com.pulumi.mongodbatlas.LdapConfigurationArgs Maven / Gradle / Ivy
// *** WARNING: this file was generated by pulumi-java-gen. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
package com.pulumi.mongodbatlas;
import com.pulumi.core.Output;
import com.pulumi.core.annotations.Import;
import com.pulumi.exceptions.MissingRequiredPropertyException;
import com.pulumi.mongodbatlas.inputs.LdapConfigurationUserToDnMappingArgs;
import java.lang.Boolean;
import java.lang.Integer;
import java.lang.String;
import java.util.List;
import java.util.Objects;
import java.util.Optional;
import javax.annotation.Nullable;
public final class LdapConfigurationArgs extends com.pulumi.resources.ResourceArgs {
public static final LdapConfigurationArgs Empty = new LdapConfigurationArgs();
/**
* Specifies whether user authentication with LDAP is enabled.
*
*/
@Import(name="authenticationEnabled", required=true)
private Output authenticationEnabled;
/**
* @return Specifies whether user authentication with LDAP is enabled.
*
*/
public Output authenticationEnabled() {
return this.authenticationEnabled;
}
/**
* Specifies whether user authorization with LDAP is enabled. You cannot enable user authorization with LDAP without first enabling user authentication with LDAP.
*
*/
@Import(name="authorizationEnabled")
private @Nullable Output authorizationEnabled;
/**
* @return Specifies whether user authorization with LDAP is enabled. You cannot enable user authorization with LDAP without first enabling user authentication with LDAP.
*
*/
public Optional> authorizationEnabled() {
return Optional.ofNullable(this.authorizationEnabled);
}
/**
* An LDAP query template that Atlas executes to obtain the LDAP groups to which the authenticated user belongs. Used only for user authorization. Use the {USER} placeholder in the URL to substitute the authenticated username. The query is relative to the host specified with hostname. The formatting for the query must conform to RFC4515 and RFC 4516. If you do not provide a query template, Atlas attempts to use the default value: `{USER}?memberOf?base`.
*
*/
@Import(name="authzQueryTemplate")
private @Nullable Output authzQueryTemplate;
/**
* @return An LDAP query template that Atlas executes to obtain the LDAP groups to which the authenticated user belongs. Used only for user authorization. Use the {USER} placeholder in the URL to substitute the authenticated username. The query is relative to the host specified with hostname. The formatting for the query must conform to RFC4515 and RFC 4516. If you do not provide a query template, Atlas attempts to use the default value: `{USER}?memberOf?base`.
*
*/
public Optional> authzQueryTemplate() {
return Optional.ofNullable(this.authzQueryTemplate);
}
/**
* The password used to authenticate the `bind_username`.
*
*/
@Import(name="bindPassword", required=true)
private Output bindPassword;
/**
* @return The password used to authenticate the `bind_username`.
*
*/
public Output bindPassword() {
return this.bindPassword;
}
/**
* The user DN that Atlas uses to connect to the LDAP server. Must be the full DN, such as `CN=BindUser,CN=Users,DC=myldapserver,DC=mycompany,DC=com`.
*
*/
@Import(name="bindUsername", required=true)
private Output bindUsername;
/**
* @return The user DN that Atlas uses to connect to the LDAP server. Must be the full DN, such as `CN=BindUser,CN=Users,DC=myldapserver,DC=mycompany,DC=com`.
*
*/
public Output bindUsername() {
return this.bindUsername;
}
/**
* CA certificate used to verify the identify of the LDAP server. Self-signed certificates are allowed.
*
*/
@Import(name="caCertificate")
private @Nullable Output caCertificate;
/**
* @return CA certificate used to verify the identify of the LDAP server. Self-signed certificates are allowed.
*
*/
public Optional> caCertificate() {
return Optional.ofNullable(this.caCertificate);
}
/**
* The hostname or IP address of the LDAP server. The server must be visible to the internet or connected to your Atlas cluster with VPC Peering.
*
*/
@Import(name="hostname", required=true)
private Output hostname;
/**
* @return The hostname or IP address of the LDAP server. The server must be visible to the internet or connected to your Atlas cluster with VPC Peering.
*
*/
public Output hostname() {
return this.hostname;
}
/**
* The port to which the LDAP server listens for client connections. Default: `636`
*
*/
@Import(name="port")
private @Nullable Output port;
/**
* @return The port to which the LDAP server listens for client connections. Default: `636`
*
*/
public Optional> port() {
return Optional.ofNullable(this.port);
}
/**
* The unique ID for the project to configure LDAP.
*
*/
@Import(name="projectId", required=true)
private Output projectId;
/**
* @return The unique ID for the project to configure LDAP.
*
*/
public Output projectId() {
return this.projectId;
}
/**
* Maps an LDAP username for authentication to an LDAP Distinguished Name (DN). Each document contains a `match` regular expression and either a `substitution` or `ldap_query` template used to transform the LDAP username extracted from the regular expression. Atlas steps through the each document in the array in the given order, checking the authentication username against the `match` filter. If a match is found, Atlas applies the transformation and uses the output to authenticate the user. Atlas does not check the remaining documents in the array. For more details and examples see the [MongoDB Atlas API Reference](https://docs.atlas.mongodb.com/reference/api/ldaps-configuration-save/).
* * `user_to_dn_mapping.0.match` - (Optional) A regular expression to match against a provided LDAP username. Each parenthesis-enclosed section represents a regular expression capture group used by the `substitution` or `ldap_query` template.
* * `user_to_dn_mapping.0.substitution` - (Optional) An LDAP Distinguished Name (DN) formatting template that converts the LDAP name matched by the `match` regular expression into an LDAP Distinguished Name. Each bracket-enclosed numeric value is replaced by the corresponding regular expression capture group extracted from the LDAP username that matched the `match` regular expression.
* * `user_to_dn_mapping.0.ldap_query` - (Optional) An LDAP query formatting template that inserts the LDAP name matched by the `match` regular expression into an LDAP query URI as specified by RFC 4515 and RFC 4516. Each numeric value is replaced by the corresponding regular expression capture group extracted from the LDAP username that matched the `match` regular expression.
*
*/
@Import(name="userToDnMappings")
private @Nullable Output> userToDnMappings;
/**
* @return Maps an LDAP username for authentication to an LDAP Distinguished Name (DN). Each document contains a `match` regular expression and either a `substitution` or `ldap_query` template used to transform the LDAP username extracted from the regular expression. Atlas steps through the each document in the array in the given order, checking the authentication username against the `match` filter. If a match is found, Atlas applies the transformation and uses the output to authenticate the user. Atlas does not check the remaining documents in the array. For more details and examples see the [MongoDB Atlas API Reference](https://docs.atlas.mongodb.com/reference/api/ldaps-configuration-save/).
* * `user_to_dn_mapping.0.match` - (Optional) A regular expression to match against a provided LDAP username. Each parenthesis-enclosed section represents a regular expression capture group used by the `substitution` or `ldap_query` template.
* * `user_to_dn_mapping.0.substitution` - (Optional) An LDAP Distinguished Name (DN) formatting template that converts the LDAP name matched by the `match` regular expression into an LDAP Distinguished Name. Each bracket-enclosed numeric value is replaced by the corresponding regular expression capture group extracted from the LDAP username that matched the `match` regular expression.
* * `user_to_dn_mapping.0.ldap_query` - (Optional) An LDAP query formatting template that inserts the LDAP name matched by the `match` regular expression into an LDAP query URI as specified by RFC 4515 and RFC 4516. Each numeric value is replaced by the corresponding regular expression capture group extracted from the LDAP username that matched the `match` regular expression.
*
*/
public Optional>> userToDnMappings() {
return Optional.ofNullable(this.userToDnMappings);
}
private LdapConfigurationArgs() {}
private LdapConfigurationArgs(LdapConfigurationArgs $) {
this.authenticationEnabled = $.authenticationEnabled;
this.authorizationEnabled = $.authorizationEnabled;
this.authzQueryTemplate = $.authzQueryTemplate;
this.bindPassword = $.bindPassword;
this.bindUsername = $.bindUsername;
this.caCertificate = $.caCertificate;
this.hostname = $.hostname;
this.port = $.port;
this.projectId = $.projectId;
this.userToDnMappings = $.userToDnMappings;
}
public static Builder builder() {
return new Builder();
}
public static Builder builder(LdapConfigurationArgs defaults) {
return new Builder(defaults);
}
public static final class Builder {
private LdapConfigurationArgs $;
public Builder() {
$ = new LdapConfigurationArgs();
}
public Builder(LdapConfigurationArgs defaults) {
$ = new LdapConfigurationArgs(Objects.requireNonNull(defaults));
}
/**
* @param authenticationEnabled Specifies whether user authentication with LDAP is enabled.
*
* @return builder
*
*/
public Builder authenticationEnabled(Output authenticationEnabled) {
$.authenticationEnabled = authenticationEnabled;
return this;
}
/**
* @param authenticationEnabled Specifies whether user authentication with LDAP is enabled.
*
* @return builder
*
*/
public Builder authenticationEnabled(Boolean authenticationEnabled) {
return authenticationEnabled(Output.of(authenticationEnabled));
}
/**
* @param authorizationEnabled Specifies whether user authorization with LDAP is enabled. You cannot enable user authorization with LDAP without first enabling user authentication with LDAP.
*
* @return builder
*
*/
public Builder authorizationEnabled(@Nullable Output authorizationEnabled) {
$.authorizationEnabled = authorizationEnabled;
return this;
}
/**
* @param authorizationEnabled Specifies whether user authorization with LDAP is enabled. You cannot enable user authorization with LDAP without first enabling user authentication with LDAP.
*
* @return builder
*
*/
public Builder authorizationEnabled(Boolean authorizationEnabled) {
return authorizationEnabled(Output.of(authorizationEnabled));
}
/**
* @param authzQueryTemplate An LDAP query template that Atlas executes to obtain the LDAP groups to which the authenticated user belongs. Used only for user authorization. Use the {USER} placeholder in the URL to substitute the authenticated username. The query is relative to the host specified with hostname. The formatting for the query must conform to RFC4515 and RFC 4516. If you do not provide a query template, Atlas attempts to use the default value: `{USER}?memberOf?base`.
*
* @return builder
*
*/
public Builder authzQueryTemplate(@Nullable Output authzQueryTemplate) {
$.authzQueryTemplate = authzQueryTemplate;
return this;
}
/**
* @param authzQueryTemplate An LDAP query template that Atlas executes to obtain the LDAP groups to which the authenticated user belongs. Used only for user authorization. Use the {USER} placeholder in the URL to substitute the authenticated username. The query is relative to the host specified with hostname. The formatting for the query must conform to RFC4515 and RFC 4516. If you do not provide a query template, Atlas attempts to use the default value: `{USER}?memberOf?base`.
*
* @return builder
*
*/
public Builder authzQueryTemplate(String authzQueryTemplate) {
return authzQueryTemplate(Output.of(authzQueryTemplate));
}
/**
* @param bindPassword The password used to authenticate the `bind_username`.
*
* @return builder
*
*/
public Builder bindPassword(Output bindPassword) {
$.bindPassword = bindPassword;
return this;
}
/**
* @param bindPassword The password used to authenticate the `bind_username`.
*
* @return builder
*
*/
public Builder bindPassword(String bindPassword) {
return bindPassword(Output.of(bindPassword));
}
/**
* @param bindUsername The user DN that Atlas uses to connect to the LDAP server. Must be the full DN, such as `CN=BindUser,CN=Users,DC=myldapserver,DC=mycompany,DC=com`.
*
* @return builder
*
*/
public Builder bindUsername(Output bindUsername) {
$.bindUsername = bindUsername;
return this;
}
/**
* @param bindUsername The user DN that Atlas uses to connect to the LDAP server. Must be the full DN, such as `CN=BindUser,CN=Users,DC=myldapserver,DC=mycompany,DC=com`.
*
* @return builder
*
*/
public Builder bindUsername(String bindUsername) {
return bindUsername(Output.of(bindUsername));
}
/**
* @param caCertificate CA certificate used to verify the identify of the LDAP server. Self-signed certificates are allowed.
*
* @return builder
*
*/
public Builder caCertificate(@Nullable Output caCertificate) {
$.caCertificate = caCertificate;
return this;
}
/**
* @param caCertificate CA certificate used to verify the identify of the LDAP server. Self-signed certificates are allowed.
*
* @return builder
*
*/
public Builder caCertificate(String caCertificate) {
return caCertificate(Output.of(caCertificate));
}
/**
* @param hostname The hostname or IP address of the LDAP server. The server must be visible to the internet or connected to your Atlas cluster with VPC Peering.
*
* @return builder
*
*/
public Builder hostname(Output hostname) {
$.hostname = hostname;
return this;
}
/**
* @param hostname The hostname or IP address of the LDAP server. The server must be visible to the internet or connected to your Atlas cluster with VPC Peering.
*
* @return builder
*
*/
public Builder hostname(String hostname) {
return hostname(Output.of(hostname));
}
/**
* @param port The port to which the LDAP server listens for client connections. Default: `636`
*
* @return builder
*
*/
public Builder port(@Nullable Output port) {
$.port = port;
return this;
}
/**
* @param port The port to which the LDAP server listens for client connections. Default: `636`
*
* @return builder
*
*/
public Builder port(Integer port) {
return port(Output.of(port));
}
/**
* @param projectId The unique ID for the project to configure LDAP.
*
* @return builder
*
*/
public Builder projectId(Output projectId) {
$.projectId = projectId;
return this;
}
/**
* @param projectId The unique ID for the project to configure LDAP.
*
* @return builder
*
*/
public Builder projectId(String projectId) {
return projectId(Output.of(projectId));
}
/**
* @param userToDnMappings Maps an LDAP username for authentication to an LDAP Distinguished Name (DN). Each document contains a `match` regular expression and either a `substitution` or `ldap_query` template used to transform the LDAP username extracted from the regular expression. Atlas steps through the each document in the array in the given order, checking the authentication username against the `match` filter. If a match is found, Atlas applies the transformation and uses the output to authenticate the user. Atlas does not check the remaining documents in the array. For more details and examples see the [MongoDB Atlas API Reference](https://docs.atlas.mongodb.com/reference/api/ldaps-configuration-save/).
* * `user_to_dn_mapping.0.match` - (Optional) A regular expression to match against a provided LDAP username. Each parenthesis-enclosed section represents a regular expression capture group used by the `substitution` or `ldap_query` template.
* * `user_to_dn_mapping.0.substitution` - (Optional) An LDAP Distinguished Name (DN) formatting template that converts the LDAP name matched by the `match` regular expression into an LDAP Distinguished Name. Each bracket-enclosed numeric value is replaced by the corresponding regular expression capture group extracted from the LDAP username that matched the `match` regular expression.
* * `user_to_dn_mapping.0.ldap_query` - (Optional) An LDAP query formatting template that inserts the LDAP name matched by the `match` regular expression into an LDAP query URI as specified by RFC 4515 and RFC 4516. Each numeric value is replaced by the corresponding regular expression capture group extracted from the LDAP username that matched the `match` regular expression.
*
* @return builder
*
*/
public Builder userToDnMappings(@Nullable Output> userToDnMappings) {
$.userToDnMappings = userToDnMappings;
return this;
}
/**
* @param userToDnMappings Maps an LDAP username for authentication to an LDAP Distinguished Name (DN). Each document contains a `match` regular expression and either a `substitution` or `ldap_query` template used to transform the LDAP username extracted from the regular expression. Atlas steps through the each document in the array in the given order, checking the authentication username against the `match` filter. If a match is found, Atlas applies the transformation and uses the output to authenticate the user. Atlas does not check the remaining documents in the array. For more details and examples see the [MongoDB Atlas API Reference](https://docs.atlas.mongodb.com/reference/api/ldaps-configuration-save/).
* * `user_to_dn_mapping.0.match` - (Optional) A regular expression to match against a provided LDAP username. Each parenthesis-enclosed section represents a regular expression capture group used by the `substitution` or `ldap_query` template.
* * `user_to_dn_mapping.0.substitution` - (Optional) An LDAP Distinguished Name (DN) formatting template that converts the LDAP name matched by the `match` regular expression into an LDAP Distinguished Name. Each bracket-enclosed numeric value is replaced by the corresponding regular expression capture group extracted from the LDAP username that matched the `match` regular expression.
* * `user_to_dn_mapping.0.ldap_query` - (Optional) An LDAP query formatting template that inserts the LDAP name matched by the `match` regular expression into an LDAP query URI as specified by RFC 4515 and RFC 4516. Each numeric value is replaced by the corresponding regular expression capture group extracted from the LDAP username that matched the `match` regular expression.
*
* @return builder
*
*/
public Builder userToDnMappings(List userToDnMappings) {
return userToDnMappings(Output.of(userToDnMappings));
}
/**
* @param userToDnMappings Maps an LDAP username for authentication to an LDAP Distinguished Name (DN). Each document contains a `match` regular expression and either a `substitution` or `ldap_query` template used to transform the LDAP username extracted from the regular expression. Atlas steps through the each document in the array in the given order, checking the authentication username against the `match` filter. If a match is found, Atlas applies the transformation and uses the output to authenticate the user. Atlas does not check the remaining documents in the array. For more details and examples see the [MongoDB Atlas API Reference](https://docs.atlas.mongodb.com/reference/api/ldaps-configuration-save/).
* * `user_to_dn_mapping.0.match` - (Optional) A regular expression to match against a provided LDAP username. Each parenthesis-enclosed section represents a regular expression capture group used by the `substitution` or `ldap_query` template.
* * `user_to_dn_mapping.0.substitution` - (Optional) An LDAP Distinguished Name (DN) formatting template that converts the LDAP name matched by the `match` regular expression into an LDAP Distinguished Name. Each bracket-enclosed numeric value is replaced by the corresponding regular expression capture group extracted from the LDAP username that matched the `match` regular expression.
* * `user_to_dn_mapping.0.ldap_query` - (Optional) An LDAP query formatting template that inserts the LDAP name matched by the `match` regular expression into an LDAP query URI as specified by RFC 4515 and RFC 4516. Each numeric value is replaced by the corresponding regular expression capture group extracted from the LDAP username that matched the `match` regular expression.
*
* @return builder
*
*/
public Builder userToDnMappings(LdapConfigurationUserToDnMappingArgs... userToDnMappings) {
return userToDnMappings(List.of(userToDnMappings));
}
public LdapConfigurationArgs build() {
if ($.authenticationEnabled == null) {
throw new MissingRequiredPropertyException("LdapConfigurationArgs", "authenticationEnabled");
}
if ($.bindPassword == null) {
throw new MissingRequiredPropertyException("LdapConfigurationArgs", "bindPassword");
}
if ($.bindUsername == null) {
throw new MissingRequiredPropertyException("LdapConfigurationArgs", "bindUsername");
}
if ($.hostname == null) {
throw new MissingRequiredPropertyException("LdapConfigurationArgs", "hostname");
}
if ($.projectId == null) {
throw new MissingRequiredPropertyException("LdapConfigurationArgs", "projectId");
}
return $;
}
}
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy