid() pulumi.StringOutput
Resource UUID.
type MfaLoginEnforcementState ¶
type MfaLoginEnforcementState struct { // Set of auth method accessor IDs. AuthMethodAccessors pulumi.StringArrayInput // Set of auth method types. AuthMethodTypes pulumi.StringArrayInput // Set of identity entity IDs. IdentityEntityIds pulumi.StringArrayInput // Set of identity group IDs. IdentityGroupIds pulumi.StringArrayInput // Set of MFA method UUIDs. MfaMethodIds pulumi.StringArrayInput // Login enforcement name. Name pulumi.StringPtrInput // Target namespace. (requires Enterprise) Namespace pulumi.StringPtrInput // Method's namespace ID. NamespaceId pulumi.StringPtrInput // Method's namespace path. NamespacePath pulumi.StringPtrInput // Resource UUID. Uuid pulumi.StringPtrInput }
func (MfaLoginEnforcementState) ElementType ¶
func (MfaLoginEnforcementState) ElementType() reflect.Type
type MfaOkta ¶
type MfaOkta struct { pulumi.CustomResourceState // Okta API token. ApiToken pulumi.StringOutput `pulumi:"apiToken"` // The base domain to use for API requests. BaseUrl pulumi.StringPtrOutput `pulumi:"baseUrl"` // Method ID. MethodId pulumi.StringOutput `pulumi:"methodId"` // Mount accessor. MountAccessor pulumi.StringOutput `pulumi:"mountAccessor"` // Method name. Name pulumi.StringOutput `pulumi:"name"` // Target namespace. (requires Enterprise) Namespace pulumi.StringPtrOutput `pulumi:"namespace"` // Method's namespace ID. NamespaceId pulumi.StringOutput `pulumi:"namespaceId"` // Method's namespace path. NamespacePath pulumi.StringOutput `pulumi:"namespacePath"` // Name of the organization to be used in the Okta API. OrgName pulumi.StringOutput `pulumi:"orgName"` // Only match the primary email for the account. PrimaryEmail pulumi.BoolPtrOutput `pulumi:"primaryEmail"` // MFA type. Type pulumi.StringOutput `pulumi:"type"` // A template string for mapping Identity names to MFA methods. UsernameFormat pulumi.StringPtrOutput `pulumi:"usernameFormat"` // Resource UUID. Uuid pulumi.StringOutput `pulumi:"uuid"` }
Resource for configuring the okta MFA method.
## Example Usage
<!--Start PulumiCodeChooser --> ```go package main
import (
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := identity.NewMfaOkta(ctx, "example", &identity.MfaOktaArgs{ ApiToken: pulumi.String("token1"), BaseUrl: pulumi.String("qux.baz.com"), OrgName: pulumi.String("org1"), }) if err != nil { return err } return nil }) }
``` <!--End PulumiCodeChooser -->
## Import
Resource can be imported using its `uuid` field, e.g.
```sh $ pulumi import vault:identity/mfaOkta:MfaOkta example 0d89c36a-4ff5-4d70-8749-bb6a5598aeec ```
func GetMfaOkta ¶
func GetMfaOkta(ctx *pulumi.Context, name string, id pulumi.IDInput, state *MfaOktaState, opts ...pulumi.ResourceOption) (*MfaOkta, error)
GetMfaOkta gets an existing MfaOkta resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewMfaOkta ¶
func NewMfaOkta(ctx *pulumi.Context, name string, args *MfaOktaArgs, opts ...pulumi.ResourceOption) (*MfaOkta, error)
NewMfaOkta registers a new resource with the given unique name, arguments, and options.
func (*MfaOkta) ElementType ¶
func (*MfaOkta) ToMfaOktaOutput ¶
func (i *MfaOkta) ToMfaOktaOutput() MfaOktaOutput
func (*MfaOkta) ToMfaOktaOutputWithContext ¶
func (i *MfaOkta) ToMfaOktaOutputWithContext(ctx context.Context) MfaOktaOutput
type MfaOktaArgs ¶
type MfaOktaArgs struct { // Okta API token. ApiToken pulumi.StringInput // The base domain to use for API requests. BaseUrl pulumi.StringPtrInput // Target namespace. (requires Enterprise) Namespace pulumi.StringPtrInput // Name of the organization to be used in the Okta API. OrgName pulumi.StringInput // Only match the primary email for the account. PrimaryEmail pulumi.BoolPtrInput // A template string for mapping Identity names to MFA methods. UsernameFormat pulumi.StringPtrInput }
The set of arguments for constructing a MfaOkta resource.
func (MfaOktaArgs) ElementType ¶
func (MfaOktaArgs) ElementType() reflect.Type
type MfaOktaArray ¶
type MfaOktaArray []MfaOktaInput
func (MfaOktaArray) ElementType ¶
func (MfaOktaArray) ElementType() reflect.Type
func (MfaOktaArray) ToMfaOktaArrayOutput ¶
func (i MfaOktaArray) ToMfaOktaArrayOutput() MfaOktaArrayOutput
func (MfaOktaArray) ToMfaOktaArrayOutputWithContext ¶
func (i MfaOktaArray) ToMfaOktaArrayOutputWithContext(ctx context.Context) MfaOktaArrayOutput
type MfaOktaArrayInput ¶
type MfaOktaArrayInput interface { pulumi.Input ToMfaOktaArrayOutput() MfaOktaArrayOutput ToMfaOktaArrayOutputWithContext(context.Context) MfaOktaArrayOutput }
MfaOktaArrayInput is an input type that accepts MfaOktaArray and MfaOktaArrayOutput values. You can construct a concrete instance of `MfaOktaArrayInput` via:
MfaOktaArray{ MfaOktaArgs{...} }
type MfaOktaArrayOutput ¶
type MfaOktaArrayOutput struct{ *pulumi.OutputState }
func (MfaOktaArrayOutput) ElementType ¶
func (MfaOktaArrayOutput) ElementType() reflect.Type
func (MfaOktaArrayOutput) Index ¶
func (o MfaOktaArrayOutput) Index(i pulumi.IntInput) MfaOktaOutput
func (MfaOktaArrayOutput) ToMfaOktaArrayOutput ¶
func (o MfaOktaArrayOutput) ToMfaOktaArrayOutput() MfaOktaArrayOutput
func (MfaOktaArrayOutput) ToMfaOktaArrayOutputWithContext ¶
func (o MfaOktaArrayOutput) ToMfaOktaArrayOutputWithContext(ctx context.Context) MfaOktaArrayOutput
type MfaOktaInput ¶
type MfaOktaInput interface { pulumi.Input ToMfaOktaOutput() MfaOktaOutput ToMfaOktaOutputWithContext(ctx context.Context) MfaOktaOutput }
type MfaOktaMap ¶
type MfaOktaMap map[string]MfaOktaInput
func (MfaOktaMap) ElementType ¶
func (MfaOktaMap) ElementType() reflect.Type
func (MfaOktaMap) ToMfaOktaMapOutput ¶
func (i MfaOktaMap) ToMfaOktaMapOutput() MfaOktaMapOutput
func (MfaOktaMap) ToMfaOktaMapOutputWithContext ¶
func (i MfaOktaMap) ToMfaOktaMapOutputWithContext(ctx context.Context) MfaOktaMapOutput
type MfaOktaMapInput ¶
type MfaOktaMapInput interface { pulumi.Input ToMfaOktaMapOutput() MfaOktaMapOutput ToMfaOktaMapOutputWithContext(context.Context) MfaOktaMapOutput }
MfaOktaMapInput is an input type that accepts MfaOktaMap and MfaOktaMapOutput values. You can construct a concrete instance of `MfaOktaMapInput` via:
MfaOktaMap{ "key": MfaOktaArgs{...} }
type MfaOktaMapOutput ¶
type MfaOktaMapOutput struct{ *pulumi.OutputState }
func (MfaOktaMapOutput) ElementType ¶
func (MfaOktaMapOutput) ElementType() reflect.Type
func (MfaOktaMapOutput) MapIndex ¶
func (o MfaOktaMapOutput) MapIndex(k pulumi.StringInput) MfaOktaOutput
func (MfaOktaMapOutput) ToMfaOktaMapOutput ¶
func (o MfaOktaMapOutput) ToMfaOktaMapOutput() MfaOktaMapOutput
func (MfaOktaMapOutput) ToMfaOktaMapOutputWithContext ¶
func (o MfaOktaMapOutput) ToMfaOktaMapOutputWithContext(ctx context.Context) MfaOktaMapOutput
type MfaOktaOutput ¶
type MfaOktaOutput struct{ *pulumi.OutputState }
func (MfaOktaOutput) ApiToken ¶
func (o MfaOktaOutput) ApiToken() pulumi.StringOutput
Okta API token.
func (MfaOktaOutput) BaseUrl ¶
func (o MfaOktaOutput) BaseUrl() pulumi.StringPtrOutput
The base domain to use for API requests.
func (MfaOktaOutput) ElementType ¶
func (MfaOktaOutput) ElementType() reflect.Type
func (MfaOktaOutput) MountAccessor ¶
func (o MfaOktaOutput) MountAccessor() pulumi.StringOutput
Mount accessor.
func (MfaOktaOutput) Namespace ¶
func (o MfaOktaOutput) Namespace() pulumi.StringPtrOutput
Target namespace. (requires Enterprise)
func (MfaOktaOutput) NamespaceId ¶
func (o MfaOktaOutput) NamespaceId() pulumi.StringOutput
Method's namespace ID.
func (MfaOktaOutput) NamespacePath ¶
func (o MfaOktaOutput) NamespacePath() pulumi.StringOutput
Method's namespace path.
func (MfaOktaOutput) OrgName ¶
func (o MfaOktaOutput) OrgName() pulumi.StringOutput
Name of the organization to be used in the Okta API.
func (MfaOktaOutput) PrimaryEmail ¶
func (o MfaOktaOutput) PrimaryEmail() pulumi.BoolPtrOutput
Only match the primary email for the account.
func (MfaOktaOutput) ToMfaOktaOutput ¶
func (o MfaOktaOutput) ToMfaOktaOutput() MfaOktaOutput
func (MfaOktaOutput) ToMfaOktaOutputWithContext ¶
func (o MfaOktaOutput) ToMfaOktaOutputWithContext(ctx context.Context) MfaOktaOutput
func (MfaOktaOutput) UsernameFormat ¶
func (o MfaOktaOutput) UsernameFormat() pulumi.StringPtrOutput
A template string for mapping Identity names to MFA methods.
type MfaOktaState ¶
type MfaOktaState struct { // Okta API token. ApiToken pulumi.StringPtrInput // The base domain to use for API requests. BaseUrl pulumi.StringPtrInput // Method ID. MethodId pulumi.StringPtrInput // Mount accessor. MountAccessor pulumi.StringPtrInput // Method name. Name pulumi.StringPtrInput // Target namespace. (requires Enterprise) Namespace pulumi.StringPtrInput // Method's namespace ID. NamespaceId pulumi.StringPtrInput // Method's namespace path. NamespacePath pulumi.StringPtrInput // Name of the organization to be used in the Okta API. OrgName pulumi.StringPtrInput // Only match the primary email for the account. PrimaryEmail pulumi.BoolPtrInput // MFA type. Type pulumi.StringPtrInput // A template string for mapping Identity names to MFA methods. UsernameFormat pulumi.StringPtrInput // Resource UUID. Uuid pulumi.StringPtrInput }
func (MfaOktaState) ElementType ¶
func (MfaOktaState) ElementType() reflect.Type
type MfaPingid ¶
type MfaPingid struct { pulumi.CustomResourceState // The admin URL, derived from "settingsFileBase64" AdminUrl pulumi.StringOutput `pulumi:"adminUrl"` // A unique identifier of the organization, derived from "settingsFileBase64" AuthenticatorUrl pulumi.StringOutput `pulumi:"authenticatorUrl"` // The IDP URL, derived from "settingsFileBase64" IdpUrl pulumi.StringOutput `pulumi:"idpUrl"` // Method ID. MethodId pulumi.StringOutput `pulumi:"methodId"` // Mount accessor. MountAccessor pulumi.StringOutput `pulumi:"mountAccessor"` // Method name. Name pulumi.StringOutput `pulumi:"name"` // Target namespace. (requires Enterprise) Namespace pulumi.StringPtrOutput `pulumi:"namespace"` // Method's namespace ID. NamespaceId pulumi.StringOutput `pulumi:"namespaceId"` // Method's namespace path. NamespacePath pulumi.StringOutput `pulumi:"namespacePath"` // The name of the PingID client organization, derived from "settingsFileBase64" OrgAlias pulumi.StringOutput `pulumi:"orgAlias"` // A base64-encoded third-party settings contents as retrieved from PingID's configuration page. SettingsFileBase64 pulumi.StringOutput `pulumi:"settingsFileBase64"` // MFA type. Type pulumi.StringOutput `pulumi:"type"` // Use signature value, derived from "settingsFileBase64" UseSignature pulumi.BoolOutput `pulumi:"useSignature"` // A template string for mapping Identity names to MFA methods. UsernameFormat pulumi.StringPtrOutput `pulumi:"usernameFormat"` // Resource UUID. Uuid pulumi.StringOutput `pulumi:"uuid"` }
Resource for configuring the pingid MFA method.
## Example Usage
<!--Start PulumiCodeChooser --> ```go package main
import (
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := identity.NewMfaPingid(ctx, "example", &identity.MfaPingidArgs{ SettingsFileBase64: pulumi.String("CnVzZV9iYXNlNjR[...]HBtCg=="), }) if err != nil { return err } return nil }) }
``` <!--End PulumiCodeChooser -->
## Import
Resource can be imported using its `uuid` field, e.g.
```sh $ pulumi import vault:identity/mfaPingid:MfaPingid example 0d89c36a-4ff5-4d70-8749-bb6a5598aeec ```
func GetMfaPingid ¶
func GetMfaPingid(ctx *pulumi.Context, name string, id pulumi.IDInput, state *MfaPingidState, opts ...pulumi.ResourceOption) (*MfaPingid, error)
GetMfaPingid gets an existing MfaPingid resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewMfaPingid ¶
func NewMfaPingid(ctx *pulumi.Context, name string, args *MfaPingidArgs, opts ...pulumi.ResourceOption) (*MfaPingid, error)
NewMfaPingid registers a new resource with the given unique name, arguments, and options.
func (*MfaPingid) ElementType ¶
func (*MfaPingid) ToMfaPingidOutput ¶
func (i *MfaPingid) ToMfaPingidOutput() MfaPingidOutput
func (*MfaPingid) ToMfaPingidOutputWithContext ¶
func (i *MfaPingid) ToMfaPingidOutputWithContext(ctx context.Context) MfaPingidOutput
type MfaPingidArgs ¶
type MfaPingidArgs struct { // Target namespace. (requires Enterprise) Namespace pulumi.StringPtrInput // A base64-encoded third-party settings contents as retrieved from PingID's configuration page. SettingsFileBase64 pulumi.StringInput // A template string for mapping Identity names to MFA methods. UsernameFormat pulumi.StringPtrInput }
The set of arguments for constructing a MfaPingid resource.
func (MfaPingidArgs) ElementType ¶
func (MfaPingidArgs) ElementType() reflect.Type
type MfaPingidArray ¶
type MfaPingidArray []MfaPingidInput
func (MfaPingidArray) ElementType ¶
func (MfaPingidArray) ElementType() reflect.Type
func (MfaPingidArray) ToMfaPingidArrayOutput ¶
func (i MfaPingidArray) ToMfaPingidArrayOutput() MfaPingidArrayOutput
func (MfaPingidArray) ToMfaPingidArrayOutputWithContext ¶
func (i MfaPingidArray) ToMfaPingidArrayOutputWithContext(ctx context.Context) MfaPingidArrayOutput
type MfaPingidArrayInput ¶
type MfaPingidArrayInput interface { pulumi.Input ToMfaPingidArrayOutput() MfaPingidArrayOutput ToMfaPingidArrayOutputWithContext(context.Context) MfaPingidArrayOutput }
MfaPingidArrayInput is an input type that accepts MfaPingidArray and MfaPingidArrayOutput values. You can construct a concrete instance of `MfaPingidArrayInput` via:
MfaPingidArray{ MfaPingidArgs{...} }
type MfaPingidArrayOutput ¶
type MfaPingidArrayOutput struct{ *pulumi.OutputState }
func (MfaPingidArrayOutput) ElementType ¶
func (MfaPingidArrayOutput) ElementType() reflect.Type
func (MfaPingidArrayOutput) Index ¶
func (o MfaPingidArrayOutput) Index(i pulumi.IntInput) MfaPingidOutput
func (MfaPingidArrayOutput) ToMfaPingidArrayOutput ¶
func (o MfaPingidArrayOutput) ToMfaPingidArrayOutput() MfaPingidArrayOutput
func (MfaPingidArrayOutput) ToMfaPingidArrayOutputWithContext ¶
func (o MfaPingidArrayOutput) ToMfaPingidArrayOutputWithContext(ctx context.Context) MfaPingidArrayOutput
type MfaPingidInput ¶
type MfaPingidInput interface { pulumi.Input ToMfaPingidOutput() MfaPingidOutput ToMfaPingidOutputWithContext(ctx context.Context) MfaPingidOutput }
type MfaPingidMap ¶
type MfaPingidMap map[string]MfaPingidInput
func (MfaPingidMap) ElementType ¶
func (MfaPingidMap) ElementType() reflect.Type
func (MfaPingidMap) ToMfaPingidMapOutput ¶
func (i MfaPingidMap) ToMfaPingidMapOutput() MfaPingidMapOutput
func (MfaPingidMap) ToMfaPingidMapOutputWithContext ¶
func (i MfaPingidMap) ToMfaPingidMapOutputWithContext(ctx context.Context) MfaPingidMapOutput
type MfaPingidMapInput ¶
type MfaPingidMapInput interface { pulumi.Input ToMfaPingidMapOutput() MfaPingidMapOutput ToMfaPingidMapOutputWithContext(context.Context) MfaPingidMapOutput }
MfaPingidMapInput is an input type that accepts MfaPingidMap and MfaPingidMapOutput values. You can construct a concrete instance of `MfaPingidMapInput` via:
MfaPingidMap{ "key": MfaPingidArgs{...} }
type MfaPingidMapOutput ¶
type MfaPingidMapOutput struct{ *pulumi.OutputState }
func (MfaPingidMapOutput) ElementType ¶
func (MfaPingidMapOutput) ElementType() reflect.Type
func (MfaPingidMapOutput) MapIndex ¶
func (o MfaPingidMapOutput) MapIndex(k pulumi.StringInput) MfaPingidOutput
func (MfaPingidMapOutput) ToMfaPingidMapOutput ¶
func (o MfaPingidMapOutput) ToMfaPingidMapOutput() MfaPingidMapOutput
func (MfaPingidMapOutput) ToMfaPingidMapOutputWithContext ¶
func (o MfaPingidMapOutput) ToMfaPingidMapOutputWithContext(ctx context.Context) MfaPingidMapOutput
type MfaPingidOutput ¶
type MfaPingidOutput struct{ *pulumi.OutputState }
func (MfaPingidOutput) AdminUrl ¶
func (o MfaPingidOutput) AdminUrl() pulumi.StringOutput
The admin URL, derived from "settingsFileBase64"
func (MfaPingidOutput) AuthenticatorUrl ¶
func (o MfaPingidOutput) AuthenticatorUrl() pulumi.StringOutput
A unique identifier of the organization, derived from "settingsFileBase64"
func (MfaPingidOutput) ElementType ¶
func (MfaPingidOutput) ElementType() reflect.Type
func (MfaPingidOutput) IdpUrl ¶
func (o MfaPingidOutput) IdpUrl() pulumi.StringOutput
The IDP URL, derived from "settingsFileBase64"
func (MfaPingidOutput) MethodId ¶
func (o MfaPingidOutput) MethodId() pulumi.StringOutput
Method ID.
func (MfaPingidOutput) MountAccessor ¶
func (o MfaPingidOutput) MountAccessor() pulumi.StringOutput
Mount accessor.
func (MfaPingidOutput) Namespace ¶
func (o MfaPingidOutput) Namespace() pulumi.StringPtrOutput
Target namespace. (requires Enterprise)
func (MfaPingidOutput) NamespaceId ¶
func (o MfaPingidOutput) NamespaceId() pulumi.StringOutput
Method's namespace ID.
func (MfaPingidOutput) NamespacePath ¶
func (o MfaPingidOutput) NamespacePath() pulumi.StringOutput
Method's namespace path.
func (MfaPingidOutput) OrgAlias ¶
func (o MfaPingidOutput) OrgAlias() pulumi.StringOutput
The name of the PingID client organization, derived from "settingsFileBase64"
func (MfaPingidOutput) SettingsFileBase64 ¶
func (o MfaPingidOutput) SettingsFileBase64() pulumi.StringOutput
A base64-encoded third-party settings contents as retrieved from PingID's configuration page.
func (MfaPingidOutput) ToMfaPingidOutput ¶
func (o MfaPingidOutput) ToMfaPingidOutput() MfaPingidOutput
func (MfaPingidOutput) ToMfaPingidOutputWithContext ¶
func (o MfaPingidOutput) ToMfaPingidOutputWithContext(ctx context.Context) MfaPingidOutput
func (MfaPingidOutput) UseSignature ¶
func (o MfaPingidOutput) UseSignature() pulumi.BoolOutput
Use signature value, derived from "settingsFileBase64"
func (MfaPingidOutput) UsernameFormat ¶
func (o MfaPingidOutput) UsernameFormat() pulumi.StringPtrOutput
A template string for mapping Identity names to MFA methods.
type MfaPingidState ¶
type MfaPingidState struct { // The admin URL, derived from "settingsFileBase64" AdminUrl pulumi.StringPtrInput // A unique identifier of the organization, derived from "settingsFileBase64" AuthenticatorUrl pulumi.StringPtrInput // The IDP URL, derived from "settingsFileBase64" IdpUrl pulumi.StringPtrInput // Method ID. MethodId pulumi.StringPtrInput // Mount accessor. MountAccessor pulumi.StringPtrInput // Method name. Name pulumi.StringPtrInput // Target namespace. (requires Enterprise) Namespace pulumi.StringPtrInput // Method's namespace ID. NamespaceId pulumi.StringPtrInput // Method's namespace path. NamespacePath pulumi.StringPtrInput // The name of the PingID client organization, derived from "settingsFileBase64" OrgAlias pulumi.StringPtrInput // A base64-encoded third-party settings contents as retrieved from PingID's configuration page. SettingsFileBase64 pulumi.StringPtrInput // MFA type. Type pulumi.StringPtrInput // Use signature value, derived from "settingsFileBase64" UseSignature pulumi.BoolPtrInput // A template string for mapping Identity names to MFA methods. UsernameFormat pulumi.StringPtrInput // Resource UUID. Uuid pulumi.StringPtrInput }
func (MfaPingidState) ElementType ¶
func (MfaPingidState) ElementType() reflect.Type
type MfaTotp ¶
type MfaTotp struct { pulumi.CustomResourceState // Specifies the hashing algorithm used to generate the TOTP code. Options include SHA1, SHA256, SHA512. Algorithm pulumi.StringPtrOutput `pulumi:"algorithm"` // The number of digits in the generated TOTP token. This value can either be 6 or 8 Digits pulumi.IntPtrOutput `pulumi:"digits"` // The name of the key's issuing organization. Issuer pulumi.StringOutput `pulumi:"issuer"` // Specifies the size in bytes of the generated key. KeySize pulumi.IntPtrOutput `pulumi:"keySize"` // The maximum number of consecutive failed validation attempts allowed. MaxValidationAttempts pulumi.IntPtrOutput `pulumi:"maxValidationAttempts"` // Method ID. MethodId pulumi.StringOutput `pulumi:"methodId"` // Mount accessor. MountAccessor pulumi.StringOutput `pulumi:"mountAccessor"` // Method name. Name pulumi.StringOutput `pulumi:"name"` // Target namespace. (requires Enterprise) Namespace pulumi.StringPtrOutput `pulumi:"namespace"` // Method's namespace ID. NamespaceId pulumi.StringOutput `pulumi:"namespaceId"` // Method's namespace path. NamespacePath pulumi.StringOutput `pulumi:"namespacePath"` // The length of time in seconds used to generate a counter for the TOTP token calculation. Period pulumi.IntPtrOutput `pulumi:"period"` // The pixel size of the generated square QR code. QrSize pulumi.IntOutput `pulumi:"qrSize"` // The number of delay periods that are allowed when validating a TOTP token. This value can either be 0 or 1. Skew pulumi.IntPtrOutput `pulumi:"skew"` // MFA type. Type pulumi.StringOutput `pulumi:"type"` // Resource UUID. Uuid pulumi.StringOutput `pulumi:"uuid"` }
Resource for configuring the totp MFA method.
## Example Usage
<!--Start PulumiCodeChooser --> ```go package main
import (
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := identity.NewMfaTotp(ctx, "example", &identity.MfaTotpArgs{ Issuer: pulumi.String("issuer1"), }) if err != nil { return err } return nil }) }
``` <!--End PulumiCodeChooser -->
## Import
Resource can be imported using its `uuid` field, e.g.
```sh $ pulumi import vault:identity/mfaTotp:MfaTotp example 0d89c36a-4ff5-4d70-8749-bb6a5598aeec ```
func GetMfaTotp ¶
func GetMfaTotp(ctx *pulumi.Context, name string, id pulumi.IDInput, state *MfaTotpState, opts ...pulumi.ResourceOption) (*MfaTotp, error)
GetMfaTotp gets an existing MfaTotp resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewMfaTotp ¶
func NewMfaTotp(ctx *pulumi.Context, name string, args *MfaTotpArgs, opts ...pulumi.ResourceOption) (*MfaTotp, error)
NewMfaTotp registers a new resource with the given unique name, arguments, and options.
func (*MfaTotp) ElementType ¶
func (*MfaTotp) ToMfaTotpOutput ¶
func (i *MfaTotp) ToMfaTotpOutput() MfaTotpOutput
func (*MfaTotp) ToMfaTotpOutputWithContext ¶
func (i *MfaTotp) ToMfaTotpOutputWithContext(ctx context.Context) MfaTotpOutput
type MfaTotpArgs ¶
type MfaTotpArgs struct { // Specifies the hashing algorithm used to generate the TOTP code. Options include SHA1, SHA256, SHA512. Algorithm pulumi.StringPtrInput // The number of digits in the generated TOTP token. This value can either be 6 or 8 Digits pulumi.IntPtrInput // The name of the key's issuing organization. Issuer pulumi.StringInput // Specifies the size in bytes of the generated key. KeySize pulumi.IntPtrInput // The maximum number of consecutive failed validation attempts allowed. MaxValidationAttempts pulumi.IntPtrInput // Target namespace. (requires Enterprise) Namespace pulumi.StringPtrInput // The length of time in seconds used to generate a counter for the TOTP token calculation. Period pulumi.IntPtrInput // The pixel size of the generated square QR code. QrSize pulumi.IntPtrInput // The number of delay periods that are allowed when validating a TOTP token. This value can either be 0 or 1. Skew pulumi.IntPtrInput }
The set of arguments for constructing a MfaTotp resource.
func (MfaTotpArgs) ElementType ¶
func (MfaTotpArgs) ElementType() reflect.Type
type MfaTotpArray ¶
type MfaTotpArray []MfaTotpInput
func (MfaTotpArray) ElementType ¶
func (MfaTotpArray) ElementType() reflect.Type
func (MfaTotpArray) ToMfaTotpArrayOutput ¶
func (i MfaTotpArray) ToMfaTotpArrayOutput() MfaTotpArrayOutput
func (MfaTotpArray) ToMfaTotpArrayOutputWithContext ¶
func (i MfaTotpArray) ToMfaTotpArrayOutputWithContext(ctx context.Context) MfaTotpArrayOutput
type MfaTotpArrayInput ¶
type MfaTotpArrayInput interface { pulumi.Input ToMfaTotpArrayOutput() MfaTotpArrayOutput ToMfaTotpArrayOutputWithContext(context.Context) MfaTotpArrayOutput }
MfaTotpArrayInput is an input type that accepts MfaTotpArray and MfaTotpArrayOutput values. You can construct a concrete instance of `MfaTotpArrayInput` via:
MfaTotpArray{ MfaTotpArgs{...} }
type MfaTotpArrayOutput ¶
type MfaTotpArrayOutput struct{ *pulumi.OutputState }
func (MfaTotpArrayOutput) ElementType ¶
func (MfaTotpArrayOutput) ElementType() reflect.Type
func (MfaTotpArrayOutput) Index ¶
func (o MfaTotpArrayOutput) Index(i pulumi.IntInput) MfaTotpOutput
func (MfaTotpArrayOutput) ToMfaTotpArrayOutput ¶
func (o MfaTotpArrayOutput) ToMfaTotpArrayOutput() MfaTotpArrayOutput
func (MfaTotpArrayOutput) ToMfaTotpArrayOutputWithContext ¶
func (o MfaTotpArrayOutput) ToMfaTotpArrayOutputWithContext(ctx context.Context) MfaTotpArrayOutput
type MfaTotpInput ¶
type MfaTotpInput interface { pulumi.Input ToMfaTotpOutput() MfaTotpOutput ToMfaTotpOutputWithContext(ctx context.Context) MfaTotpOutput }
type MfaTotpMap ¶
type MfaTotpMap map[string]MfaTotpInput
func (MfaTotpMap) ElementType ¶
func (MfaTotpMap) ElementType() reflect.Type
func (MfaTotpMap) ToMfaTotpMapOutput ¶
func (i MfaTotpMap) ToMfaTotpMapOutput() MfaTotpMapOutput
func (MfaTotpMap) ToMfaTotpMapOutputWithContext ¶
func (i MfaTotpMap) ToMfaTotpMapOutputWithContext(ctx context.Context) MfaTotpMapOutput
type MfaTotpMapInput ¶
type MfaTotpMapInput interface { pulumi.Input ToMfaTotpMapOutput() MfaTotpMapOutput ToMfaTotpMapOutputWithContext(context.Context) MfaTotpMapOutput }
MfaTotpMapInput is an input type that accepts MfaTotpMap and MfaTotpMapOutput values. You can construct a concrete instance of `MfaTotpMapInput` via:
MfaTotpMap{ "key": MfaTotpArgs{...} }
type MfaTotpMapOutput ¶
type MfaTotpMapOutput struct{ *pulumi.OutputState }
func (MfaTotpMapOutput) ElementType ¶
func (MfaTotpMapOutput) ElementType() reflect.Type
func (MfaTotpMapOutput) MapIndex ¶
func (o MfaTotpMapOutput) MapIndex(k pulumi.StringInput) MfaTotpOutput
func (MfaTotpMapOutput) ToMfaTotpMapOutput ¶
func (o MfaTotpMapOutput) ToMfaTotpMapOutput() MfaTotpMapOutput
func (MfaTotpMapOutput) ToMfaTotpMapOutputWithContext ¶
func (o MfaTotpMapOutput) ToMfaTotpMapOutputWithContext(ctx context.Context) MfaTotpMapOutput
type MfaTotpOutput ¶
type MfaTotpOutput struct{ *pulumi.OutputState }
func (MfaTotpOutput) Algorithm ¶
func (o MfaTotpOutput) Algorithm() pulumi.StringPtrOutput
Specifies the hashing algorithm used to generate the TOTP code. Options include SHA1, SHA256, SHA512.
func (MfaTotpOutput) Digits ¶
func (o MfaTotpOutput) Digits() pulumi.IntPtrOutput
The number of digits in the generated TOTP token. This value can either be 6 or 8
func (MfaTotpOutput) ElementType ¶
func (MfaTotpOutput) ElementType() reflect.Type
func (MfaTotpOutput) Issuer ¶
func (o MfaTotpOutput) Issuer() pulumi.StringOutput
The name of the key's issuing organization.
func (MfaTotpOutput) KeySize ¶
func (o MfaTotpOutput) KeySize() pulumi.IntPtrOutput
Specifies the size in bytes of the generated key.
func (MfaTotpOutput) MaxValidationAttempts ¶
func (o MfaTotpOutput) MaxValidationAttempts() pulumi.IntPtrOutput
The maximum number of consecutive failed validation attempts allowed.
func (MfaTotpOutput) MountAccessor ¶
func (o MfaTotpOutput) MountAccessor() pulumi.StringOutput
Mount accessor.
func (MfaTotpOutput) Namespace ¶
func (o MfaTotpOutput) Namespace() pulumi.StringPtrOutput
Target namespace. (requires Enterprise)
func (MfaTotpOutput) NamespaceId ¶
func (o MfaTotpOutput) NamespaceId() pulumi.StringOutput
Method's namespace ID.
func (MfaTotpOutput) NamespacePath ¶
func (o MfaTotpOutput) NamespacePath() pulumi.StringOutput
Method's namespace path.
func (MfaTotpOutput) Period ¶
func (o MfaTotpOutput) Period() pulumi.IntPtrOutput
The length of time in seconds used to generate a counter for the TOTP token calculation.
func (MfaTotpOutput) QrSize ¶
func (o MfaTotpOutput) QrSize() pulumi.IntOutput
The pixel size of the generated square QR code.
func (MfaTotpOutput) Skew ¶
func (o MfaTotpOutput) Skew() pulumi.IntPtrOutput
The number of delay periods that are allowed when validating a TOTP token. This value can either be 0 or 1.
func (MfaTotpOutput) ToMfaTotpOutput ¶
func (o MfaTotpOutput) ToMfaTotpOutput() MfaTotpOutput
func (MfaTotpOutput) ToMfaTotpOutputWithContext ¶
func (o MfaTotpOutput) ToMfaTotpOutputWithContext(ctx context.Context) MfaTotpOutput
type MfaTotpState ¶
type MfaTotpState struct { // Specifies the hashing algorithm used to generate the TOTP code. Options include SHA1, SHA256, SHA512. Algorithm pulumi.StringPtrInput // The number of digits in the generated TOTP token. This value can either be 6 or 8 Digits pulumi.IntPtrInput // The name of the key's issuing organization. Issuer pulumi.StringPtrInput // Specifies the size in bytes of the generated key. KeySize pulumi.IntPtrInput // The maximum number of consecutive failed validation attempts allowed. MaxValidationAttempts pulumi.IntPtrInput // Method ID. MethodId pulumi.StringPtrInput // Mount accessor. MountAccessor pulumi.StringPtrInput // Method name. Name pulumi.StringPtrInput // Target namespace. (requires Enterprise) Namespace pulumi.StringPtrInput // Method's namespace ID. NamespaceId pulumi.StringPtrInput // Method's namespace path. NamespacePath pulumi.StringPtrInput // The length of time in seconds used to generate a counter for the TOTP token calculation. Period pulumi.IntPtrInput // The pixel size of the generated square QR code. QrSize pulumi.IntPtrInput // The number of delay periods that are allowed when validating a TOTP token. This value can either be 0 or 1. Skew pulumi.IntPtrInput // MFA type. Type pulumi.StringPtrInput // Resource UUID. Uuid pulumi.StringPtrInput }
func (MfaTotpState) ElementType ¶
func (MfaTotpState) ElementType() reflect.Type
type Oidc ¶
type Oidc struct { pulumi.CustomResourceState // Issuer URL to be used in the iss claim of the token. If not set, Vault's // `apiAddr` will be used. The issuer is a case sensitive URL using the https scheme that contains // scheme, host, and optionally, port number and path components, but no query or fragment // components. Issuer pulumi.StringOutput `pulumi:"issuer"` // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrOutput `pulumi:"namespace"` }
Configure the [Identity Tokens Backend](https://www.vaultproject.io/docs/secrets/identity/index.html#identity-tokens).
The Identity secrets engine is the identity management solution for Vault. It internally maintains the clients who are recognized by Vault.
> **NOTE:** Each Vault server may only have one Identity Tokens Backend configuration. Multiple configurations of the resource against the same Vault server will cause a perpetual difference.
## Example Usage
<!--Start PulumiCodeChooser --> ```go package main
import (
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := identity.NewOidc(ctx, "server", &identity.OidcArgs{ Issuer: pulumi.String("https://www.acme.com"), }) if err != nil { return err } return nil }) }
``` <!--End PulumiCodeChooser -->
func GetOidc ¶
func GetOidc(ctx *pulumi.Context, name string, id pulumi.IDInput, state *OidcState, opts ...pulumi.ResourceOption) (*Oidc, error)
GetOidc gets an existing Oidc resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewOidc ¶
func NewOidc(ctx *pulumi.Context, name string, args *OidcArgs, opts ...pulumi.ResourceOption) (*Oidc, error)
NewOidc registers a new resource with the given unique name, arguments, and options.
func (*Oidc) ElementType ¶
func (*Oidc) ToOidcOutput ¶
func (i *Oidc) ToOidcOutput() OidcOutput
func (*Oidc) ToOidcOutputWithContext ¶
func (i *Oidc) ToOidcOutputWithContext(ctx context.Context) OidcOutput
type OidcArgs ¶
type OidcArgs struct { // Issuer URL to be used in the iss claim of the token. If not set, Vault's // `apiAddr` will be used. The issuer is a case sensitive URL using the https scheme that contains // scheme, host, and optionally, port number and path components, but no query or fragment // components. Issuer pulumi.StringPtrInput // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrInput }
The set of arguments for constructing a Oidc resource.
func (OidcArgs) ElementType ¶
type OidcArray ¶
type OidcArray []OidcInput
func (OidcArray) ElementType ¶
func (OidcArray) ToOidcArrayOutput ¶
func (i OidcArray) ToOidcArrayOutput() OidcArrayOutput
func (OidcArray) ToOidcArrayOutputWithContext ¶
func (i OidcArray) ToOidcArrayOutputWithContext(ctx context.Context) OidcArrayOutput
type OidcArrayInput ¶
type OidcArrayInput interface { pulumi.Input ToOidcArrayOutput() OidcArrayOutput ToOidcArrayOutputWithContext(context.Context) OidcArrayOutput }
OidcArrayInput is an input type that accepts OidcArray and OidcArrayOutput values. You can construct a concrete instance of `OidcArrayInput` via:
OidcArray{ OidcArgs{...} }
type OidcArrayOutput ¶
type OidcArrayOutput struct{ *pulumi.OutputState }
func (OidcArrayOutput) ElementType ¶
func (OidcArrayOutput) ElementType() reflect.Type
func (OidcArrayOutput) Index ¶
func (o OidcArrayOutput) Index(i pulumi.IntInput) OidcOutput
func (OidcArrayOutput) ToOidcArrayOutput ¶
func (o OidcArrayOutput) ToOidcArrayOutput() OidcArrayOutput
func (OidcArrayOutput) ToOidcArrayOutputWithContext ¶
func (o OidcArrayOutput) ToOidcArrayOutputWithContext(ctx context.Context) OidcArrayOutput
type OidcAssignment ¶
type OidcAssignment struct { pulumi.CustomResourceState // A set of Vault entity IDs. EntityIds pulumi.StringArrayOutput `pulumi:"entityIds"` // A set of Vault group IDs. GroupIds pulumi.StringArrayOutput `pulumi:"groupIds"` // The name of the assignment. Name pulumi.StringOutput `pulumi:"name"` // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrOutput `pulumi:"namespace"` }
Manages OIDC Assignments in a Vault server. See the [Vault documentation](https://www.vaultproject.io/api-docs/secret/identity/oidc-provider#create-or-update-an-assignment) for more information.
## Example Usage
<!--Start PulumiCodeChooser --> ```go package main
import (
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { internal, err := identity.NewGroup(ctx, "internal", &identity.GroupArgs{ Type: pulumi.String("internal"), Policies: pulumi.StringArray{ pulumi.String("dev"), pulumi.String("test"), }, }) if err != nil { return err } test, err := identity.NewEntity(ctx, "test", &identity.EntityArgs{ Policies: pulumi.StringArray{ pulumi.String("test"), }, }) if err != nil { return err } _, err = identity.NewOidcAssignment(ctx, "default", &identity.OidcAssignmentArgs{ EntityIds: pulumi.StringArray{ test.ID(), }, GroupIds: pulumi.StringArray{ internal.ID(), }, }) if err != nil { return err } return nil }) }
``` <!--End PulumiCodeChooser -->
## Import
OIDC Assignments can be imported using the `name`, e.g.
```sh $ pulumi import vault:identity/oidcAssignment:OidcAssignment default assignment ```
func GetOidcAssignment ¶
func GetOidcAssignment(ctx *pulumi.Context, name string, id pulumi.IDInput, state *OidcAssignmentState, opts ...pulumi.ResourceOption) (*OidcAssignment, error)
GetOidcAssignment gets an existing OidcAssignment resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewOidcAssignment ¶
func NewOidcAssignment(ctx *pulumi.Context, name string, args *OidcAssignmentArgs, opts ...pulumi.ResourceOption) (*OidcAssignment, error)
NewOidcAssignment registers a new resource with the given unique name, arguments, and options.
func (*OidcAssignment) ElementType ¶
func (*OidcAssignment) ElementType() reflect.Type
func (*OidcAssignment) ToOidcAssignmentOutput ¶
func (i *OidcAssignment) ToOidcAssignmentOutput() OidcAssignmentOutput
func (*OidcAssignment) ToOidcAssignmentOutputWithContext ¶
func (i *OidcAssignment) ToOidcAssignmentOutputWithContext(ctx context.Context) OidcAssignmentOutput
type OidcAssignmentArgs ¶
type OidcAssignmentArgs struct { // A set of Vault entity IDs. EntityIds pulumi.StringArrayInput // A set of Vault group IDs. GroupIds pulumi.StringArrayInput // The name of the assignment. Name pulumi.StringPtrInput // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrInput }
The set of arguments for constructing a OidcAssignment resource.
func (OidcAssignmentArgs) ElementType ¶
func (OidcAssignmentArgs) ElementType() reflect.Type
type OidcAssignmentArray ¶
type OidcAssignmentArray []OidcAssignmentInput
func (OidcAssignmentArray) ElementType ¶
func (OidcAssignmentArray) ElementType() reflect.Type
func (OidcAssignmentArray) ToOidcAssignmentArrayOutput ¶
func (i OidcAssignmentArray) ToOidcAssignmentArrayOutput() OidcAssignmentArrayOutput
func (OidcAssignmentArray) ToOidcAssignmentArrayOutputWithContext ¶
func (i OidcAssignmentArray) ToOidcAssignmentArrayOutputWithContext(ctx context.Context) OidcAssignmentArrayOutput
type OidcAssignmentArrayInput ¶
type OidcAssignmentArrayInput interface { pulumi.Input ToOidcAssignmentArrayOutput() OidcAssignmentArrayOutput ToOidcAssignmentArrayOutputWithContext(context.Context) OidcAssignmentArrayOutput }
OidcAssignmentArrayInput is an input type that accepts OidcAssignmentArray and OidcAssignmentArrayOutput values. You can construct a concrete instance of `OidcAssignmentArrayInput` via:
OidcAssignmentArray{ OidcAssignmentArgs{...} }
type OidcAssignmentArrayOutput ¶
type OidcAssignmentArrayOutput struct{ *pulumi.OutputState }
func (OidcAssignmentArrayOutput) ElementType ¶
func (OidcAssignmentArrayOutput) ElementType() reflect.Type
func (OidcAssignmentArrayOutput) Index ¶
func (o OidcAssignmentArrayOutput) Index(i pulumi.IntInput) OidcAssignmentOutput
func (OidcAssignmentArrayOutput) ToOidcAssignmentArrayOutput ¶
func (o OidcAssignmentArrayOutput) ToOidcAssignmentArrayOutput() OidcAssignmentArrayOutput
func (OidcAssignmentArrayOutput) ToOidcAssignmentArrayOutputWithContext ¶
func (o OidcAssignmentArrayOutput) ToOidcAssignmentArrayOutputWithContext(ctx context.Context) OidcAssignmentArrayOutput
type OidcAssignmentInput ¶
type OidcAssignmentInput interface { pulumi.Input ToOidcAssignmentOutput() OidcAssignmentOutput ToOidcAssignmentOutputWithContext(ctx context.Context) OidcAssignmentOutput }
type OidcAssignmentMap ¶
type OidcAssignmentMap map[string]OidcAssignmentInput
func (OidcAssignmentMap) ElementType ¶
func (OidcAssignmentMap) ElementType() reflect.Type
func (OidcAssignmentMap) ToOidcAssignmentMapOutput ¶
func (i OidcAssignmentMap) ToOidcAssignmentMapOutput() OidcAssignmentMapOutput
func (OidcAssignmentMap) ToOidcAssignmentMapOutputWithContext ¶
func (i OidcAssignmentMap) ToOidcAssignmentMapOutputWithContext(ctx context.Context) OidcAssignmentMapOutput
type OidcAssignmentMapInput ¶
type OidcAssignmentMapInput interface { pulumi.Input ToOidcAssignmentMapOutput() OidcAssignmentMapOutput ToOidcAssignmentMapOutputWithContext(context.Context) OidcAssignmentMapOutput }
OidcAssignmentMapInput is an input type that accepts OidcAssignmentMap and OidcAssignmentMapOutput values. You can construct a concrete instance of `OidcAssignmentMapInput` via:
OidcAssignmentMap{ "key": OidcAssignmentArgs{...} }
type OidcAssignmentMapOutput ¶
type OidcAssignmentMapOutput struct{ *pulumi.OutputState }
func (OidcAssignmentMapOutput) ElementType ¶
func (OidcAssignmentMapOutput) ElementType() reflect.Type
func (OidcAssignmentMapOutput) MapIndex ¶
func (o OidcAssignmentMapOutput) MapIndex(k pulumi.StringInput) OidcAssignmentOutput
func (OidcAssignmentMapOutput) ToOidcAssignmentMapOutput ¶
func (o OidcAssignmentMapOutput) ToOidcAssignmentMapOutput() OidcAssignmentMapOutput
func (OidcAssignmentMapOutput) ToOidcAssignmentMapOutputWithContext ¶
func (o OidcAssignmentMapOutput) ToOidcAssignmentMapOutputWithContext(ctx context.Context) OidcAssignmentMapOutput
type OidcAssignmentOutput ¶
type OidcAssignmentOutput struct{ *pulumi.OutputState }
func (OidcAssignmentOutput) ElementType ¶
func (OidcAssignmentOutput) ElementType() reflect.Type
func (OidcAssignmentOutput) EntityIds ¶
func (o OidcAssignmentOutput) EntityIds() pulumi.StringArrayOutput
A set of Vault entity IDs.
func (OidcAssignmentOutput) GroupIds ¶
func (o OidcAssignmentOutput) GroupIds() pulumi.StringArrayOutput
A set of Vault group IDs.
func (OidcAssignmentOutput) Name ¶
func (o OidcAssignmentOutput) Name() pulumi.StringOutput
The name of the assignment.
func (OidcAssignmentOutput) Namespace ¶
func (o OidcAssignmentOutput) Namespace() pulumi.StringPtrOutput
The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). *Available only for Vault Enterprise*.
func (OidcAssignmentOutput) ToOidcAssignmentOutput ¶
func (o OidcAssignmentOutput) ToOidcAssignmentOutput() OidcAssignmentOutput
func (OidcAssignmentOutput) ToOidcAssignmentOutputWithContext ¶
func (o OidcAssignmentOutput) ToOidcAssignmentOutputWithContext(ctx context.Context) OidcAssignmentOutput
type OidcAssignmentState ¶
type OidcAssignmentState struct { // A set of Vault entity IDs. EntityIds pulumi.StringArrayInput // A set of Vault group IDs. GroupIds pulumi.StringArrayInput // The name of the assignment. Name pulumi.StringPtrInput // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrInput }
func (OidcAssignmentState) ElementType ¶
func (OidcAssignmentState) ElementType() reflect.Type
type OidcClient ¶
type OidcClient struct { pulumi.CustomResourceState // The time-to-live for access tokens obtained by the client. AccessTokenTtl pulumi.IntOutput `pulumi:"accessTokenTtl"` // A list of assignment resources associated with the client. Assignments pulumi.StringArrayOutput `pulumi:"assignments"` // The Client ID returned by Vault. ClientId pulumi.StringOutput `pulumi:"clientId"` // The Client Secret Key returned by Vault. // For public OpenID Clients `clientSecret` is set to an empty string `""` ClientSecret pulumi.StringOutput `pulumi:"clientSecret"` // The client type based on its ability to maintain confidentiality of credentials. // The following client types are supported: `confidential`, `public`. Defaults to `confidential`. ClientType pulumi.StringOutput `pulumi:"clientType"` // The time-to-live for ID tokens obtained by the client. // The value should be less than the `verificationTtl` on the key. IdTokenTtl pulumi.IntOutput `pulumi:"idTokenTtl"` // A reference to a named key resource in Vault. // This cannot be modified after creation. If not provided, the `default` // key is used. Key pulumi.StringOutput `pulumi:"key"` // The name of the client. Name pulumi.StringOutput `pulumi:"name"` // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrOutput `pulumi:"namespace"` // Redirection URI values used by the client. // One of these values must exactly match the `redirectUri` parameter value // used in each authentication request. RedirectUris pulumi.StringArrayOutput `pulumi:"redirectUris"` }
Manages OIDC Clients in a Vault server. See the [Vault documentation](https://www.vaultproject.io/api-docs/secret/identity/oidc-provider#create-or-update-an-assignment) for more information.
## Example Usage
<!--Start PulumiCodeChooser --> ```go package main
import (
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { testOidcAssignment, err := identity.NewOidcAssignment(ctx, "testOidcAssignment", &identity.OidcAssignmentArgs{ EntityIds: pulumi.StringArray{ pulumi.String("ascbascas-2231a-sdfaa"), }, GroupIds: pulumi.StringArray{ pulumi.String("sajkdsad-32414-sfsada"), }, }) if err != nil { return err } _, err = identity.NewOidcClient(ctx, "testOidcClient", &identity.OidcClientArgs{ RedirectUris: pulumi.StringArray{ pulumi.String("http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback"), pulumi.String("http://127.0.0.1:8251/callback"), pulumi.String("http://127.0.0.1:8080/callback"), }, Assignments: pulumi.StringArray{ testOidcAssignment.Name, }, IdTokenTtl: pulumi.Int(2400), AccessTokenTtl: pulumi.Int(7200), }) if err != nil { return err } return nil }) }
``` <!--End PulumiCodeChooser -->
## Import
OIDC Clients can be imported using the `name`, e.g.
```sh $ pulumi import vault:identity/oidcClient:OidcClient test my-app ```
func GetOidcClient ¶
func GetOidcClient(ctx *pulumi.Context, name string, id pulumi.IDInput, state *OidcClientState, opts ...pulumi.ResourceOption) (*OidcClient, error)
GetOidcClient gets an existing OidcClient resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewOidcClient ¶
func NewOidcClient(ctx *pulumi.Context, name string, args *OidcClientArgs, opts ...pulumi.ResourceOption) (*OidcClient, error)
NewOidcClient registers a new resource with the given unique name, arguments, and options.
func (*OidcClient) ElementType ¶
func (*OidcClient) ElementType() reflect.Type
func (*OidcClient) ToOidcClientOutput ¶
func (i *OidcClient) ToOidcClientOutput() OidcClientOutput
func (*OidcClient) ToOidcClientOutputWithContext ¶
func (i *OidcClient) ToOidcClientOutputWithContext(ctx context.Context) OidcClientOutput
type OidcClientArgs ¶
type OidcClientArgs struct { // The time-to-live for access tokens obtained by the client. AccessTokenTtl pulumi.IntPtrInput // A list of assignment resources associated with the client. Assignments pulumi.StringArrayInput // The client type based on its ability to maintain confidentiality of credentials. // The following client types are supported: `confidential`, `public`. Defaults to `confidential`. ClientType pulumi.StringPtrInput // The time-to-live for ID tokens obtained by the client. // The value should be less than the `verificationTtl` on the key. IdTokenTtl pulumi.IntPtrInput // A reference to a named key resource in Vault. // This cannot be modified after creation. If not provided, the `default` // key is used. Key pulumi.StringPtrInput // The name of the client. Name pulumi.StringPtrInput // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrInput // Redirection URI values used by the client. // One of these values must exactly match the `redirectUri` parameter value // used in each authentication request. RedirectUris pulumi.StringArrayInput }
The set of arguments for constructing a OidcClient resource.
func (OidcClientArgs) ElementType ¶
func (OidcClientArgs) ElementType() reflect.Type
type OidcClientArray ¶
type OidcClientArray []OidcClientInput
func (OidcClientArray) ElementType ¶
func (OidcClientArray) ElementType() reflect.Type
func (OidcClientArray) ToOidcClientArrayOutput ¶
func (i OidcClientArray) ToOidcClientArrayOutput() OidcClientArrayOutput
func (OidcClientArray) ToOidcClientArrayOutputWithContext ¶
func (i OidcClientArray) ToOidcClientArrayOutputWithContext(ctx context.Context) OidcClientArrayOutput
type OidcClientArrayInput ¶
type OidcClientArrayInput interface { pulumi.Input ToOidcClientArrayOutput() OidcClientArrayOutput ToOidcClientArrayOutputWithContext(context.Context) OidcClientArrayOutput }
OidcClientArrayInput is an input type that accepts OidcClientArray and OidcClientArrayOutput values. You can construct a concrete instance of `OidcClientArrayInput` via:
OidcClientArray{ OidcClientArgs{...} }
type OidcClientArrayOutput ¶
type OidcClientArrayOutput struct{ *pulumi.OutputState }
func (OidcClientArrayOutput) ElementType ¶
func (OidcClientArrayOutput) ElementType() reflect.Type
func (OidcClientArrayOutput) Index ¶
func (o OidcClientArrayOutput) Index(i pulumi.IntInput) OidcClientOutput
func (OidcClientArrayOutput) ToOidcClientArrayOutput ¶
func (o OidcClientArrayOutput) ToOidcClientArrayOutput() OidcClientArrayOutput
func (OidcClientArrayOutput) ToOidcClientArrayOutputWithContext ¶
func (o OidcClientArrayOutput) ToOidcClientArrayOutputWithContext(ctx context.Context) OidcClientArrayOutput
type OidcClientInput ¶
type OidcClientInput interface { pulumi.Input ToOidcClientOutput() OidcClientOutput ToOidcClientOutputWithContext(ctx context.Context) OidcClientOutput }
type OidcClientMap ¶
type OidcClientMap map[string]OidcClientInput
func (OidcClientMap) ElementType ¶
func (OidcClientMap) ElementType() reflect.Type
func (OidcClientMap) ToOidcClientMapOutput ¶
func (i OidcClientMap) ToOidcClientMapOutput() OidcClientMapOutput
func (OidcClientMap) ToOidcClientMapOutputWithContext ¶
func (i OidcClientMap) ToOidcClientMapOutputWithContext(ctx context.Context) OidcClientMapOutput
type OidcClientMapInput ¶
type OidcClientMapInput interface { pulumi.Input ToOidcClientMapOutput() OidcClientMapOutput ToOidcClientMapOutputWithContext(context.Context) OidcClientMapOutput }
OidcClientMapInput is an input type that accepts OidcClientMap and OidcClientMapOutput values. You can construct a concrete instance of `OidcClientMapInput` via:
OidcClientMap{ "key": OidcClientArgs{...} }
type OidcClientMapOutput ¶
type OidcClientMapOutput struct{ *pulumi.OutputState }
func (OidcClientMapOutput) ElementType ¶
func (OidcClientMapOutput) ElementType() reflect.Type
func (OidcClientMapOutput) MapIndex ¶
func (o OidcClientMapOutput) MapIndex(k pulumi.StringInput) OidcClientOutput
func (OidcClientMapOutput) ToOidcClientMapOutput ¶
func (o OidcClientMapOutput) ToOidcClientMapOutput() OidcClientMapOutput
func (OidcClientMapOutput) ToOidcClientMapOutputWithContext ¶
func (o OidcClientMapOutput) ToOidcClientMapOutputWithContext(ctx context.Context) OidcClientMapOutput
type OidcClientOutput ¶
type OidcClientOutput struct{ *pulumi.OutputState }
func (OidcClientOutput) AccessTokenTtl ¶
func (o OidcClientOutput) AccessTokenTtl() pulumi.IntOutput
The time-to-live for access tokens obtained by the client.
func (OidcClientOutput) Assignments ¶
func (o OidcClientOutput) Assignments() pulumi.StringArrayOutput
A list of assignment resources associated with the client.
func (OidcClientOutput) ClientId ¶
func (o OidcClientOutput) ClientId() pulumi.StringOutput
The Client ID returned by Vault.
func (OidcClientOutput) ClientSecret ¶
func (o OidcClientOutput) ClientSecret() pulumi.StringOutput
The Client Secret Key returned by Vault. For public OpenID Clients `clientSecret` is set to an empty string `""`
func (OidcClientOutput) ClientType ¶
func (o OidcClientOutput) ClientType() pulumi.StringOutput
The client type based on its ability to maintain confidentiality of credentials. The following client types are supported: `confidential`, `public`. Defaults to `confidential`.
func (OidcClientOutput) ElementType ¶
func (OidcClientOutput) ElementType() reflect.Type
func (OidcClientOutput) IdTokenTtl ¶
func (o OidcClientOutput) IdTokenTtl() pulumi.IntOutput
The time-to-live for ID tokens obtained by the client. The value should be less than the `verificationTtl` on the key.
func (OidcClientOutput) Key ¶
func (o OidcClientOutput) Key() pulumi.StringOutput
A reference to a named key resource in Vault. This cannot be modified after creation. If not provided, the `default` key is used.
func (OidcClientOutput) Name ¶
func (o OidcClientOutput) Name() pulumi.StringOutput
The name of the client.
func (OidcClientOutput) Namespace ¶
func (o OidcClientOutput) Namespace() pulumi.StringPtrOutput
The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). *Available only for Vault Enterprise*.
func (OidcClientOutput) RedirectUris ¶
func (o OidcClientOutput) RedirectUris() pulumi.StringArrayOutput
Redirection URI values used by the client. One of these values must exactly match the `redirectUri` parameter value used in each authentication request.
func (OidcClientOutput) ToOidcClientOutput ¶
func (o OidcClientOutput) ToOidcClientOutput() OidcClientOutput
func (OidcClientOutput) ToOidcClientOutputWithContext ¶
func (o OidcClientOutput) ToOidcClientOutputWithContext(ctx context.Context) OidcClientOutput
type OidcClientState ¶
type OidcClientState struct { // The time-to-live for access tokens obtained by the client. AccessTokenTtl pulumi.IntPtrInput // A list of assignment resources associated with the client. Assignments pulumi.StringArrayInput // The Client ID returned by Vault. ClientId pulumi.StringPtrInput // The Client Secret Key returned by Vault. // For public OpenID Clients `clientSecret` is set to an empty string `""` ClientSecret pulumi.StringPtrInput // The client type based on its ability to maintain confidentiality of credentials. // The following client types are supported: `confidential`, `public`. Defaults to `confidential`. ClientType pulumi.StringPtrInput // The time-to-live for ID tokens obtained by the client. // The value should be less than the `verificationTtl` on the key. IdTokenTtl pulumi.IntPtrInput // A reference to a named key resource in Vault. // This cannot be modified after creation. If not provided, the `default` // key is used. Key pulumi.StringPtrInput // The name of the client. Name pulumi.StringPtrInput // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrInput // Redirection URI values used by the client. // One of these values must exactly match the `redirectUri` parameter value // used in each authentication request. RedirectUris pulumi.StringArrayInput }
func (OidcClientState) ElementType ¶
func (OidcClientState) ElementType() reflect.Type
type OidcInput ¶
type OidcInput interface { pulumi.Input ToOidcOutput() OidcOutput ToOidcOutputWithContext(ctx context.Context) OidcOutput }
type OidcKey ¶
type OidcKey struct { pulumi.CustomResourceState // Signing algorithm to use. Signing algorithm to use. // Allowed values are: RS256 (default), RS384, RS512, ES256, ES384, ES512, EdDSA. Algorithm pulumi.StringPtrOutput `pulumi:"algorithm"` // Array of role client ID allowed to use this key for signing. If // empty, no roles are allowed. If `["*"]`, all roles are allowed. AllowedClientIds pulumi.StringArrayOutput `pulumi:"allowedClientIds"` // Name of the OIDC Key to create. Name pulumi.StringOutput `pulumi:"name"` // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrOutput `pulumi:"namespace"` // How often to generate a new signing key in number of seconds RotationPeriod pulumi.IntPtrOutput `pulumi:"rotationPeriod"` // "Controls how long the public portion of a signing key will be // available for verification after being rotated in seconds. VerificationTtl pulumi.IntPtrOutput `pulumi:"verificationTtl"` }
## Example Usage
<!--Start PulumiCodeChooser --> ```go package main
import (
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { key, err := identity.NewOidcKey(ctx, "key", &identity.OidcKeyArgs{ Algorithm: pulumi.String("RS256"), }) if err != nil { return err } roleOidcRole, err := identity.NewOidcRole(ctx, "roleOidcRole", &identity.OidcRoleArgs{ Key: key.Name, }) if err != nil { return err } _, err = identity.NewOidcKeyAllowedClientID(ctx, "roleOidcKeyAllowedClientID", &identity.OidcKeyAllowedClientIDArgs{ KeyName: key.Name, AllowedClientId: roleOidcRole.ClientId, }) if err != nil { return err } return nil }) }
``` <!--End PulumiCodeChooser -->
## Import
The key can be imported with the key name, for example:
```sh $ pulumi import vault:identity/oidcKey:OidcKey key key ```
func GetOidcKey ¶
func GetOidcKey(ctx *pulumi.Context, name string, id pulumi.IDInput, state *OidcKeyState, opts ...pulumi.ResourceOption) (*OidcKey, error)
GetOidcKey gets an existing OidcKey resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewOidcKey ¶
func NewOidcKey(ctx *pulumi.Context, name string, args *OidcKeyArgs, opts ...pulumi.ResourceOption) (*OidcKey, error)
NewOidcKey registers a new resource with the given unique name, arguments, and options.
func (*OidcKey) ElementType ¶
func (*OidcKey) ToOidcKeyOutput ¶
func (i *OidcKey) ToOidcKeyOutput() OidcKeyOutput
func (*OidcKey) ToOidcKeyOutputWithContext ¶
func (i *OidcKey) ToOidcKeyOutputWithContext(ctx context.Context) OidcKeyOutput
type OidcKeyAllowedClientID ¶
type OidcKeyAllowedClientID struct { pulumi.CustomResourceState // Client ID to allow usage with the OIDC named key AllowedClientId pulumi.StringOutput `pulumi:"allowedClientId"` // Name of the OIDC Key allow the Client ID. KeyName pulumi.StringOutput `pulumi:"keyName"` // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrOutput `pulumi:"namespace"` }
## Example Usage
<!--Start PulumiCodeChooser --> ```go package main
import (
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { key, err := identity.NewOidcKey(ctx, "key", &identity.OidcKeyArgs{ Algorithm: pulumi.String("RS256"), }) if err != nil { return err } roleOidcRole, err := identity.NewOidcRole(ctx, "roleOidcRole", &identity.OidcRoleArgs{ Key: key.Name, }) if err != nil { return err } _, err = identity.NewOidcKeyAllowedClientID(ctx, "roleOidcKeyAllowedClientID", &identity.OidcKeyAllowedClientIDArgs{ KeyName: key.Name, AllowedClientId: roleOidcRole.ClientId, }) if err != nil { return err } return nil }) }
``` <!--End PulumiCodeChooser -->
func GetOidcKeyAllowedClientID ¶
func GetOidcKeyAllowedClientID(ctx *pulumi.Context, name string, id pulumi.IDInput, state *OidcKeyAllowedClientIDState, opts ...pulumi.ResourceOption) (*OidcKeyAllowedClientID, error)
GetOidcKeyAllowedClientID gets an existing OidcKeyAllowedClientID resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewOidcKeyAllowedClientID ¶
func NewOidcKeyAllowedClientID(ctx *pulumi.Context, name string, args *OidcKeyAllowedClientIDArgs, opts ...pulumi.ResourceOption) (*OidcKeyAllowedClientID, error)
NewOidcKeyAllowedClientID registers a new resource with the given unique name, arguments, and options.
func (*OidcKeyAllowedClientID) ElementType ¶
func (*OidcKeyAllowedClientID) ElementType() reflect.Type
func (*OidcKeyAllowedClientID) ToOidcKeyAllowedClientIDOutput ¶
func (i *OidcKeyAllowedClientID) ToOidcKeyAllowedClientIDOutput() OidcKeyAllowedClientIDOutput
func (*OidcKeyAllowedClientID) ToOidcKeyAllowedClientIDOutputWithContext ¶
func (i *OidcKeyAllowedClientID) ToOidcKeyAllowedClientIDOutputWithContext(ctx context.Context) OidcKeyAllowedClientIDOutput
type OidcKeyAllowedClientIDArgs ¶
type OidcKeyAllowedClientIDArgs struct { // Client ID to allow usage with the OIDC named key AllowedClientId pulumi.StringInput // Name of the OIDC Key allow the Client ID. KeyName pulumi.StringInput // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrInput }
The set of arguments for constructing a OidcKeyAllowedClientID resource.
func (OidcKeyAllowedClientIDArgs) ElementType ¶
func (OidcKeyAllowedClientIDArgs) ElementType() reflect.Type
type OidcKeyAllowedClientIDArray ¶
type OidcKeyAllowedClientIDArray []OidcKeyAllowedClientIDInput
func (OidcKeyAllowedClientIDArray) ElementType ¶
func (OidcKeyAllowedClientIDArray) ElementType() reflect.Type
func (OidcKeyAllowedClientIDArray) ToOidcKeyAllowedClientIDArrayOutput ¶
func (i OidcKeyAllowedClientIDArray) ToOidcKeyAllowedClientIDArrayOutput() OidcKeyAllowedClientIDArrayOutput
func (OidcKeyAllowedClientIDArray) ToOidcKeyAllowedClientIDArrayOutputWithContext ¶
func (i OidcKeyAllowedClientIDArray) ToOidcKeyAllowedClientIDArrayOutputWithContext(ctx context.Context) OidcKeyAllowedClientIDArrayOutput
type OidcKeyAllowedClientIDArrayInput ¶
type OidcKeyAllowedClientIDArrayInput interface { pulumi.Input ToOidcKeyAllowedClientIDArrayOutput() OidcKeyAllowedClientIDArrayOutput ToOidcKeyAllowedClientIDArrayOutputWithContext(context.Context) OidcKeyAllowedClientIDArrayOutput }
OidcKeyAllowedClientIDArrayInput is an input type that accepts OidcKeyAllowedClientIDArray and OidcKeyAllowedClientIDArrayOutput values. You can construct a concrete instance of `OidcKeyAllowedClientIDArrayInput` via:
OidcKeyAllowedClientIDArray{ OidcKeyAllowedClientIDArgs{...} }
type OidcKeyAllowedClientIDArrayOutput ¶
type OidcKeyAllowedClientIDArrayOutput struct{ *pulumi.OutputState }
func (OidcKeyAllowedClientIDArrayOutput) ElementType ¶
func (OidcKeyAllowedClientIDArrayOutput) ElementType() reflect.Type
func (OidcKeyAllowedClientIDArrayOutput) Index ¶
func (o OidcKeyAllowedClientIDArrayOutput) Index(i pulumi.IntInput) OidcKeyAllowedClientIDOutput
func (OidcKeyAllowedClientIDArrayOutput) ToOidcKeyAllowedClientIDArrayOutput ¶
func (o OidcKeyAllowedClientIDArrayOutput) ToOidcKeyAllowedClientIDArrayOutput() OidcKeyAllowedClientIDArrayOutput
func (OidcKeyAllowedClientIDArrayOutput) ToOidcKeyAllowedClientIDArrayOutputWithContext ¶
func (o OidcKeyAllowedClientIDArrayOutput) ToOidcKeyAllowedClientIDArrayOutputWithContext(ctx context.Context) OidcKeyAllowedClientIDArrayOutput
type OidcKeyAllowedClientIDInput ¶
type OidcKeyAllowedClientIDInput interface { pulumi.Input ToOidcKeyAllowedClientIDOutput() OidcKeyAllowedClientIDOutput ToOidcKeyAllowedClientIDOutputWithContext(ctx context.Context) OidcKeyAllowedClientIDOutput }
type OidcKeyAllowedClientIDMap ¶
type OidcKeyAllowedClientIDMap map[string]OidcKeyAllowedClientIDInput
func (OidcKeyAllowedClientIDMap) ElementType ¶
func (OidcKeyAllowedClientIDMap) ElementType() reflect.Type
func (OidcKeyAllowedClientIDMap) ToOidcKeyAllowedClientIDMapOutput ¶
func (i OidcKeyAllowedClientIDMap) ToOidcKeyAllowedClientIDMapOutput() OidcKeyAllowedClientIDMapOutput
func (OidcKeyAllowedClientIDMap) ToOidcKeyAllowedClientIDMapOutputWithContext ¶
func (i OidcKeyAllowedClientIDMap) ToOidcKeyAllowedClientIDMapOutputWithContext(ctx context.Context) OidcKeyAllowedClientIDMapOutput
type OidcKeyAllowedClientIDMapInput ¶
type OidcKeyAllowedClientIDMapInput interface { pulumi.Input ToOidcKeyAllowedClientIDMapOutput() OidcKeyAllowedClientIDMapOutput ToOidcKeyAllowedClientIDMapOutputWithContext(context.Context) OidcKeyAllowedClientIDMapOutput }
OidcKeyAllowedClientIDMapInput is an input type that accepts OidcKeyAllowedClientIDMap and OidcKeyAllowedClientIDMapOutput values. You can construct a concrete instance of `OidcKeyAllowedClientIDMapInput` via:
OidcKeyAllowedClientIDMap{ "key": OidcKeyAllowedClientIDArgs{...} }
type OidcKeyAllowedClientIDMapOutput ¶
type OidcKeyAllowedClientIDMapOutput struct{ *pulumi.OutputState }
func (OidcKeyAllowedClientIDMapOutput) ElementType ¶
func (OidcKeyAllowedClientIDMapOutput) ElementType() reflect.Type
func (OidcKeyAllowedClientIDMapOutput) MapIndex ¶
func (o OidcKeyAllowedClientIDMapOutput) MapIndex(k pulumi.StringInput) OidcKeyAllowedClientIDOutput
func (OidcKeyAllowedClientIDMapOutput) ToOidcKeyAllowedClientIDMapOutput ¶
func (o OidcKeyAllowedClientIDMapOutput) ToOidcKeyAllowedClientIDMapOutput() OidcKeyAllowedClientIDMapOutput
func (OidcKeyAllowedClientIDMapOutput) ToOidcKeyAllowedClientIDMapOutputWithContext ¶
func (o OidcKeyAllowedClientIDMapOutput) ToOidcKeyAllowedClientIDMapOutputWithContext(ctx context.Context) OidcKeyAllowedClientIDMapOutput
type OidcKeyAllowedClientIDOutput ¶
type OidcKeyAllowedClientIDOutput struct{ *pulumi.OutputState }
func (OidcKeyAllowedClientIDOutput) AllowedClientId ¶
func (o OidcKeyAllowedClientIDOutput) AllowedClientId() pulumi.StringOutput
Client ID to allow usage with the OIDC named key
func (OidcKeyAllowedClientIDOutput) ElementType ¶
func (OidcKeyAllowedClientIDOutput) ElementType() reflect.Type
func (OidcKeyAllowedClientIDOutput) KeyName ¶
func (o OidcKeyAllowedClientIDOutput) KeyName() pulumi.StringOutput
Name of the OIDC Key allow the Client ID.
func (OidcKeyAllowedClientIDOutput) Namespace ¶
func (o OidcKeyAllowedClientIDOutput) Namespace() pulumi.StringPtrOutput
The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). *Available only for Vault Enterprise*.
func (OidcKeyAllowedClientIDOutput) ToOidcKeyAllowedClientIDOutput ¶
func (o OidcKeyAllowedClientIDOutput) ToOidcKeyAllowedClientIDOutput() OidcKeyAllowedClientIDOutput
func (OidcKeyAllowedClientIDOutput) ToOidcKeyAllowedClientIDOutputWithContext ¶
func (o OidcKeyAllowedClientIDOutput) ToOidcKeyAllowedClientIDOutputWithContext(ctx context.Context) OidcKeyAllowedClientIDOutput
type OidcKeyAllowedClientIDState ¶
type OidcKeyAllowedClientIDState struct { // Client ID to allow usage with the OIDC named key AllowedClientId pulumi.StringPtrInput // Name of the OIDC Key allow the Client ID. KeyName pulumi.StringPtrInput // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrInput }
func (OidcKeyAllowedClientIDState) ElementType ¶
func (OidcKeyAllowedClientIDState) ElementType() reflect.Type
type OidcKeyArgs ¶
type OidcKeyArgs struct { // Signing algorithm to use. Signing algorithm to use. // Allowed values are: RS256 (default), RS384, RS512, ES256, ES384, ES512, EdDSA. Algorithm pulumi.StringPtrInput // Array of role client ID allowed to use this key for signing. If // empty, no roles are allowed. If `["*"]`, all roles are allowed. AllowedClientIds pulumi.StringArrayInput // Name of the OIDC Key to create. Name pulumi.StringPtrInput // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrInput // How often to generate a new signing key in number of seconds RotationPeriod pulumi.IntPtrInput // "Controls how long the public portion of a signing key will be // available for verification after being rotated in seconds. VerificationTtl pulumi.IntPtrInput }
The set of arguments for constructing a OidcKey resource.
func (OidcKeyArgs) ElementType ¶
func (OidcKeyArgs) ElementType() reflect.Type
type OidcKeyArray ¶
type OidcKeyArray []OidcKeyInput
func (OidcKeyArray) ElementType ¶
func (OidcKeyArray) ElementType() reflect.Type
func (OidcKeyArray) ToOidcKeyArrayOutput ¶
func (i OidcKeyArray) ToOidcKeyArrayOutput() OidcKeyArrayOutput
func (OidcKeyArray) ToOidcKeyArrayOutputWithContext ¶
func (i OidcKeyArray) ToOidcKeyArrayOutputWithContext(ctx context.Context) OidcKeyArrayOutput
type OidcKeyArrayInput ¶
type OidcKeyArrayInput interface { pulumi.Input ToOidcKeyArrayOutput() OidcKeyArrayOutput ToOidcKeyArrayOutputWithContext(context.Context) OidcKeyArrayOutput }
OidcKeyArrayInput is an input type that accepts OidcKeyArray and OidcKeyArrayOutput values. You can construct a concrete instance of `OidcKeyArrayInput` via:
OidcKeyArray{ OidcKeyArgs{...} }
type OidcKeyArrayOutput ¶
type OidcKeyArrayOutput struct{ *pulumi.OutputState }
func (OidcKeyArrayOutput) ElementType ¶
func (OidcKeyArrayOutput) ElementType() reflect.Type
func (OidcKeyArrayOutput) Index ¶
func (o OidcKeyArrayOutput) Index(i pulumi.IntInput) OidcKeyOutput
func (OidcKeyArrayOutput) ToOidcKeyArrayOutput ¶
func (o OidcKeyArrayOutput) ToOidcKeyArrayOutput() OidcKeyArrayOutput
func (OidcKeyArrayOutput) ToOidcKeyArrayOutputWithContext ¶
func (o OidcKeyArrayOutput) ToOidcKeyArrayOutputWithContext(ctx context.Context) OidcKeyArrayOutput
type OidcKeyInput ¶
type OidcKeyInput interface { pulumi.Input ToOidcKeyOutput() OidcKeyOutput ToOidcKeyOutputWithContext(ctx context.Context) OidcKeyOutput }
type OidcKeyMap ¶
type OidcKeyMap map[string]OidcKeyInput
func (OidcKeyMap) ElementType ¶
func (OidcKeyMap) ElementType() reflect.Type
func (OidcKeyMap) ToOidcKeyMapOutput ¶
func (i OidcKeyMap) ToOidcKeyMapOutput() OidcKeyMapOutput
func (OidcKeyMap) ToOidcKeyMapOutputWithContext ¶
func (i OidcKeyMap) ToOidcKeyMapOutputWithContext(ctx context.Context) OidcKeyMapOutput
type OidcKeyMapInput ¶
type OidcKeyMapInput interface { pulumi.Input ToOidcKeyMapOutput() OidcKeyMapOutput ToOidcKeyMapOutputWithContext(context.Context) OidcKeyMapOutput }
OidcKeyMapInput is an input type that accepts OidcKeyMap and OidcKeyMapOutput values. You can construct a concrete instance of `OidcKeyMapInput` via:
OidcKeyMap{ "key": OidcKeyArgs{...} }
type OidcKeyMapOutput ¶
type OidcKeyMapOutput struct{ *pulumi.OutputState }
func (OidcKeyMapOutput) ElementType ¶
func (OidcKeyMapOutput) ElementType() reflect.Type
func (OidcKeyMapOutput) MapIndex ¶
func (o OidcKeyMapOutput) MapIndex(k pulumi.StringInput) OidcKeyOutput
func (OidcKeyMapOutput) ToOidcKeyMapOutput ¶
func (o OidcKeyMapOutput) ToOidcKeyMapOutput() OidcKeyMapOutput
func (OidcKeyMapOutput) ToOidcKeyMapOutputWithContext ¶
func (o OidcKeyMapOutput) ToOidcKeyMapOutputWithContext(ctx context.Context) OidcKeyMapOutput
type OidcKeyOutput ¶
type OidcKeyOutput struct{ *pulumi.OutputState }
func (OidcKeyOutput) Algorithm ¶
func (o OidcKeyOutput) Algorithm() pulumi.StringPtrOutput
Signing algorithm to use. Signing algorithm to use. Allowed values are: RS256 (default), RS384, RS512, ES256, ES384, ES512, EdDSA.
func (OidcKeyOutput) AllowedClientIds ¶
func (o OidcKeyOutput) AllowedClientIds() pulumi.StringArrayOutput
Array of role client ID allowed to use this key for signing. If empty, no roles are allowed. If `["*"]`, all roles are allowed.
func (OidcKeyOutput) ElementType ¶
func (OidcKeyOutput) ElementType() reflect.Type
func (OidcKeyOutput) Name ¶
func (o OidcKeyOutput) Name() pulumi.StringOutput
Name of the OIDC Key to create.
func (OidcKeyOutput) Namespace ¶
func (o OidcKeyOutput) Namespace() pulumi.StringPtrOutput
The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). *Available only for Vault Enterprise*.
func (OidcKeyOutput) RotationPeriod ¶
func (o OidcKeyOutput) RotationPeriod() pulumi.IntPtrOutput
How often to generate a new signing key in number of seconds
func (OidcKeyOutput) ToOidcKeyOutput ¶
func (o OidcKeyOutput) ToOidcKeyOutput() OidcKeyOutput
func (OidcKeyOutput) ToOidcKeyOutputWithContext ¶
func (o OidcKeyOutput) ToOidcKeyOutputWithContext(ctx context.Context) OidcKeyOutput
func (OidcKeyOutput) VerificationTtl ¶
func (o OidcKeyOutput) VerificationTtl() pulumi.IntPtrOutput
"Controls how long the public portion of a signing key will be available for verification after being rotated in seconds.
type OidcKeyState ¶
type OidcKeyState struct { // Signing algorithm to use. Signing algorithm to use. // Allowed values are: RS256 (default), RS384, RS512, ES256, ES384, ES512, EdDSA. Algorithm pulumi.StringPtrInput // Array of role client ID allowed to use this key for signing. If // empty, no roles are allowed. If `["*"]`, all roles are allowed. AllowedClientIds pulumi.StringArrayInput // Name of the OIDC Key to create. Name pulumi.StringPtrInput // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrInput // How often to generate a new signing key in number of seconds RotationPeriod pulumi.IntPtrInput // "Controls how long the public portion of a signing key will be // available for verification after being rotated in seconds. VerificationTtl pulumi.IntPtrInput }
func (OidcKeyState) ElementType ¶
func (OidcKeyState) ElementType() reflect.Type
type OidcMap ¶
func (OidcMap) ElementType ¶
func (OidcMap) ToOidcMapOutput ¶
func (i OidcMap) ToOidcMapOutput() OidcMapOutput
func (OidcMap) ToOidcMapOutputWithContext ¶
func (i OidcMap) ToOidcMapOutputWithContext(ctx context.Context) OidcMapOutput
type OidcMapInput ¶
type OidcMapInput interface { pulumi.Input ToOidcMapOutput() OidcMapOutput ToOidcMapOutputWithContext(context.Context) OidcMapOutput }
OidcMapInput is an input type that accepts OidcMap and OidcMapOutput values. You can construct a concrete instance of `OidcMapInput` via:
OidcMap{ "key": OidcArgs{...} }
type OidcMapOutput ¶
type OidcMapOutput struct{ *pulumi.OutputState }
func (OidcMapOutput) ElementType ¶
func (OidcMapOutput) ElementType() reflect.Type
func (OidcMapOutput) MapIndex ¶
func (o OidcMapOutput) MapIndex(k pulumi.StringInput) OidcOutput
func (OidcMapOutput) ToOidcMapOutput ¶
func (o OidcMapOutput) ToOidcMapOutput() OidcMapOutput
func (OidcMapOutput) ToOidcMapOutputWithContext ¶
func (o OidcMapOutput) ToOidcMapOutputWithContext(ctx context.Context) OidcMapOutput
type OidcOutput ¶
type OidcOutput struct{ *pulumi.OutputState }
func (OidcOutput) ElementType ¶
func (OidcOutput) ElementType() reflect.Type
func (OidcOutput) Issuer ¶
func (o OidcOutput) Issuer() pulumi.StringOutput
Issuer URL to be used in the iss claim of the token. If not set, Vault's `apiAddr` will be used. The issuer is a case sensitive URL using the https scheme that contains scheme, host, and optionally, port number and path components, but no query or fragment components.
func (OidcOutput) Namespace ¶
func (o OidcOutput) Namespace() pulumi.StringPtrOutput
The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). *Available only for Vault Enterprise*.
func (OidcOutput) ToOidcOutput ¶
func (o OidcOutput) ToOidcOutput() OidcOutput
func (OidcOutput) ToOidcOutputWithContext ¶
func (o OidcOutput) ToOidcOutputWithContext(ctx context.Context) OidcOutput
type OidcProvider ¶
type OidcProvider struct { pulumi.CustomResourceState // The client IDs that are permitted to use the provider. // If empty, no clients are allowed. If `*`, all clients are allowed. AllowedClientIds pulumi.StringArrayOutput `pulumi:"allowedClientIds"` // Set to true if the issuer endpoint uses HTTPS. HttpsEnabled pulumi.BoolPtrOutput `pulumi:"httpsEnabled"` // Specifies what will be used as the `scheme://host:port` // component for the `iss` claim of ID tokens. This value is computed using the // `issuerHost` and `httpsEnabled` fields. Issuer pulumi.StringOutput `pulumi:"issuer"` // The host for the issuer. Can be either host or host:port. IssuerHost pulumi.StringPtrOutput `pulumi:"issuerHost"` // The name of the provider. Name pulumi.StringOutput `pulumi:"name"` // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrOutput `pulumi:"namespace"` // The scopes available for requesting on the provider. ScopesSupporteds pulumi.StringArrayOutput `pulumi:"scopesSupporteds"` }
Manages OIDC Providers in a Vault server. See the [Vault documentation](https://www.vaultproject.io/api-docs/secret/identity/oidc-provider#create-or-update-an-assignment) for more information.
## Example Usage
<!--Start PulumiCodeChooser --> ```go package main
import (
"encoding/json" "github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { testOidcKey, err := identity.NewOidcKey(ctx, "testOidcKey", &identity.OidcKeyArgs{ AllowedClientIds: pulumi.StringArray{ pulumi.String("*"), }, RotationPeriod: pulumi.Int(3600), VerificationTtl: pulumi.Int(3600), }) if err != nil { return err } testOidcAssignment, err := identity.NewOidcAssignment(ctx, "testOidcAssignment", &identity.OidcAssignmentArgs{ EntityIds: pulumi.StringArray{ pulumi.String("fake-ascbascas-2231a-sdfaa"), }, GroupIds: pulumi.StringArray{ pulumi.String("fake-sajkdsad-32414-sfsada"), }, }) if err != nil { return err } testOidcClient, err := identity.NewOidcClient(ctx, "testOidcClient", &identity.OidcClientArgs{ Key: testOidcKey.Name, RedirectUris: pulumi.StringArray{ pulumi.String("http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback"), pulumi.String("http://127.0.0.1:8251/callback"), pulumi.String("http://127.0.0.1:8080/callback"), }, Assignments: pulumi.StringArray{ testOidcAssignment.Name, }, IdTokenTtl: pulumi.Int(2400), AccessTokenTtl: pulumi.Int(7200), }) if err != nil { return err } tmpJSON0, err := json.Marshal(map[string]interface{}{ "groups": "{{identity.entity.groups.names}}", }) if err != nil { return err } json0 := string(tmpJSON0) testOidcScope, err := identity.NewOidcScope(ctx, "testOidcScope", &identity.OidcScopeArgs{ Template: pulumi.String(json0), Description: pulumi.String("Groups scope."), }) if err != nil { return err } _, err = identity.NewOidcProvider(ctx, "testOidcProvider", &identity.OidcProviderArgs{ HttpsEnabled: pulumi.Bool(false), IssuerHost: pulumi.String("127.0.0.1:8200"), AllowedClientIds: pulumi.StringArray{ testOidcClient.ClientId, }, ScopesSupporteds: pulumi.StringArray{ testOidcScope.Name, }, }) if err != nil { return err } return nil }) }
``` <!--End PulumiCodeChooser -->
## Import
OIDC Providers can be imported using the `name`, e.g.
```sh $ pulumi import vault:identity/oidcProvider:OidcProvider test my-provider ```
func GetOidcProvider ¶
func GetOidcProvider(ctx *pulumi.Context, name string, id pulumi.IDInput, state *OidcProviderState, opts ...pulumi.ResourceOption) (*OidcProvider, error)
GetOidcProvider gets an existing OidcProvider resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewOidcProvider ¶
func NewOidcProvider(ctx *pulumi.Context, name string, args *OidcProviderArgs, opts ...pulumi.ResourceOption) (*OidcProvider, error)
NewOidcProvider registers a new resource with the given unique name, arguments, and options.
func (*OidcProvider) ElementType ¶
func (*OidcProvider) ElementType() reflect.Type
func (*OidcProvider) ToOidcProviderOutput ¶
func (i *OidcProvider) ToOidcProviderOutput() OidcProviderOutput
func (*OidcProvider) ToOidcProviderOutputWithContext ¶
func (i *OidcProvider) ToOidcProviderOutputWithContext(ctx context.Context) OidcProviderOutput
type OidcProviderArgs ¶
type OidcProviderArgs struct { // The client IDs that are permitted to use the provider. // If empty, no clients are allowed. If `*`, all clients are allowed. AllowedClientIds pulumi.StringArrayInput // Set to true if the issuer endpoint uses HTTPS. HttpsEnabled pulumi.BoolPtrInput // The host for the issuer. Can be either host or host:port. IssuerHost pulumi.StringPtrInput // The name of the provider. Name pulumi.StringPtrInput // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrInput // The scopes available for requesting on the provider. ScopesSupporteds pulumi.StringArrayInput }
The set of arguments for constructing a OidcProvider resource.
func (OidcProviderArgs) ElementType ¶
func (OidcProviderArgs) ElementType() reflect.Type
type OidcProviderArray ¶
type OidcProviderArray []OidcProviderInput
func (OidcProviderArray) ElementType ¶
func (OidcProviderArray) ElementType() reflect.Type
func (OidcProviderArray) ToOidcProviderArrayOutput ¶
func (i OidcProviderArray) ToOidcProviderArrayOutput() OidcProviderArrayOutput
func (OidcProviderArray) ToOidcProviderArrayOutputWithContext ¶
func (i OidcProviderArray) ToOidcProviderArrayOutputWithContext(ctx context.Context) OidcProviderArrayOutput
type OidcProviderArrayInput ¶
type OidcProviderArrayInput interface { pulumi.Input ToOidcProviderArrayOutput() OidcProviderArrayOutput ToOidcProviderArrayOutputWithContext(context.Context) OidcProviderArrayOutput }
OidcProviderArrayInput is an input type that accepts OidcProviderArray and OidcProviderArrayOutput values. You can construct a concrete instance of `OidcProviderArrayInput` via:
OidcProviderArray{ OidcProviderArgs{...} }
type OidcProviderArrayOutput ¶
type OidcProviderArrayOutput struct{ *pulumi.OutputState }
func (OidcProviderArrayOutput) ElementType ¶
func (OidcProviderArrayOutput) ElementType() reflect.Type
func (OidcProviderArrayOutput) Index ¶
func (o OidcProviderArrayOutput) Index(i pulumi.IntInput) OidcProviderOutput
func (OidcProviderArrayOutput) ToOidcProviderArrayOutput ¶
func (o OidcProviderArrayOutput) ToOidcProviderArrayOutput() OidcProviderArrayOutput
func (OidcProviderArrayOutput) ToOidcProviderArrayOutputWithContext ¶
func (o OidcProviderArrayOutput) ToOidcProviderArrayOutputWithContext(ctx context.Context) OidcProviderArrayOutput
type OidcProviderInput ¶
type OidcProviderInput interface { pulumi.Input ToOidcProviderOutput() OidcProviderOutput ToOidcProviderOutputWithContext(ctx context.Context) OidcProviderOutput }
type OidcProviderMap ¶
type OidcProviderMap map[string]OidcProviderInput
func (OidcProviderMap) ElementType ¶
func (OidcProviderMap) ElementType() reflect.Type
func (OidcProviderMap) ToOidcProviderMapOutput ¶
func (i OidcProviderMap) ToOidcProviderMapOutput() OidcProviderMapOutput
func (OidcProviderMap) ToOidcProviderMapOutputWithContext ¶
func (i OidcProviderMap) ToOidcProviderMapOutputWithContext(ctx context.Context) OidcProviderMapOutput
type OidcProviderMapInput ¶
type OidcProviderMapInput interface { pulumi.Input ToOidcProviderMapOutput() OidcProviderMapOutput ToOidcProviderMapOutputWithContext(context.Context) OidcProviderMapOutput }
OidcProviderMapInput is an input type that accepts OidcProviderMap and OidcProviderMapOutput values. You can construct a concrete instance of `OidcProviderMapInput` via:
OidcProviderMap{ "key": OidcProviderArgs{...} }
type OidcProviderMapOutput ¶
type OidcProviderMapOutput struct{ *pulumi.OutputState }
func (OidcProviderMapOutput) ElementType ¶
func (OidcProviderMapOutput) ElementType() reflect.Type
func (OidcProviderMapOutput) MapIndex ¶
func (o OidcProviderMapOutput) MapIndex(k pulumi.StringInput) OidcProviderOutput
func (OidcProviderMapOutput) ToOidcProviderMapOutput ¶
func (o OidcProviderMapOutput) ToOidcProviderMapOutput() OidcProviderMapOutput
func (OidcProviderMapOutput) ToOidcProviderMapOutputWithContext ¶
func (o OidcProviderMapOutput) ToOidcProviderMapOutputWithContext(ctx context.Context) OidcProviderMapOutput
type OidcProviderOutput ¶
type OidcProviderOutput struct{ *pulumi.OutputState }
func (OidcProviderOutput) AllowedClientIds ¶
func (o OidcProviderOutput) AllowedClientIds() pulumi.StringArrayOutput
The client IDs that are permitted to use the provider. If empty, no clients are allowed. If `*`, all clients are allowed.
func (OidcProviderOutput) ElementType ¶
func (OidcProviderOutput) ElementType() reflect.Type
func (OidcProviderOutput) HttpsEnabled ¶
func (o OidcProviderOutput) HttpsEnabled() pulumi.BoolPtrOutput
Set to true if the issuer endpoint uses HTTPS.
func (OidcProviderOutput) Issuer ¶
func (o OidcProviderOutput) Issuer() pulumi.StringOutput
Specifies what will be used as the `scheme://host:port` component for the `iss` claim of ID tokens. This value is computed using the `issuerHost` and `httpsEnabled` fields.
func (OidcProviderOutput) IssuerHost ¶
func (o OidcProviderOutput) IssuerHost() pulumi.StringPtrOutput
The host for the issuer. Can be either host or host:port.
func (OidcProviderOutput) Name ¶
func (o OidcProviderOutput) Name() pulumi.StringOutput
The name of the provider.
func (OidcProviderOutput) Namespace ¶
func (o OidcProviderOutput) Namespace() pulumi.StringPtrOutput
The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). *Available only for Vault Enterprise*.
func (OidcProviderOutput) ScopesSupporteds ¶
func (o OidcProviderOutput) ScopesSupporteds() pulumi.StringArrayOutput
The scopes available for requesting on the provider.
func (OidcProviderOutput) ToOidcProviderOutput ¶
func (o OidcProviderOutput) ToOidcProviderOutput() OidcProviderOutput
func (OidcProviderOutput) ToOidcProviderOutputWithContext ¶
func (o OidcProviderOutput) ToOidcProviderOutputWithContext(ctx context.Context) OidcProviderOutput
type OidcProviderState ¶
type OidcProviderState struct { // The client IDs that are permitted to use the provider. // If empty, no clients are allowed. If `*`, all clients are allowed. AllowedClientIds pulumi.StringArrayInput // Set to true if the issuer endpoint uses HTTPS. HttpsEnabled pulumi.BoolPtrInput // Specifies what will be used as the `scheme://host:port` // component for the `iss` claim of ID tokens. This value is computed using the // `issuerHost` and `httpsEnabled` fields. Issuer pulumi.StringPtrInput // The host for the issuer. Can be either host or host:port. IssuerHost pulumi.StringPtrInput // The name of the provider. Name pulumi.StringPtrInput // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrInput // The scopes available for requesting on the provider. ScopesSupporteds pulumi.StringArrayInput }
func (OidcProviderState) ElementType ¶
func (OidcProviderState) ElementType() reflect.Type
type OidcRole ¶
type OidcRole struct { pulumi.CustomResourceState // The value that will be included in the `aud` field of all the OIDC identity // tokens issued by this role ClientId pulumi.StringOutput `pulumi:"clientId"` // A configured named key, the key must already exist // before tokens can be issued. Key pulumi.StringOutput `pulumi:"key"` // Name of the OIDC Role to create. Name pulumi.StringOutput `pulumi:"name"` // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrOutput `pulumi:"namespace"` // The template string to use for generating tokens. This may be in // string-ified JSON or base64 format. See the // [documentation](https://www.vaultproject.io/docs/secrets/identity/index.html#token-contents-and-templates) // for the template format. Template pulumi.StringPtrOutput `pulumi:"template"` // TTL of the tokens generated against the role in number of seconds. Ttl pulumi.IntPtrOutput `pulumi:"ttl"` }
## Example Usage
You need to create a role with a named key. At creation time, the key can be created independently of the role. However, the key must exist before the role can be used to issue tokens. You must also configure the key with the role's Client ID to allow the role to use the key.
<!--Start PulumiCodeChooser --> ```go package main
import (
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" "github.com/pulumi/pulumi/sdk/v3/go/pulumi/config"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { cfg := config.New(ctx, "") key := "key" if param := cfg.Get("key"); param != "" { key = param } role, err := identity.NewOidcRole(ctx, "role", &identity.OidcRoleArgs{ Key: pulumi.String(key), }) if err != nil { return err } _, err = identity.NewOidcKey(ctx, "keyOidcKey", &identity.OidcKeyArgs{ Algorithm: pulumi.String("RS256"), AllowedClientIds: pulumi.StringArray{ role.ClientId, }, }) if err != nil { return err } return nil }) }
``` <!--End PulumiCodeChooser -->
If you want to create the key first before creating the role, you can use a separate resource to configure the allowed Client ID on the key.
<!--Start PulumiCodeChooser --> ```go package main
import (
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { key, err := identity.NewOidcKey(ctx, "key", &identity.OidcKeyArgs{ Algorithm: pulumi.String("RS256"), }) if err != nil { return err } roleOidcRole, err := identity.NewOidcRole(ctx, "roleOidcRole", &identity.OidcRoleArgs{ Key: key.Name, }) if err != nil { return err } _, err = identity.NewOidcKeyAllowedClientID(ctx, "roleOidcKeyAllowedClientID", &identity.OidcKeyAllowedClientIDArgs{ KeyName: key.Name, AllowedClientId: roleOidcRole.ClientId, }) if err != nil { return err } return nil }) }
``` <!--End PulumiCodeChooser -->
## Import
The key can be imported with the role name, for example:
```sh $ pulumi import vault:identity/oidcRole:OidcRole role role ```
func GetOidcRole ¶
func GetOidcRole(ctx *pulumi.Context, name string, id pulumi.IDInput, state *OidcRoleState, opts ...pulumi.ResourceOption) (*OidcRole, error)
GetOidcRole gets an existing OidcRole resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewOidcRole ¶
func NewOidcRole(ctx *pulumi.Context, name string, args *OidcRoleArgs, opts ...pulumi.ResourceOption) (*OidcRole, error)
NewOidcRole registers a new resource with the given unique name, arguments, and options.
func (*OidcRole) ElementType ¶
func (*OidcRole) ToOidcRoleOutput ¶
func (i *OidcRole) ToOidcRoleOutput() OidcRoleOutput
func (*OidcRole) ToOidcRoleOutputWithContext ¶
func (i *OidcRole) ToOidcRoleOutputWithContext(ctx context.Context) OidcRoleOutput
type OidcRoleArgs ¶
type OidcRoleArgs struct { // The value that will be included in the `aud` field of all the OIDC identity // tokens issued by this role ClientId pulumi.StringPtrInput // A configured named key, the key must already exist // before tokens can be issued. Key pulumi.StringInput // Name of the OIDC Role to create. Name pulumi.StringPtrInput // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrInput // The template string to use for generating tokens. This may be in // string-ified JSON or base64 format. See the // [documentation](https://www.vaultproject.io/docs/secrets/identity/index.html#token-contents-and-templates) // for the template format. Template pulumi.StringPtrInput // TTL of the tokens generated against the role in number of seconds. Ttl pulumi.IntPtrInput }
The set of arguments for constructing a OidcRole resource.
func (OidcRoleArgs) ElementType ¶
func (OidcRoleArgs) ElementType() reflect.Type
type OidcRoleArray ¶
type OidcRoleArray []OidcRoleInput
func (OidcRoleArray) ElementType ¶
func (OidcRoleArray) ElementType() reflect.Type
func (OidcRoleArray) ToOidcRoleArrayOutput ¶
func (i OidcRoleArray) ToOidcRoleArrayOutput() OidcRoleArrayOutput
func (OidcRoleArray) ToOidcRoleArrayOutputWithContext ¶
func (i OidcRoleArray) ToOidcRoleArrayOutputWithContext(ctx context.Context) OidcRoleArrayOutput
type OidcRoleArrayInput ¶
type OidcRoleArrayInput interface { pulumi.Input ToOidcRoleArrayOutput() OidcRoleArrayOutput ToOidcRoleArrayOutputWithContext(context.Context) OidcRoleArrayOutput }
OidcRoleArrayInput is an input type that accepts OidcRoleArray and OidcRoleArrayOutput values. You can construct a concrete instance of `OidcRoleArrayInput` via:
OidcRoleArray{ OidcRoleArgs{...} }
type OidcRoleArrayOutput ¶
type OidcRoleArrayOutput struct{ *pulumi.OutputState }
func (OidcRoleArrayOutput) ElementType ¶
func (OidcRoleArrayOutput) ElementType() reflect.Type
func (OidcRoleArrayOutput) Index ¶
func (o OidcRoleArrayOutput) Index(i pulumi.IntInput) OidcRoleOutput
func (OidcRoleArrayOutput) ToOidcRoleArrayOutput ¶
func (o OidcRoleArrayOutput) ToOidcRoleArrayOutput() OidcRoleArrayOutput
func (OidcRoleArrayOutput) ToOidcRoleArrayOutputWithContext ¶
func (o OidcRoleArrayOutput) ToOidcRoleArrayOutputWithContext(ctx context.Context) OidcRoleArrayOutput
type OidcRoleInput ¶
type OidcRoleInput interface { pulumi.Input ToOidcRoleOutput() OidcRoleOutput ToOidcRoleOutputWithContext(ctx context.Context) OidcRoleOutput }
type OidcRoleMap ¶
type OidcRoleMap map[string]OidcRoleInput
func (OidcRoleMap) ElementType ¶
func (OidcRoleMap) ElementType() reflect.Type
func (OidcRoleMap) ToOidcRoleMapOutput ¶
func (i OidcRoleMap) ToOidcRoleMapOutput() OidcRoleMapOutput
func (OidcRoleMap) ToOidcRoleMapOutputWithContext ¶
func (i OidcRoleMap) ToOidcRoleMapOutputWithContext(ctx context.Context) OidcRoleMapOutput
type OidcRoleMapInput ¶
type OidcRoleMapInput interface { pulumi.Input ToOidcRoleMapOutput() OidcRoleMapOutput ToOidcRoleMapOutputWithContext(context.Context) OidcRoleMapOutput }
OidcRoleMapInput is an input type that accepts OidcRoleMap and OidcRoleMapOutput values. You can construct a concrete instance of `OidcRoleMapInput` via:
OidcRoleMap{ "key": OidcRoleArgs{...} }
type OidcRoleMapOutput ¶
type OidcRoleMapOutput struct{ *pulumi.OutputState }
func (OidcRoleMapOutput) ElementType ¶
func (OidcRoleMapOutput) ElementType() reflect.Type
func (OidcRoleMapOutput) MapIndex ¶
func (o OidcRoleMapOutput) MapIndex(k pulumi.StringInput) OidcRoleOutput
func (OidcRoleMapOutput) ToOidcRoleMapOutput ¶
func (o OidcRoleMapOutput) ToOidcRoleMapOutput() OidcRoleMapOutput
func (OidcRoleMapOutput) ToOidcRoleMapOutputWithContext ¶
func (o OidcRoleMapOutput) ToOidcRoleMapOutputWithContext(ctx context.Context) OidcRoleMapOutput
type OidcRoleOutput ¶
type OidcRoleOutput struct{ *pulumi.OutputState }
func (OidcRoleOutput) ClientId ¶
func (o OidcRoleOutput) ClientId() pulumi.StringOutput
The value that will be included in the `aud` field of all the OIDC identity tokens issued by this role
func (OidcRoleOutput) ElementType ¶
func (OidcRoleOutput) ElementType() reflect.Type
func (OidcRoleOutput) Key ¶
func (o OidcRoleOutput) Key() pulumi.StringOutput
A configured named key, the key must already exist before tokens can be issued.
func (OidcRoleOutput) Name ¶
func (o OidcRoleOutput) Name() pulumi.StringOutput
Name of the OIDC Role to create.
func (OidcRoleOutput) Namespace ¶
func (o OidcRoleOutput) Namespace() pulumi.StringPtrOutput
The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). *Available only for Vault Enterprise*.
func (OidcRoleOutput) Template ¶
func (o OidcRoleOutput) Template() pulumi.StringPtrOutput
The template string to use for generating tokens. This may be in string-ified JSON or base64 format. See the [documentation](https://www.vaultproject.io/docs/secrets/identity/index.html#token-contents-and-templates) for the template format.
func (OidcRoleOutput) ToOidcRoleOutput ¶
func (o OidcRoleOutput) ToOidcRoleOutput() OidcRoleOutput
func (OidcRoleOutput) ToOidcRoleOutputWithContext ¶
func (o OidcRoleOutput) ToOidcRoleOutputWithContext(ctx context.Context) OidcRoleOutput
func (OidcRoleOutput) Ttl ¶
func (o OidcRoleOutput) Ttl() pulumi.IntPtrOutput
TTL of the tokens generated against the role in number of seconds.
type OidcRoleState ¶
type OidcRoleState struct { // The value that will be included in the `aud` field of all the OIDC identity // tokens issued by this role ClientId pulumi.StringPtrInput // A configured named key, the key must already exist // before tokens can be issued. Key pulumi.StringPtrInput // Name of the OIDC Role to create. Name pulumi.StringPtrInput // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrInput // The template string to use for generating tokens. This may be in // string-ified JSON or base64 format. See the // [documentation](https://www.vaultproject.io/docs/secrets/identity/index.html#token-contents-and-templates) // for the template format. Template pulumi.StringPtrInput // TTL of the tokens generated against the role in number of seconds. Ttl pulumi.IntPtrInput }
func (OidcRoleState) ElementType ¶
func (OidcRoleState) ElementType() reflect.Type
type OidcScope ¶
type OidcScope struct { pulumi.CustomResourceState // A description of the scope. Description pulumi.StringPtrOutput `pulumi:"description"` // The name of the scope. The `openid` scope name is reserved. Name pulumi.StringOutput `pulumi:"name"` // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrOutput `pulumi:"namespace"` // The template string for the scope. This may be provided as escaped JSON or base64 encoded JSON. Template pulumi.StringPtrOutput `pulumi:"template"` }
Manages OIDC Scopes in a Vault server. See the [Vault documentation](https://www.vaultproject.io/api-docs/secret/identity/oidc-provider#create-or-update-a-scope) for more information.
## Example Usage
<!--Start PulumiCodeChooser --> ```go package main
import (
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/identity" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := identity.NewOidcScope(ctx, "groups", &identity.OidcScopeArgs{ Description: pulumi.String("Vault OIDC Groups Scope"), Template: pulumi.String("{\"groups\":{{identity.entity.groups.names}}}"), }) if err != nil { return err } return nil }) }
``` <!--End PulumiCodeChooser -->
## Import
OIDC Scopes can be imported using the `name`, e.g.
```sh $ pulumi import vault:identity/oidcScope:OidcScope groups groups ```
func GetOidcScope ¶
func GetOidcScope(ctx *pulumi.Context, name string, id pulumi.IDInput, state *OidcScopeState, opts ...pulumi.ResourceOption) (*OidcScope, error)
GetOidcScope gets an existing OidcScope resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewOidcScope ¶
func NewOidcScope(ctx *pulumi.Context, name string, args *OidcScopeArgs, opts ...pulumi.ResourceOption) (*OidcScope, error)
NewOidcScope registers a new resource with the given unique name, arguments, and options.
func (*OidcScope) ElementType ¶
func (*OidcScope) ToOidcScopeOutput ¶
func (i *OidcScope) ToOidcScopeOutput() OidcScopeOutput
func (*OidcScope) ToOidcScopeOutputWithContext ¶
func (i *OidcScope) ToOidcScopeOutputWithContext(ctx context.Context) OidcScopeOutput
type OidcScopeArgs ¶
type OidcScopeArgs struct { // A description of the scope. Description pulumi.StringPtrInput // The name of the scope. The `openid` scope name is reserved. Name pulumi.StringPtrInput // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrInput // The template string for the scope. This may be provided as escaped JSON or base64 encoded JSON. Template pulumi.StringPtrInput }
The set of arguments for constructing a OidcScope resource.
func (OidcScopeArgs) ElementType ¶
func (OidcScopeArgs) ElementType() reflect.Type
type OidcScopeArray ¶
type OidcScopeArray []OidcScopeInput
func (OidcScopeArray) ElementType ¶
func (OidcScopeArray) ElementType() reflect.Type
func (OidcScopeArray) ToOidcScopeArrayOutput ¶
func (i OidcScopeArray) ToOidcScopeArrayOutput() OidcScopeArrayOutput
func (OidcScopeArray) ToOidcScopeArrayOutputWithContext ¶
func (i OidcScopeArray) ToOidcScopeArrayOutputWithContext(ctx context.Context) OidcScopeArrayOutput
type OidcScopeArrayInput ¶
type OidcScopeArrayInput interface { pulumi.Input ToOidcScopeArrayOutput() OidcScopeArrayOutput ToOidcScopeArrayOutputWithContext(context.Context) OidcScopeArrayOutput }
OidcScopeArrayInput is an input type that accepts OidcScopeArray and OidcScopeArrayOutput values. You can construct a concrete instance of `OidcScopeArrayInput` via:
OidcScopeArray{ OidcScopeArgs{...} }
type OidcScopeArrayOutput ¶
type OidcScopeArrayOutput struct{ *pulumi.OutputState }
func (OidcScopeArrayOutput) ElementType ¶
func (OidcScopeArrayOutput) ElementType() reflect.Type
func (OidcScopeArrayOutput) Index ¶
func (o OidcScopeArrayOutput) Index(i pulumi.IntInput) OidcScopeOutput
func (OidcScopeArrayOutput) ToOidcScopeArrayOutput ¶
func (o OidcScopeArrayOutput) ToOidcScopeArrayOutput() OidcScopeArrayOutput
func (OidcScopeArrayOutput) ToOidcScopeArrayOutputWithContext ¶
func (o OidcScopeArrayOutput) ToOidcScopeArrayOutputWithContext(ctx context.Context) OidcScopeArrayOutput
type OidcScopeInput ¶
type OidcScopeInput interface { pulumi.Input ToOidcScopeOutput() OidcScopeOutput ToOidcScopeOutputWithContext(ctx context.Context) OidcScopeOutput }
type OidcScopeMap ¶
type OidcScopeMap map[string]OidcScopeInput
func (OidcScopeMap) ElementType ¶
func (OidcScopeMap) ElementType() reflect.Type
func (OidcScopeMap) ToOidcScopeMapOutput ¶
func (i OidcScopeMap) ToOidcScopeMapOutput() OidcScopeMapOutput
func (OidcScopeMap) ToOidcScopeMapOutputWithContext ¶
func (i OidcScopeMap) ToOidcScopeMapOutputWithContext(ctx context.Context) OidcScopeMapOutput
type OidcScopeMapInput ¶
type OidcScopeMapInput interface { pulumi.Input ToOidcScopeMapOutput() OidcScopeMapOutput ToOidcScopeMapOutputWithContext(context.Context) OidcScopeMapOutput }
OidcScopeMapInput is an input type that accepts OidcScopeMap and OidcScopeMapOutput values. You can construct a concrete instance of `OidcScopeMapInput` via:
OidcScopeMap{ "key": OidcScopeArgs{...} }
type OidcScopeMapOutput ¶
type OidcScopeMapOutput struct{ *pulumi.OutputState }
func (OidcScopeMapOutput) ElementType ¶
func (OidcScopeMapOutput) ElementType() reflect.Type
func (OidcScopeMapOutput) MapIndex ¶
func (o OidcScopeMapOutput) MapIndex(k pulumi.StringInput) OidcScopeOutput
func (OidcScopeMapOutput) ToOidcScopeMapOutput ¶
func (o OidcScopeMapOutput) ToOidcScopeMapOutput() OidcScopeMapOutput
func (OidcScopeMapOutput) ToOidcScopeMapOutputWithContext ¶
func (o OidcScopeMapOutput) ToOidcScopeMapOutputWithContext(ctx context.Context) OidcScopeMapOutput
type OidcScopeOutput ¶
type OidcScopeOutput struct{ *pulumi.OutputState }
func (OidcScopeOutput) Description ¶
func (o OidcScopeOutput) Description() pulumi.StringPtrOutput
A description of the scope.
func (OidcScopeOutput) ElementType ¶
func (OidcScopeOutput) ElementType() reflect.Type
func (OidcScopeOutput) Name ¶
func (o OidcScopeOutput) Name() pulumi.StringOutput
The name of the scope. The `openid` scope name is reserved.
func (OidcScopeOutput) Namespace ¶
func (o OidcScopeOutput) Namespace() pulumi.StringPtrOutput
The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). *Available only for Vault Enterprise*.
func (OidcScopeOutput) Template ¶
func (o OidcScopeOutput) Template() pulumi.StringPtrOutput
The template string for the scope. This may be provided as escaped JSON or base64 encoded JSON.
func (OidcScopeOutput) ToOidcScopeOutput ¶
func (o OidcScopeOutput) ToOidcScopeOutput() OidcScopeOutput
func (OidcScopeOutput) ToOidcScopeOutputWithContext ¶
func (o OidcScopeOutput) ToOidcScopeOutputWithContext(ctx context.Context) OidcScopeOutput
type OidcScopeState ¶
type OidcScopeState struct { // A description of the scope. Description pulumi.StringPtrInput // The name of the scope. The `openid` scope name is reserved. Name pulumi.StringPtrInput // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrInput // The template string for the scope. This may be provided as escaped JSON or base64 encoded JSON. Template pulumi.StringPtrInput }
func (OidcScopeState) ElementType ¶
func (OidcScopeState) ElementType() reflect.Type
type OidcState ¶
type OidcState struct { // Issuer URL to be used in the iss claim of the token. If not set, Vault's // `apiAddr` will be used. The issuer is a case sensitive URL using the https scheme that contains // scheme, host, and optionally, port number and path components, but no query or fragment // components. Issuer pulumi.StringPtrInput // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrInput }
func (OidcState) ElementType ¶
Source Files ¶
- entity.go
- entityAlias.go
- entityPolicies.go
- getEntity.go
- getGroup.go
- getOidcClientCreds.go
- getOidcOpenidConfig.go
- getOidcPublicKeys.go
- group.go
- groupAlias.go
- groupMemberEntityIds.go
- groupMemberGroupIds.go
- groupPolicies.go
- init.go
- mfaDuo.go
- mfaLoginEnforcement.go
- mfaOkta.go
- mfaPingid.go
- mfaTotp.go
- oidc.go
- oidcAssignment.go
- oidcClient.go
- oidcKey.go
- oidcKeyAllowedClientID.go
- oidcProvider.go
- oidcRole.go
- oidcScope.go
- pulumiTypes.go