com.pulumi.vault.ldap.kotlin.AuthBackend.kt Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of pulumi-vault-kotlin Show documentation
Show all versions of pulumi-vault-kotlin Show documentation
Build cloud applications and infrastructure by combining the safety and reliability of infrastructure as code with the power of the Kotlin programming language.
@file:Suppress("NAME_SHADOWING", "DEPRECATION")
package com.pulumi.vault.ldap.kotlin
import com.pulumi.core.Output
import com.pulumi.kotlin.KotlinCustomResource
import com.pulumi.kotlin.PulumiTagMarker
import com.pulumi.kotlin.ResourceMapper
import com.pulumi.kotlin.options.CustomResourceOptions
import com.pulumi.kotlin.options.CustomResourceOptionsBuilder
import com.pulumi.resources.Resource
import kotlin.Boolean
import kotlin.Int
import kotlin.String
import kotlin.Suppress
import kotlin.Unit
import kotlin.collections.List
/**
* Builder for [AuthBackend].
*/
@PulumiTagMarker
public class AuthBackendResourceBuilder internal constructor() {
public var name: String? = null
public var args: AuthBackendArgs = AuthBackendArgs()
public var opts: CustomResourceOptions = CustomResourceOptions()
/**
* @param name The _unique_ name of the resulting resource.
*/
public fun name(`value`: String) {
this.name = value
}
/**
* @param block The arguments to use to populate this resource's properties.
*/
public suspend fun args(block: suspend AuthBackendArgsBuilder.() -> Unit) {
val builder = AuthBackendArgsBuilder()
block(builder)
this.args = builder.build()
}
/**
* @param block A bag of options that control this resource's behavior.
*/
public suspend fun opts(block: suspend CustomResourceOptionsBuilder.() -> Unit) {
this.opts = com.pulumi.kotlin.options.CustomResourceOptions.opts(block)
}
internal fun build(): AuthBackend {
val builtJavaResource = com.pulumi.vault.ldap.AuthBackend(
this.name,
this.args.toJava(),
this.opts.toJava(),
)
return AuthBackend(builtJavaResource)
}
}
/**
* Provides a resource for managing an [LDAP auth backend within Vault](https://www.vaultproject.io/docs/auth/ldap.html).
* ## Example Usage
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as vault from "@pulumi/vault";
* const ldap = new vault.ldap.AuthBackend("ldap", {
* path: "ldap",
* url: "ldaps://dc-01.example.org",
* userdn: "OU=Users,OU=Accounts,DC=example,DC=org",
* userattr: "sAMAccountName",
* upndomain: "EXAMPLE.ORG",
* discoverdn: false,
* groupdn: "OU=Groups,DC=example,DC=org",
* groupfilter: "(&(objectClass=group)(member:1.2.840.113556.1.4.1941:={{.UserDN}}))",
* });
* ```
* ```python
* import pulumi
* import pulumi_vault as vault
* ldap = vault.ldap.AuthBackend("ldap",
* path="ldap",
* url="ldaps://dc-01.example.org",
* userdn="OU=Users,OU=Accounts,DC=example,DC=org",
* userattr="sAMAccountName",
* upndomain="EXAMPLE.ORG",
* discoverdn=False,
* groupdn="OU=Groups,DC=example,DC=org",
* groupfilter="(&(objectClass=group)(member:1.2.840.113556.1.4.1941:={{.UserDN}}))")
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Vault = Pulumi.Vault;
* return await Deployment.RunAsync(() =>
* {
* var ldap = new Vault.Ldap.AuthBackend("ldap", new()
* {
* Path = "ldap",
* Url = "ldaps://dc-01.example.org",
* Userdn = "OU=Users,OU=Accounts,DC=example,DC=org",
* Userattr = "sAMAccountName",
* Upndomain = "EXAMPLE.ORG",
* Discoverdn = false,
* Groupdn = "OU=Groups,DC=example,DC=org",
* Groupfilter = "(&(objectClass=group)(member:1.2.840.113556.1.4.1941:={{.UserDN}}))",
* });
* });
* ```
* ```go
* package main
* import (
* "github.com/pulumi/pulumi-vault/sdk/v6/go/vault/ldap"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* _, err := ldap.NewAuthBackend(ctx, "ldap", &ldap.AuthBackendArgs{
* Path: pulumi.String("ldap"),
* Url: pulumi.String("ldaps://dc-01.example.org"),
* Userdn: pulumi.String("OU=Users,OU=Accounts,DC=example,DC=org"),
* Userattr: pulumi.String("sAMAccountName"),
* Upndomain: pulumi.String("EXAMPLE.ORG"),
* Discoverdn: pulumi.Bool(false),
* Groupdn: pulumi.String("OU=Groups,DC=example,DC=org"),
* Groupfilter: pulumi.String("(&(objectClass=group)(member:1.2.840.113556.1.4.1941:={{.UserDN}}))"),
* })
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.vault.ldap.AuthBackend;
* import com.pulumi.vault.ldap.AuthBackendArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* var ldap = new AuthBackend("ldap", AuthBackendArgs.builder()
* .path("ldap")
* .url("ldaps://dc-01.example.org")
* .userdn("OU=Users,OU=Accounts,DC=example,DC=org")
* .userattr("sAMAccountName")
* .upndomain("EXAMPLE.ORG")
* .discoverdn(false)
* .groupdn("OU=Groups,DC=example,DC=org")
* .groupfilter("(&(objectClass=group)(member:1.2.840.113556.1.4.1941:={{.UserDN}}))")
* .build());
* }
* }
* ```
* ```yaml
* resources:
* ldap:
* type: vault:ldap:AuthBackend
* properties:
* path: ldap
* url: ldaps://dc-01.example.org
* userdn: OU=Users,OU=Accounts,DC=example,DC=org
* userattr: sAMAccountName
* upndomain: EXAMPLE.ORG
* discoverdn: false
* groupdn: OU=Groups,DC=example,DC=org
* groupfilter: (&(objectClass=group)(member:1.2.840.113556.1.4.1941:={{.UserDN}}))
* ```
*
* ## Import
* LDAP authentication backends can be imported using the `path`, e.g.
* ```sh
* $ pulumi import vault:ldap/authBackend:AuthBackend ldap ldap
* ```
*/
public class AuthBackend internal constructor(
override val javaResource: com.pulumi.vault.ldap.AuthBackend,
) : KotlinCustomResource(javaResource, AuthBackendMapper) {
/**
* The accessor for this auth mount.
*/
public val accessor: Output
get() = javaResource.accessor().applyValue({ args0 -> args0 })
/**
* DN of object to bind when performing user search
*/
public val binddn: Output
get() = javaResource.binddn().applyValue({ args0 -> args0 })
/**
* Password to use with `binddn` when performing user search
*/
public val bindpass: Output
get() = javaResource.bindpass().applyValue({ args0 -> args0 })
/**
* Control case senstivity of objects fetched from LDAP, this is used for object matching in vault
*/
public val caseSensitiveNames: Output
get() = javaResource.caseSensitiveNames().applyValue({ args0 -> args0 })
/**
* Trusted CA to validate TLS certificate
*/
public val certificate: Output
get() = javaResource.certificate().applyValue({ args0 -> args0 })
public val clientTlsCert: Output
get() = javaResource.clientTlsCert().applyValue({ args0 -> args0 })
public val clientTlsKey: Output
get() = javaResource.clientTlsKey().applyValue({ args0 -> args0 })
/**
* Prevents users from bypassing authentication when providing an empty password.
*/
public val denyNullBind: Output
get() = javaResource.denyNullBind().applyValue({ args0 -> args0 })
/**
* Description for the LDAP auth backend mount
*/
public val description: Output
get() = javaResource.description().applyValue({ args0 -> args0 })
/**
* If set, opts out of mount migration on path updates.
* See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)
*/
public val disableRemount: Output?
get() = javaResource.disableRemount().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
/**
* Use anonymous bind to discover the bind DN of a user.
*/
public val discoverdn: Output
get() = javaResource.discoverdn().applyValue({ args0 -> args0 })
/**
* LDAP attribute to follow on objects returned by groupfilter
*/
public val groupattr: Output
get() = javaResource.groupattr().applyValue({ args0 -> args0 })
/**
* Base DN under which to perform group search
*/
public val groupdn: Output
get() = javaResource.groupdn().applyValue({ args0 -> args0 })
/**
* Go template used to construct group membership query
*/
public val groupfilter: Output
get() = javaResource.groupfilter().applyValue({ args0 -> args0 })
/**
* Control whether or TLS certificates must be validated
*/
public val insecureTls: Output
get() = javaResource.insecureTls().applyValue({ args0 -> args0 })
/**
* Specifies if the auth method is local only.
*/
public val local: Output?
get() = javaResource.local().applyValue({ args0 -> args0.map({ args0 -> args0 }).orElse(null) })
/**
* Sets the max page size for LDAP lookups, by default it's set to -1.
* *Available only for Vault 1.11.11+, 1.12.7+, and 1.13.3+*.
*/
public val maxPageSize: Output?
get() = javaResource.maxPageSize().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
/**
* The namespace to provision the resource in.
* The value should not contain leading or trailing forward slashes.
* The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
* *Available only for Vault Enterprise*.
*/
public val namespace: Output?
get() = javaResource.namespace().applyValue({ args0 -> args0.map({ args0 -> args0 }).orElse(null) })
/**
* Path to mount the LDAP auth backend under
*/
public val path: Output?
get() = javaResource.path().applyValue({ args0 -> args0.map({ args0 -> args0 }).orElse(null) })
/**
* Control use of TLS when conecting to LDAP
*/
public val starttls: Output
get() = javaResource.starttls().applyValue({ args0 -> args0 })
/**
* Maximum acceptable version of TLS
*/
public val tlsMaxVersion: Output
get() = javaResource.tlsMaxVersion().applyValue({ args0 -> args0 })
/**
* Minimum acceptable version of TLS
*/
public val tlsMinVersion: Output
get() = javaResource.tlsMinVersion().applyValue({ args0 -> args0 })
/**
* Specifies the blocks of IP addresses which are allowed to use the generated token
*/
public val tokenBoundCidrs: Output>?
get() = javaResource.tokenBoundCidrs().applyValue({ args0 ->
args0.map({ args0 ->
args0.map({ args0 -> args0 })
}).orElse(null)
})
/**
* Generated Token's Explicit Maximum TTL in seconds
*/
public val tokenExplicitMaxTtl: Output?
get() = javaResource.tokenExplicitMaxTtl().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
/**
* The maximum lifetime of the generated token
*/
public val tokenMaxTtl: Output?
get() = javaResource.tokenMaxTtl().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
/**
* If true, the 'default' policy will not automatically be added to generated tokens
*/
public val tokenNoDefaultPolicy: Output?
get() = javaResource.tokenNoDefaultPolicy().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
/**
* The maximum number of times a token may be used, a value of zero means unlimited
*/
public val tokenNumUses: Output?
get() = javaResource.tokenNumUses().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
/**
* Generated Token's Period
*/
public val tokenPeriod: Output?
get() = javaResource.tokenPeriod().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
/**
* Generated Token's Policies
*/
public val tokenPolicies: Output>?
get() = javaResource.tokenPolicies().applyValue({ args0 ->
args0.map({ args0 ->
args0.map({ args0 -> args0 })
}).orElse(null)
})
/**
* The initial ttl of the token to generate in seconds
*/
public val tokenTtl: Output?
get() = javaResource.tokenTtl().applyValue({ args0 -> args0.map({ args0 -> args0 }).orElse(null) })
/**
* The type of token to generate, service or batch
*/
public val tokenType: Output?
get() = javaResource.tokenType().applyValue({ args0 -> args0.map({ args0 -> args0 }).orElse(null) })
/**
* The `userPrincipalDomain` used to construct the UPN string for the authenticating user.
*/
public val upndomain: Output
get() = javaResource.upndomain().applyValue({ args0 -> args0 })
/**
* The URL of the LDAP server
*/
public val url: Output
get() = javaResource.url().applyValue({ args0 -> args0 })
/**
* Use the Active Directory tokenGroups constructed attribute of the user to find the group memberships
*/
public val useTokenGroups: Output
get() = javaResource.useTokenGroups().applyValue({ args0 -> args0 })
/**
* Attribute on user object matching username passed in
*/
public val userattr: Output
get() = javaResource.userattr().applyValue({ args0 -> args0 })
/**
* Base DN under which to perform user search
*/
public val userdn: Output
get() = javaResource.userdn().applyValue({ args0 -> args0 })
/**
* LDAP user search filter
*/
public val userfilter: Output
get() = javaResource.userfilter().applyValue({ args0 -> args0 })
/**
* Force the auth method to use the username passed by the user as the alias name.
*/
public val usernameAsAlias: Output
get() = javaResource.usernameAsAlias().applyValue({ args0 -> args0 })
}
public object AuthBackendMapper : ResourceMapper {
override fun supportsMappingOfType(javaResource: Resource): Boolean =
com.pulumi.vault.ldap.AuthBackend::class == javaResource::class
override fun map(javaResource: Resource): AuthBackend = AuthBackend(
javaResource as
com.pulumi.vault.ldap.AuthBackend,
)
}
/**
* @see [AuthBackend].
* @param name The _unique_ name of the resulting resource.
* @param block Builder for [AuthBackend].
*/
public suspend fun authBackend(name: String, block: suspend AuthBackendResourceBuilder.() -> Unit): AuthBackend {
val builder = AuthBackendResourceBuilder()
builder.name(name)
block(builder)
return builder.build()
}
/**
* @see [AuthBackend].
* @param name The _unique_ name of the resulting resource.
*/
public fun authBackend(name: String): AuthBackend {
val builder = AuthBackendResourceBuilder()
builder.name(name)
return builder.build()
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy