com.pulumi.nomad.inputs.AclAuthMethodConfigArgs Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of nomad Show documentation
Show all versions of nomad Show documentation
A Pulumi package for creating and managing nomad cloud resources.
The newest version!
// *** WARNING: this file was generated by pulumi-java-gen. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
package com.pulumi.nomad.inputs;
import com.pulumi.core.Output;
import com.pulumi.core.annotations.Import;
import java.lang.Boolean;
import java.lang.String;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Optional;
import javax.annotation.Nullable;
public final class AclAuthMethodConfigArgs extends com.pulumi.resources.ResourceArgs {
public static final AclAuthMethodConfigArgs Empty = new AclAuthMethodConfigArgs();
/**
* `([]string: <optional>)` - A list of allowed values
* that can be used for the redirect URI.
*
*/
@Import(name="allowedRedirectUris")
private @Nullable Output> allowedRedirectUris;
/**
* @return `([]string: <optional>)` - A list of allowed values
* that can be used for the redirect URI.
*
*/
public Optional>> allowedRedirectUris() {
return Optional.ofNullable(this.allowedRedirectUris);
}
/**
* `([]string: <optional>)` - List of auth claims that are
* valid for login.
*
*/
@Import(name="boundAudiences")
private @Nullable Output> boundAudiences;
/**
* @return `([]string: <optional>)` - List of auth claims that are
* valid for login.
*
*/
public Optional>> boundAudiences() {
return Optional.ofNullable(this.boundAudiences);
}
/**
* `([]string: <optional>)` - The value against which to match
* the iss claim in a JWT.
*
*/
@Import(name="boundIssuers")
private @Nullable Output> boundIssuers;
/**
* @return `([]string: <optional>)` - The value against which to match
* the iss claim in a JWT.
*
*/
public Optional>> boundIssuers() {
return Optional.ofNullable(this.boundIssuers);
}
/**
* Mappings of claims (key) that will be copied to a metadata field (value).
*
*/
@Import(name="claimMappings")
private @Nullable Output> claimMappings;
/**
* @return Mappings of claims (key) that will be copied to a metadata field (value).
*
*/
public Optional>> claimMappings() {
return Optional.ofNullable(this.claimMappings);
}
/**
* `(string: <optional>)` - Duration of leeway when validating
* all claims in the form of a time duration such as "5m" or "1h".
*
*/
@Import(name="clockSkewLeeway")
private @Nullable Output clockSkewLeeway;
/**
* @return `(string: <optional>)` - Duration of leeway when validating
* all claims in the form of a time duration such as "5m" or "1h".
*
*/
public Optional> clockSkewLeeway() {
return Optional.ofNullable(this.clockSkewLeeway);
}
/**
* `([]string: <optional>)` - PEM encoded CA certs for use
* by the TLS client used to talk with the OIDC Discovery URL.
*
*/
@Import(name="discoveryCaPems")
private @Nullable Output> discoveryCaPems;
/**
* @return `([]string: <optional>)` - PEM encoded CA certs for use
* by the TLS client used to talk with the OIDC Discovery URL.
*
*/
public Optional>> discoveryCaPems() {
return Optional.ofNullable(this.discoveryCaPems);
}
/**
* `(string: <optional>)` - Duration of leeway when validating
* expiration of a JWT in the form of a time duration such as "5m" or "1h".
*
*/
@Import(name="expirationLeeway")
private @Nullable Output expirationLeeway;
/**
* @return `(string: <optional>)` - Duration of leeway when validating
* expiration of a JWT in the form of a time duration such as "5m" or "1h".
*
*/
public Optional> expirationLeeway() {
return Optional.ofNullable(this.expirationLeeway);
}
/**
* `(string: <optional>)` - PEM encoded CA cert for use by the
* TLS client used to talk with the JWKS server.
*
*/
@Import(name="jwksCaCert")
private @Nullable Output jwksCaCert;
/**
* @return `(string: <optional>)` - PEM encoded CA cert for use by the
* TLS client used to talk with the JWKS server.
*
*/
public Optional> jwksCaCert() {
return Optional.ofNullable(this.jwksCaCert);
}
/**
* `(string: <optional>)` - JSON Web Key Sets url for authenticating
* signatures.
*
*/
@Import(name="jwksUrl")
private @Nullable Output jwksUrl;
/**
* @return `(string: <optional>)` - JSON Web Key Sets url for authenticating
* signatures.
*
*/
public Optional> jwksUrl() {
return Optional.ofNullable(this.jwksUrl);
}
/**
* `([]string: <optional>)` - List of PEM-encoded
* public keys to use to authenticate signatures locally.
*
*/
@Import(name="jwtValidationPubKeys")
private @Nullable Output> jwtValidationPubKeys;
/**
* @return `([]string: <optional>)` - List of PEM-encoded
* public keys to use to authenticate signatures locally.
*
*/
public Optional>> jwtValidationPubKeys() {
return Optional.ofNullable(this.jwtValidationPubKeys);
}
/**
* Mappings of list claims (key) that will be copied to a metadata field (value).
*
*/
@Import(name="listClaimMappings")
private @Nullable Output> listClaimMappings;
/**
* @return Mappings of list claims (key) that will be copied to a metadata field (value).
*
*/
public Optional>> listClaimMappings() {
return Optional.ofNullable(this.listClaimMappings);
}
/**
* `(string: <optional>)` - Duration of leeway when validating
* not before values of a token in the form of a time duration such as "5m" or "1h".
*
*/
@Import(name="notBeforeLeeway")
private @Nullable Output notBeforeLeeway;
/**
* @return `(string: <optional>)` - Duration of leeway when validating
* not before values of a token in the form of a time duration such as "5m" or "1h".
*
*/
public Optional> notBeforeLeeway() {
return Optional.ofNullable(this.notBeforeLeeway);
}
/**
* `(string: <optional>)` - The OAuth Client ID configured
* with the OIDC provider.
*
*/
@Import(name="oidcClientId")
private @Nullable Output oidcClientId;
/**
* @return `(string: <optional>)` - The OAuth Client ID configured
* with the OIDC provider.
*
*/
public Optional> oidcClientId() {
return Optional.ofNullable(this.oidcClientId);
}
/**
* `(string: <optional>)` - The OAuth Client Secret
* configured with the OIDC provider.
*
*/
@Import(name="oidcClientSecret")
private @Nullable Output oidcClientSecret;
/**
* @return `(string: <optional>)` - The OAuth Client Secret
* configured with the OIDC provider.
*
*/
public Optional> oidcClientSecret() {
return Optional.ofNullable(this.oidcClientSecret);
}
/**
* `(bool: false)` - When set to `true`, Nomad will
* not make a request to the identity provider to get OIDC `UserInfo`.
* You may wish to set this if your identity provider doesn't send any
* additional claims from the `UserInfo` endpoint.
*
*/
@Import(name="oidcDisableUserinfo")
private @Nullable Output oidcDisableUserinfo;
/**
* @return `(bool: false)` - When set to `true`, Nomad will
* not make a request to the identity provider to get OIDC `UserInfo`.
* You may wish to set this if your identity provider doesn't send any
* additional claims from the `UserInfo` endpoint.
*
*/
public Optional> oidcDisableUserinfo() {
return Optional.ofNullable(this.oidcDisableUserinfo);
}
/**
* `(string: <optional>)` - The OIDC Discovery URL,
* without any .well-known component (base path).
*
*/
@Import(name="oidcDiscoveryUrl")
private @Nullable Output oidcDiscoveryUrl;
/**
* @return `(string: <optional>)` - The OIDC Discovery URL,
* without any .well-known component (base path).
*
*/
public Optional> oidcDiscoveryUrl() {
return Optional.ofNullable(this.oidcDiscoveryUrl);
}
/**
* `([]string: <optional>)` - List of OIDC scopes.
*
*/
@Import(name="oidcScopes")
private @Nullable Output> oidcScopes;
/**
* @return `([]string: <optional>)` - List of OIDC scopes.
*
*/
public Optional>> oidcScopes() {
return Optional.ofNullable(this.oidcScopes);
}
/**
* `([]string: <optional>)` - A list of supported signing
* algorithms.
*
*/
@Import(name="signingAlgs")
private @Nullable Output> signingAlgs;
/**
* @return `([]string: <optional>)` - A list of supported signing
* algorithms.
*
*/
public Optional>> signingAlgs() {
return Optional.ofNullable(this.signingAlgs);
}
private AclAuthMethodConfigArgs() {}
private AclAuthMethodConfigArgs(AclAuthMethodConfigArgs $) {
this.allowedRedirectUris = $.allowedRedirectUris;
this.boundAudiences = $.boundAudiences;
this.boundIssuers = $.boundIssuers;
this.claimMappings = $.claimMappings;
this.clockSkewLeeway = $.clockSkewLeeway;
this.discoveryCaPems = $.discoveryCaPems;
this.expirationLeeway = $.expirationLeeway;
this.jwksCaCert = $.jwksCaCert;
this.jwksUrl = $.jwksUrl;
this.jwtValidationPubKeys = $.jwtValidationPubKeys;
this.listClaimMappings = $.listClaimMappings;
this.notBeforeLeeway = $.notBeforeLeeway;
this.oidcClientId = $.oidcClientId;
this.oidcClientSecret = $.oidcClientSecret;
this.oidcDisableUserinfo = $.oidcDisableUserinfo;
this.oidcDiscoveryUrl = $.oidcDiscoveryUrl;
this.oidcScopes = $.oidcScopes;
this.signingAlgs = $.signingAlgs;
}
public static Builder builder() {
return new Builder();
}
public static Builder builder(AclAuthMethodConfigArgs defaults) {
return new Builder(defaults);
}
public static final class Builder {
private AclAuthMethodConfigArgs $;
public Builder() {
$ = new AclAuthMethodConfigArgs();
}
public Builder(AclAuthMethodConfigArgs defaults) {
$ = new AclAuthMethodConfigArgs(Objects.requireNonNull(defaults));
}
/**
* @param allowedRedirectUris `([]string: <optional>)` - A list of allowed values
* that can be used for the redirect URI.
*
* @return builder
*
*/
public Builder allowedRedirectUris(@Nullable Output> allowedRedirectUris) {
$.allowedRedirectUris = allowedRedirectUris;
return this;
}
/**
* @param allowedRedirectUris `([]string: <optional>)` - A list of allowed values
* that can be used for the redirect URI.
*
* @return builder
*
*/
public Builder allowedRedirectUris(List allowedRedirectUris) {
return allowedRedirectUris(Output.of(allowedRedirectUris));
}
/**
* @param allowedRedirectUris `([]string: <optional>)` - A list of allowed values
* that can be used for the redirect URI.
*
* @return builder
*
*/
public Builder allowedRedirectUris(String... allowedRedirectUris) {
return allowedRedirectUris(List.of(allowedRedirectUris));
}
/**
* @param boundAudiences `([]string: <optional>)` - List of auth claims that are
* valid for login.
*
* @return builder
*
*/
public Builder boundAudiences(@Nullable Output> boundAudiences) {
$.boundAudiences = boundAudiences;
return this;
}
/**
* @param boundAudiences `([]string: <optional>)` - List of auth claims that are
* valid for login.
*
* @return builder
*
*/
public Builder boundAudiences(List boundAudiences) {
return boundAudiences(Output.of(boundAudiences));
}
/**
* @param boundAudiences `([]string: <optional>)` - List of auth claims that are
* valid for login.
*
* @return builder
*
*/
public Builder boundAudiences(String... boundAudiences) {
return boundAudiences(List.of(boundAudiences));
}
/**
* @param boundIssuers `([]string: <optional>)` - The value against which to match
* the iss claim in a JWT.
*
* @return builder
*
*/
public Builder boundIssuers(@Nullable Output> boundIssuers) {
$.boundIssuers = boundIssuers;
return this;
}
/**
* @param boundIssuers `([]string: <optional>)` - The value against which to match
* the iss claim in a JWT.
*
* @return builder
*
*/
public Builder boundIssuers(List boundIssuers) {
return boundIssuers(Output.of(boundIssuers));
}
/**
* @param boundIssuers `([]string: <optional>)` - The value against which to match
* the iss claim in a JWT.
*
* @return builder
*
*/
public Builder boundIssuers(String... boundIssuers) {
return boundIssuers(List.of(boundIssuers));
}
/**
* @param claimMappings Mappings of claims (key) that will be copied to a metadata field (value).
*
* @return builder
*
*/
public Builder claimMappings(@Nullable Output> claimMappings) {
$.claimMappings = claimMappings;
return this;
}
/**
* @param claimMappings Mappings of claims (key) that will be copied to a metadata field (value).
*
* @return builder
*
*/
public Builder claimMappings(Map claimMappings) {
return claimMappings(Output.of(claimMappings));
}
/**
* @param clockSkewLeeway `(string: <optional>)` - Duration of leeway when validating
* all claims in the form of a time duration such as "5m" or "1h".
*
* @return builder
*
*/
public Builder clockSkewLeeway(@Nullable Output clockSkewLeeway) {
$.clockSkewLeeway = clockSkewLeeway;
return this;
}
/**
* @param clockSkewLeeway `(string: <optional>)` - Duration of leeway when validating
* all claims in the form of a time duration such as "5m" or "1h".
*
* @return builder
*
*/
public Builder clockSkewLeeway(String clockSkewLeeway) {
return clockSkewLeeway(Output.of(clockSkewLeeway));
}
/**
* @param discoveryCaPems `([]string: <optional>)` - PEM encoded CA certs for use
* by the TLS client used to talk with the OIDC Discovery URL.
*
* @return builder
*
*/
public Builder discoveryCaPems(@Nullable Output> discoveryCaPems) {
$.discoveryCaPems = discoveryCaPems;
return this;
}
/**
* @param discoveryCaPems `([]string: <optional>)` - PEM encoded CA certs for use
* by the TLS client used to talk with the OIDC Discovery URL.
*
* @return builder
*
*/
public Builder discoveryCaPems(List discoveryCaPems) {
return discoveryCaPems(Output.of(discoveryCaPems));
}
/**
* @param discoveryCaPems `([]string: <optional>)` - PEM encoded CA certs for use
* by the TLS client used to talk with the OIDC Discovery URL.
*
* @return builder
*
*/
public Builder discoveryCaPems(String... discoveryCaPems) {
return discoveryCaPems(List.of(discoveryCaPems));
}
/**
* @param expirationLeeway `(string: <optional>)` - Duration of leeway when validating
* expiration of a JWT in the form of a time duration such as "5m" or "1h".
*
* @return builder
*
*/
public Builder expirationLeeway(@Nullable Output expirationLeeway) {
$.expirationLeeway = expirationLeeway;
return this;
}
/**
* @param expirationLeeway `(string: <optional>)` - Duration of leeway when validating
* expiration of a JWT in the form of a time duration such as "5m" or "1h".
*
* @return builder
*
*/
public Builder expirationLeeway(String expirationLeeway) {
return expirationLeeway(Output.of(expirationLeeway));
}
/**
* @param jwksCaCert `(string: <optional>)` - PEM encoded CA cert for use by the
* TLS client used to talk with the JWKS server.
*
* @return builder
*
*/
public Builder jwksCaCert(@Nullable Output jwksCaCert) {
$.jwksCaCert = jwksCaCert;
return this;
}
/**
* @param jwksCaCert `(string: <optional>)` - PEM encoded CA cert for use by the
* TLS client used to talk with the JWKS server.
*
* @return builder
*
*/
public Builder jwksCaCert(String jwksCaCert) {
return jwksCaCert(Output.of(jwksCaCert));
}
/**
* @param jwksUrl `(string: <optional>)` - JSON Web Key Sets url for authenticating
* signatures.
*
* @return builder
*
*/
public Builder jwksUrl(@Nullable Output jwksUrl) {
$.jwksUrl = jwksUrl;
return this;
}
/**
* @param jwksUrl `(string: <optional>)` - JSON Web Key Sets url for authenticating
* signatures.
*
* @return builder
*
*/
public Builder jwksUrl(String jwksUrl) {
return jwksUrl(Output.of(jwksUrl));
}
/**
* @param jwtValidationPubKeys `([]string: <optional>)` - List of PEM-encoded
* public keys to use to authenticate signatures locally.
*
* @return builder
*
*/
public Builder jwtValidationPubKeys(@Nullable Output> jwtValidationPubKeys) {
$.jwtValidationPubKeys = jwtValidationPubKeys;
return this;
}
/**
* @param jwtValidationPubKeys `([]string: <optional>)` - List of PEM-encoded
* public keys to use to authenticate signatures locally.
*
* @return builder
*
*/
public Builder jwtValidationPubKeys(List jwtValidationPubKeys) {
return jwtValidationPubKeys(Output.of(jwtValidationPubKeys));
}
/**
* @param jwtValidationPubKeys `([]string: <optional>)` - List of PEM-encoded
* public keys to use to authenticate signatures locally.
*
* @return builder
*
*/
public Builder jwtValidationPubKeys(String... jwtValidationPubKeys) {
return jwtValidationPubKeys(List.of(jwtValidationPubKeys));
}
/**
* @param listClaimMappings Mappings of list claims (key) that will be copied to a metadata field (value).
*
* @return builder
*
*/
public Builder listClaimMappings(@Nullable Output> listClaimMappings) {
$.listClaimMappings = listClaimMappings;
return this;
}
/**
* @param listClaimMappings Mappings of list claims (key) that will be copied to a metadata field (value).
*
* @return builder
*
*/
public Builder listClaimMappings(Map listClaimMappings) {
return listClaimMappings(Output.of(listClaimMappings));
}
/**
* @param notBeforeLeeway `(string: <optional>)` - Duration of leeway when validating
* not before values of a token in the form of a time duration such as "5m" or "1h".
*
* @return builder
*
*/
public Builder notBeforeLeeway(@Nullable Output notBeforeLeeway) {
$.notBeforeLeeway = notBeforeLeeway;
return this;
}
/**
* @param notBeforeLeeway `(string: <optional>)` - Duration of leeway when validating
* not before values of a token in the form of a time duration such as "5m" or "1h".
*
* @return builder
*
*/
public Builder notBeforeLeeway(String notBeforeLeeway) {
return notBeforeLeeway(Output.of(notBeforeLeeway));
}
/**
* @param oidcClientId `(string: <optional>)` - The OAuth Client ID configured
* with the OIDC provider.
*
* @return builder
*
*/
public Builder oidcClientId(@Nullable Output oidcClientId) {
$.oidcClientId = oidcClientId;
return this;
}
/**
* @param oidcClientId `(string: <optional>)` - The OAuth Client ID configured
* with the OIDC provider.
*
* @return builder
*
*/
public Builder oidcClientId(String oidcClientId) {
return oidcClientId(Output.of(oidcClientId));
}
/**
* @param oidcClientSecret `(string: <optional>)` - The OAuth Client Secret
* configured with the OIDC provider.
*
* @return builder
*
*/
public Builder oidcClientSecret(@Nullable Output oidcClientSecret) {
$.oidcClientSecret = oidcClientSecret;
return this;
}
/**
* @param oidcClientSecret `(string: <optional>)` - The OAuth Client Secret
* configured with the OIDC provider.
*
* @return builder
*
*/
public Builder oidcClientSecret(String oidcClientSecret) {
return oidcClientSecret(Output.of(oidcClientSecret));
}
/**
* @param oidcDisableUserinfo `(bool: false)` - When set to `true`, Nomad will
* not make a request to the identity provider to get OIDC `UserInfo`.
* You may wish to set this if your identity provider doesn't send any
* additional claims from the `UserInfo` endpoint.
*
* @return builder
*
*/
public Builder oidcDisableUserinfo(@Nullable Output oidcDisableUserinfo) {
$.oidcDisableUserinfo = oidcDisableUserinfo;
return this;
}
/**
* @param oidcDisableUserinfo `(bool: false)` - When set to `true`, Nomad will
* not make a request to the identity provider to get OIDC `UserInfo`.
* You may wish to set this if your identity provider doesn't send any
* additional claims from the `UserInfo` endpoint.
*
* @return builder
*
*/
public Builder oidcDisableUserinfo(Boolean oidcDisableUserinfo) {
return oidcDisableUserinfo(Output.of(oidcDisableUserinfo));
}
/**
* @param oidcDiscoveryUrl `(string: <optional>)` - The OIDC Discovery URL,
* without any .well-known component (base path).
*
* @return builder
*
*/
public Builder oidcDiscoveryUrl(@Nullable Output oidcDiscoveryUrl) {
$.oidcDiscoveryUrl = oidcDiscoveryUrl;
return this;
}
/**
* @param oidcDiscoveryUrl `(string: <optional>)` - The OIDC Discovery URL,
* without any .well-known component (base path).
*
* @return builder
*
*/
public Builder oidcDiscoveryUrl(String oidcDiscoveryUrl) {
return oidcDiscoveryUrl(Output.of(oidcDiscoveryUrl));
}
/**
* @param oidcScopes `([]string: <optional>)` - List of OIDC scopes.
*
* @return builder
*
*/
public Builder oidcScopes(@Nullable Output> oidcScopes) {
$.oidcScopes = oidcScopes;
return this;
}
/**
* @param oidcScopes `([]string: <optional>)` - List of OIDC scopes.
*
* @return builder
*
*/
public Builder oidcScopes(List oidcScopes) {
return oidcScopes(Output.of(oidcScopes));
}
/**
* @param oidcScopes `([]string: <optional>)` - List of OIDC scopes.
*
* @return builder
*
*/
public Builder oidcScopes(String... oidcScopes) {
return oidcScopes(List.of(oidcScopes));
}
/**
* @param signingAlgs `([]string: <optional>)` - A list of supported signing
* algorithms.
*
* @return builder
*
*/
public Builder signingAlgs(@Nullable Output> signingAlgs) {
$.signingAlgs = signingAlgs;
return this;
}
/**
* @param signingAlgs `([]string: <optional>)` - A list of supported signing
* algorithms.
*
* @return builder
*
*/
public Builder signingAlgs(List signingAlgs) {
return signingAlgs(Output.of(signingAlgs));
}
/**
* @param signingAlgs `([]string: <optional>)` - A list of supported signing
* algorithms.
*
* @return builder
*
*/
public Builder signingAlgs(String... signingAlgs) {
return signingAlgs(List.of(signingAlgs));
}
public AclAuthMethodConfigArgs build() {
return $;
}
}
}