1. Packages
  2. Artifactory Provider
  3. API Docs
  4. LdapSetting
artifactory v8.4.0 published on Tuesday, Nov 19, 2024 by Pulumi

artifactory.LdapSetting

Explore with Pulumi AI

artifactory logo
artifactory v8.4.0 published on Tuesday, Nov 19, 2024 by Pulumi

    This resource can be used to manage Artifactory’s LDAP settings for user authentication.

    When specified LDAP setting is active, Artifactory first attempts to authenticate the user against the LDAP server. If LDAP authentication fails, it then tries to authenticate via its internal database.

    ~>The artifactory.LdapSetting resource utilizes endpoints which are blocked/removed in SaaS environments (i.e. in Artifactory online), rendering this resource incompatible with Artifactory SaaS environments.

    Example Usage

    import * as pulumi from "@pulumi/pulumi";
    import * as artifactory from "@pulumi/artifactory";
    
    // Configure Artifactory LDAP setting
    const ldapName = new artifactory.LdapSetting("ldap_name", {
        key: "ldap_name",
        enabled: true,
        ldapUrl: "ldap://ldap_server_url",
        userDnPattern: "uid={0},ou=People",
        emailAttribute: "mail",
        autoCreateUser: true,
        ldapPoisoningProtection: true,
        allowUserToAccessProfile: false,
        pagingSupportEnabled: false,
        searchFilter: "(uid={0})",
        searchBase: "ou=users",
        searchSubTree: true,
        managerDn: "mgr_dn",
        managerPassword: "mgr_passwd_random",
    });
    
    import pulumi
    import pulumi_artifactory as artifactory
    
    # Configure Artifactory LDAP setting
    ldap_name = artifactory.LdapSetting("ldap_name",
        key="ldap_name",
        enabled=True,
        ldap_url="ldap://ldap_server_url",
        user_dn_pattern="uid={0},ou=People",
        email_attribute="mail",
        auto_create_user=True,
        ldap_poisoning_protection=True,
        allow_user_to_access_profile=False,
        paging_support_enabled=False,
        search_filter="(uid={0})",
        search_base="ou=users",
        search_sub_tree=True,
        manager_dn="mgr_dn",
        manager_password="mgr_passwd_random")
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-artifactory/sdk/v8/go/artifactory"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		// Configure Artifactory LDAP setting
    		_, err := artifactory.NewLdapSetting(ctx, "ldap_name", &artifactory.LdapSettingArgs{
    			Key:                      pulumi.String("ldap_name"),
    			Enabled:                  pulumi.Bool(true),
    			LdapUrl:                  pulumi.String("ldap://ldap_server_url"),
    			UserDnPattern:            pulumi.String("uid={0},ou=People"),
    			EmailAttribute:           pulumi.String("mail"),
    			AutoCreateUser:           pulumi.Bool(true),
    			LdapPoisoningProtection:  pulumi.Bool(true),
    			AllowUserToAccessProfile: pulumi.Bool(false),
    			PagingSupportEnabled:     pulumi.Bool(false),
    			SearchFilter:             pulumi.String("(uid={0})"),
    			SearchBase:               pulumi.String("ou=users"),
    			SearchSubTree:            pulumi.Bool(true),
    			ManagerDn:                pulumi.String("mgr_dn"),
    			ManagerPassword:          pulumi.String("mgr_passwd_random"),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Artifactory = Pulumi.Artifactory;
    
    return await Deployment.RunAsync(() => 
    {
        // Configure Artifactory LDAP setting
        var ldapName = new Artifactory.LdapSetting("ldap_name", new()
        {
            Key = "ldap_name",
            Enabled = true,
            LdapUrl = "ldap://ldap_server_url",
            UserDnPattern = "uid={0},ou=People",
            EmailAttribute = "mail",
            AutoCreateUser = true,
            LdapPoisoningProtection = true,
            AllowUserToAccessProfile = false,
            PagingSupportEnabled = false,
            SearchFilter = "(uid={0})",
            SearchBase = "ou=users",
            SearchSubTree = true,
            ManagerDn = "mgr_dn",
            ManagerPassword = "mgr_passwd_random",
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.artifactory.LdapSetting;
    import com.pulumi.artifactory.LdapSettingArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            // Configure Artifactory LDAP setting
            var ldapName = new LdapSetting("ldapName", LdapSettingArgs.builder()
                .key("ldap_name")
                .enabled(true)
                .ldapUrl("ldap://ldap_server_url")
                .userDnPattern("uid={0},ou=People")
                .emailAttribute("mail")
                .autoCreateUser(true)
                .ldapPoisoningProtection(true)
                .allowUserToAccessProfile(false)
                .pagingSupportEnabled(false)
                .searchFilter("(uid={0})")
                .searchBase("ou=users")
                .searchSubTree(true)
                .managerDn("mgr_dn")
                .managerPassword("mgr_passwd_random")
                .build());
    
        }
    }
    
    resources:
      # Configure Artifactory LDAP setting
      ldapName:
        type: artifactory:LdapSetting
        name: ldap_name
        properties:
          key: ldap_name
          enabled: true
          ldapUrl: ldap://ldap_server_url
          userDnPattern: uid={0},ou=People
          emailAttribute: mail
          autoCreateUser: true
          ldapPoisoningProtection: true
          allowUserToAccessProfile: false
          pagingSupportEnabled: false
          searchFilter: (uid={0})
          searchBase: ou=users
          searchSubTree: true
          managerDn: mgr_dn
          managerPassword: mgr_passwd_random
    

    Note: Key argument has to match to the resource name.
    Reference Link: JFrog LDAP

    Create LdapSetting Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new LdapSetting(name: string, args: LdapSettingArgs, opts?: CustomResourceOptions);
    @overload
    def LdapSetting(resource_name: str,
                    args: LdapSettingArgs,
                    opts: Optional[ResourceOptions] = None)
    
    @overload
    def LdapSetting(resource_name: str,
                    opts: Optional[ResourceOptions] = None,
                    key: Optional[str] = None,
                    ldap_url: Optional[str] = None,
                    enabled: Optional[bool] = None,
                    allow_user_to_access_profile: Optional[bool] = None,
                    email_attribute: Optional[str] = None,
                    ldap_poisoning_protection: Optional[bool] = None,
                    auto_create_user: Optional[bool] = None,
                    manager_dn: Optional[str] = None,
                    manager_password: Optional[str] = None,
                    paging_support_enabled: Optional[bool] = None,
                    search_base: Optional[str] = None,
                    search_filter: Optional[str] = None,
                    search_sub_tree: Optional[bool] = None,
                    user_dn_pattern: Optional[str] = None)
    func NewLdapSetting(ctx *Context, name string, args LdapSettingArgs, opts ...ResourceOption) (*LdapSetting, error)
    public LdapSetting(string name, LdapSettingArgs args, CustomResourceOptions? opts = null)
    public LdapSetting(String name, LdapSettingArgs args)
    public LdapSetting(String name, LdapSettingArgs args, CustomResourceOptions options)
    
    type: artifactory:LdapSetting
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args LdapSettingArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args LdapSettingArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args LdapSettingArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args LdapSettingArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args LdapSettingArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var ldapSettingResource = new Artifactory.LdapSetting("ldapSettingResource", new()
    {
        Key = "string",
        LdapUrl = "string",
        Enabled = false,
        AllowUserToAccessProfile = false,
        EmailAttribute = "string",
        LdapPoisoningProtection = false,
        AutoCreateUser = false,
        ManagerDn = "string",
        ManagerPassword = "string",
        PagingSupportEnabled = false,
        SearchBase = "string",
        SearchFilter = "string",
        SearchSubTree = false,
        UserDnPattern = "string",
    });
    
    example, err := artifactory.NewLdapSetting(ctx, "ldapSettingResource", &artifactory.LdapSettingArgs{
    	Key:                      pulumi.String("string"),
    	LdapUrl:                  pulumi.String("string"),
    	Enabled:                  pulumi.Bool(false),
    	AllowUserToAccessProfile: pulumi.Bool(false),
    	EmailAttribute:           pulumi.String("string"),
    	LdapPoisoningProtection:  pulumi.Bool(false),
    	AutoCreateUser:           pulumi.Bool(false),
    	ManagerDn:                pulumi.String("string"),
    	ManagerPassword:          pulumi.String("string"),
    	PagingSupportEnabled:     pulumi.Bool(false),
    	SearchBase:               pulumi.String("string"),
    	SearchFilter:             pulumi.String("string"),
    	SearchSubTree:            pulumi.Bool(false),
    	UserDnPattern:            pulumi.String("string"),
    })
    
    var ldapSettingResource = new LdapSetting("ldapSettingResource", LdapSettingArgs.builder()
        .key("string")
        .ldapUrl("string")
        .enabled(false)
        .allowUserToAccessProfile(false)
        .emailAttribute("string")
        .ldapPoisoningProtection(false)
        .autoCreateUser(false)
        .managerDn("string")
        .managerPassword("string")
        .pagingSupportEnabled(false)
        .searchBase("string")
        .searchFilter("string")
        .searchSubTree(false)
        .userDnPattern("string")
        .build());
    
    ldap_setting_resource = artifactory.LdapSetting("ldapSettingResource",
        key="string",
        ldap_url="string",
        enabled=False,
        allow_user_to_access_profile=False,
        email_attribute="string",
        ldap_poisoning_protection=False,
        auto_create_user=False,
        manager_dn="string",
        manager_password="string",
        paging_support_enabled=False,
        search_base="string",
        search_filter="string",
        search_sub_tree=False,
        user_dn_pattern="string")
    
    const ldapSettingResource = new artifactory.LdapSetting("ldapSettingResource", {
        key: "string",
        ldapUrl: "string",
        enabled: false,
        allowUserToAccessProfile: false,
        emailAttribute: "string",
        ldapPoisoningProtection: false,
        autoCreateUser: false,
        managerDn: "string",
        managerPassword: "string",
        pagingSupportEnabled: false,
        searchBase: "string",
        searchFilter: "string",
        searchSubTree: false,
        userDnPattern: "string",
    });
    
    type: artifactory:LdapSetting
    properties:
        allowUserToAccessProfile: false
        autoCreateUser: false
        emailAttribute: string
        enabled: false
        key: string
        ldapPoisoningProtection: false
        ldapUrl: string
        managerDn: string
        managerPassword: string
        pagingSupportEnabled: false
        searchBase: string
        searchFilter: string
        searchSubTree: false
        userDnPattern: string
    

    LdapSetting Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

    The LdapSetting resource accepts the following input properties:

    Key string
    The unique ID of the LDAP setting.
    LdapUrl string
    Location of the LDAP server in the following format: ldap://myserver:myport/dc=sampledomain,dc=com. The URL should include the base DN used to search for and/or authenticate users.
    AllowUserToAccessProfile bool
    When set, users created after logging in using LDAP will be able to access their profile page. Default value is false.
    AutoCreateUser bool
    When set, the system will automatically create new users for those who have logged in using LDAP, and assign them to the default groups. Default value is true.
    EmailAttribute string
    An attribute that can be used to map a user's email address to a user created automatically in Artifactory. Default value is mail.

    • Note: If blank/empty string input was set for email_attribute, Default value mail takes effect. This is to match with Artifactory behavior.
    Enabled bool
    When set, these settings are enabled. Default value is true.
    LdapPoisoningProtection bool
    Protects against LDAP poisoning by filtering out users exposed to vulnerabilities. Default value is true.
    ManagerDn string
    The full DN of a user with permissions that allow querying the LDAP server. When working with LDAP Groups, the user should have permissions for any extra group attributes such as memberOf.
    ManagerPassword string
    The password of the user binding to the LDAP server when using "search" authentication.
    PagingSupportEnabled bool
    When set, supports paging results for the LDAP server. This feature requires that the LDAP Server supports a PagedResultsControl configuration. Default value is true.
    SearchBase string
    The Context name in which to search relative to the base DN in the LDAP URL. Multiple search bases may be specified separated by a pipe ( | ).
    SearchFilter string
    A filter expression used to search for the user DN that is used in LDAP authentication. This is an LDAP search filter (as defined in 'RFC 2254') with optional arguments. In this case, the username is the only argument, denoted by '{0}'. Possible examples are: uid={0}) - this would search for a username match on the uid attribute. Authentication using LDAP is performed from the DN found if successful. Default value is blank/empty.

    • Note: LDAP settings should provide a userDnPattern or a searchFilter (or both)
    SearchSubTree bool
    When set, enables deep search through the sub-tree of the LDAP URL + Search Base. Default value is true.
    UserDnPattern string
    A DN pattern used to log users directly in to the LDAP database. This pattern is used to create a DN string for "direct" user authentication, and is relative to the base DN in the LDAP URL. The pattern argument {0} is replaced with the username at runtime. This only works if anonymous binding is allowed and a direct user DN can be used (which is not the default case for Active Directory). For example: uid={0},ou=People. Default value is blank/empty.

    • Note: LDAP settings should provide a userDnPattern or a searchFilter (or both).
    Key string
    The unique ID of the LDAP setting.
    LdapUrl string
    Location of the LDAP server in the following format: ldap://myserver:myport/dc=sampledomain,dc=com. The URL should include the base DN used to search for and/or authenticate users.
    AllowUserToAccessProfile bool
    When set, users created after logging in using LDAP will be able to access their profile page. Default value is false.
    AutoCreateUser bool
    When set, the system will automatically create new users for those who have logged in using LDAP, and assign them to the default groups. Default value is true.
    EmailAttribute string
    An attribute that can be used to map a user's email address to a user created automatically in Artifactory. Default value is mail.

    • Note: If blank/empty string input was set for email_attribute, Default value mail takes effect. This is to match with Artifactory behavior.
    Enabled bool
    When set, these settings are enabled. Default value is true.
    LdapPoisoningProtection bool
    Protects against LDAP poisoning by filtering out users exposed to vulnerabilities. Default value is true.
    ManagerDn string
    The full DN of a user with permissions that allow querying the LDAP server. When working with LDAP Groups, the user should have permissions for any extra group attributes such as memberOf.
    ManagerPassword string
    The password of the user binding to the LDAP server when using "search" authentication.
    PagingSupportEnabled bool
    When set, supports paging results for the LDAP server. This feature requires that the LDAP Server supports a PagedResultsControl configuration. Default value is true.
    SearchBase string
    The Context name in which to search relative to the base DN in the LDAP URL. Multiple search bases may be specified separated by a pipe ( | ).
    SearchFilter string
    A filter expression used to search for the user DN that is used in LDAP authentication. This is an LDAP search filter (as defined in 'RFC 2254') with optional arguments. In this case, the username is the only argument, denoted by '{0}'. Possible examples are: uid={0}) - this would search for a username match on the uid attribute. Authentication using LDAP is performed from the DN found if successful. Default value is blank/empty.

    • Note: LDAP settings should provide a userDnPattern or a searchFilter (or both)
    SearchSubTree bool
    When set, enables deep search through the sub-tree of the LDAP URL + Search Base. Default value is true.
    UserDnPattern string
    A DN pattern used to log users directly in to the LDAP database. This pattern is used to create a DN string for "direct" user authentication, and is relative to the base DN in the LDAP URL. The pattern argument {0} is replaced with the username at runtime. This only works if anonymous binding is allowed and a direct user DN can be used (which is not the default case for Active Directory). For example: uid={0},ou=People. Default value is blank/empty.

    • Note: LDAP settings should provide a userDnPattern or a searchFilter (or both).
    key String
    The unique ID of the LDAP setting.
    ldapUrl String
    Location of the LDAP server in the following format: ldap://myserver:myport/dc=sampledomain,dc=com. The URL should include the base DN used to search for and/or authenticate users.
    allowUserToAccessProfile Boolean
    When set, users created after logging in using LDAP will be able to access their profile page. Default value is false.
    autoCreateUser Boolean
    When set, the system will automatically create new users for those who have logged in using LDAP, and assign them to the default groups. Default value is true.
    emailAttribute String
    An attribute that can be used to map a user's email address to a user created automatically in Artifactory. Default value is mail.

    • Note: If blank/empty string input was set for email_attribute, Default value mail takes effect. This is to match with Artifactory behavior.
    enabled Boolean
    When set, these settings are enabled. Default value is true.
    ldapPoisoningProtection Boolean
    Protects against LDAP poisoning by filtering out users exposed to vulnerabilities. Default value is true.
    managerDn String
    The full DN of a user with permissions that allow querying the LDAP server. When working with LDAP Groups, the user should have permissions for any extra group attributes such as memberOf.
    managerPassword String
    The password of the user binding to the LDAP server when using "search" authentication.
    pagingSupportEnabled Boolean
    When set, supports paging results for the LDAP server. This feature requires that the LDAP Server supports a PagedResultsControl configuration. Default value is true.
    searchBase String
    The Context name in which to search relative to the base DN in the LDAP URL. Multiple search bases may be specified separated by a pipe ( | ).
    searchFilter String
    A filter expression used to search for the user DN that is used in LDAP authentication. This is an LDAP search filter (as defined in 'RFC 2254') with optional arguments. In this case, the username is the only argument, denoted by '{0}'. Possible examples are: uid={0}) - this would search for a username match on the uid attribute. Authentication using LDAP is performed from the DN found if successful. Default value is blank/empty.

    • Note: LDAP settings should provide a userDnPattern or a searchFilter (or both)
    searchSubTree Boolean
    When set, enables deep search through the sub-tree of the LDAP URL + Search Base. Default value is true.
    userDnPattern String
    A DN pattern used to log users directly in to the LDAP database. This pattern is used to create a DN string for "direct" user authentication, and is relative to the base DN in the LDAP URL. The pattern argument {0} is replaced with the username at runtime. This only works if anonymous binding is allowed and a direct user DN can be used (which is not the default case for Active Directory). For example: uid={0},ou=People. Default value is blank/empty.

    • Note: LDAP settings should provide a userDnPattern or a searchFilter (or both).
    key string
    The unique ID of the LDAP setting.
    ldapUrl string
    Location of the LDAP server in the following format: ldap://myserver:myport/dc=sampledomain,dc=com. The URL should include the base DN used to search for and/or authenticate users.
    allowUserToAccessProfile boolean
    When set, users created after logging in using LDAP will be able to access their profile page. Default value is false.
    autoCreateUser boolean
    When set, the system will automatically create new users for those who have logged in using LDAP, and assign them to the default groups. Default value is true.
    emailAttribute string
    An attribute that can be used to map a user's email address to a user created automatically in Artifactory. Default value is mail.

    • Note: If blank/empty string input was set for email_attribute, Default value mail takes effect. This is to match with Artifactory behavior.
    enabled boolean
    When set, these settings are enabled. Default value is true.
    ldapPoisoningProtection boolean
    Protects against LDAP poisoning by filtering out users exposed to vulnerabilities. Default value is true.
    managerDn string
    The full DN of a user with permissions that allow querying the LDAP server. When working with LDAP Groups, the user should have permissions for any extra group attributes such as memberOf.
    managerPassword string
    The password of the user binding to the LDAP server when using "search" authentication.
    pagingSupportEnabled boolean
    When set, supports paging results for the LDAP server. This feature requires that the LDAP Server supports a PagedResultsControl configuration. Default value is true.
    searchBase string
    The Context name in which to search relative to the base DN in the LDAP URL. Multiple search bases may be specified separated by a pipe ( | ).
    searchFilter string
    A filter expression used to search for the user DN that is used in LDAP authentication. This is an LDAP search filter (as defined in 'RFC 2254') with optional arguments. In this case, the username is the only argument, denoted by '{0}'. Possible examples are: uid={0}) - this would search for a username match on the uid attribute. Authentication using LDAP is performed from the DN found if successful. Default value is blank/empty.

    • Note: LDAP settings should provide a userDnPattern or a searchFilter (or both)
    searchSubTree boolean
    When set, enables deep search through the sub-tree of the LDAP URL + Search Base. Default value is true.
    userDnPattern string
    A DN pattern used to log users directly in to the LDAP database. This pattern is used to create a DN string for "direct" user authentication, and is relative to the base DN in the LDAP URL. The pattern argument {0} is replaced with the username at runtime. This only works if anonymous binding is allowed and a direct user DN can be used (which is not the default case for Active Directory). For example: uid={0},ou=People. Default value is blank/empty.

    • Note: LDAP settings should provide a userDnPattern or a searchFilter (or both).
    key str
    The unique ID of the LDAP setting.
    ldap_url str
    Location of the LDAP server in the following format: ldap://myserver:myport/dc=sampledomain,dc=com. The URL should include the base DN used to search for and/or authenticate users.
    allow_user_to_access_profile bool
    When set, users created after logging in using LDAP will be able to access their profile page. Default value is false.
    auto_create_user bool
    When set, the system will automatically create new users for those who have logged in using LDAP, and assign them to the default groups. Default value is true.
    email_attribute str
    An attribute that can be used to map a user's email address to a user created automatically in Artifactory. Default value is mail.

    • Note: If blank/empty string input was set for email_attribute, Default value mail takes effect. This is to match with Artifactory behavior.
    enabled bool
    When set, these settings are enabled. Default value is true.
    ldap_poisoning_protection bool
    Protects against LDAP poisoning by filtering out users exposed to vulnerabilities. Default value is true.
    manager_dn str
    The full DN of a user with permissions that allow querying the LDAP server. When working with LDAP Groups, the user should have permissions for any extra group attributes such as memberOf.
    manager_password str
    The password of the user binding to the LDAP server when using "search" authentication.
    paging_support_enabled bool
    When set, supports paging results for the LDAP server. This feature requires that the LDAP Server supports a PagedResultsControl configuration. Default value is true.
    search_base str
    The Context name in which to search relative to the base DN in the LDAP URL. Multiple search bases may be specified separated by a pipe ( | ).
    search_filter str
    A filter expression used to search for the user DN that is used in LDAP authentication. This is an LDAP search filter (as defined in 'RFC 2254') with optional arguments. In this case, the username is the only argument, denoted by '{0}'. Possible examples are: uid={0}) - this would search for a username match on the uid attribute. Authentication using LDAP is performed from the DN found if successful. Default value is blank/empty.

    • Note: LDAP settings should provide a userDnPattern or a searchFilter (or both)
    search_sub_tree bool
    When set, enables deep search through the sub-tree of the LDAP URL + Search Base. Default value is true.
    user_dn_pattern str
    A DN pattern used to log users directly in to the LDAP database. This pattern is used to create a DN string for "direct" user authentication, and is relative to the base DN in the LDAP URL. The pattern argument {0} is replaced with the username at runtime. This only works if anonymous binding is allowed and a direct user DN can be used (which is not the default case for Active Directory). For example: uid={0},ou=People. Default value is blank/empty.

    • Note: LDAP settings should provide a userDnPattern or a searchFilter (or both).
    key String
    The unique ID of the LDAP setting.
    ldapUrl String
    Location of the LDAP server in the following format: ldap://myserver:myport/dc=sampledomain,dc=com. The URL should include the base DN used to search for and/or authenticate users.
    allowUserToAccessProfile Boolean
    When set, users created after logging in using LDAP will be able to access their profile page. Default value is false.
    autoCreateUser Boolean
    When set, the system will automatically create new users for those who have logged in using LDAP, and assign them to the default groups. Default value is true.
    emailAttribute String
    An attribute that can be used to map a user's email address to a user created automatically in Artifactory. Default value is mail.

    • Note: If blank/empty string input was set for email_attribute, Default value mail takes effect. This is to match with Artifactory behavior.
    enabled Boolean
    When set, these settings are enabled. Default value is true.
    ldapPoisoningProtection Boolean
    Protects against LDAP poisoning by filtering out users exposed to vulnerabilities. Default value is true.
    managerDn String
    The full DN of a user with permissions that allow querying the LDAP server. When working with LDAP Groups, the user should have permissions for any extra group attributes such as memberOf.
    managerPassword String
    The password of the user binding to the LDAP server when using "search" authentication.
    pagingSupportEnabled Boolean
    When set, supports paging results for the LDAP server. This feature requires that the LDAP Server supports a PagedResultsControl configuration. Default value is true.
    searchBase String
    The Context name in which to search relative to the base DN in the LDAP URL. Multiple search bases may be specified separated by a pipe ( | ).
    searchFilter String
    A filter expression used to search for the user DN that is used in LDAP authentication. This is an LDAP search filter (as defined in 'RFC 2254') with optional arguments. In this case, the username is the only argument, denoted by '{0}'. Possible examples are: uid={0}) - this would search for a username match on the uid attribute. Authentication using LDAP is performed from the DN found if successful. Default value is blank/empty.

    • Note: LDAP settings should provide a userDnPattern or a searchFilter (or both)
    searchSubTree Boolean
    When set, enables deep search through the sub-tree of the LDAP URL + Search Base. Default value is true.
    userDnPattern String
    A DN pattern used to log users directly in to the LDAP database. This pattern is used to create a DN string for "direct" user authentication, and is relative to the base DN in the LDAP URL. The pattern argument {0} is replaced with the username at runtime. This only works if anonymous binding is allowed and a direct user DN can be used (which is not the default case for Active Directory). For example: uid={0},ou=People. Default value is blank/empty.

    • Note: LDAP settings should provide a userDnPattern or a searchFilter (or both).

    Outputs

    All input properties are implicitly available as output properties. Additionally, the LdapSetting resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    Id string
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.
    id string
    The provider-assigned unique ID for this managed resource.
    id str
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.

    Look up Existing LdapSetting Resource

    Get an existing LdapSetting resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: LdapSettingState, opts?: CustomResourceOptions): LdapSetting
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            allow_user_to_access_profile: Optional[bool] = None,
            auto_create_user: Optional[bool] = None,
            email_attribute: Optional[str] = None,
            enabled: Optional[bool] = None,
            key: Optional[str] = None,
            ldap_poisoning_protection: Optional[bool] = None,
            ldap_url: Optional[str] = None,
            manager_dn: Optional[str] = None,
            manager_password: Optional[str] = None,
            paging_support_enabled: Optional[bool] = None,
            search_base: Optional[str] = None,
            search_filter: Optional[str] = None,
            search_sub_tree: Optional[bool] = None,
            user_dn_pattern: Optional[str] = None) -> LdapSetting
    func GetLdapSetting(ctx *Context, name string, id IDInput, state *LdapSettingState, opts ...ResourceOption) (*LdapSetting, error)
    public static LdapSetting Get(string name, Input<string> id, LdapSettingState? state, CustomResourceOptions? opts = null)
    public static LdapSetting get(String name, Output<String> id, LdapSettingState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    AllowUserToAccessProfile bool
    When set, users created after logging in using LDAP will be able to access their profile page. Default value is false.
    AutoCreateUser bool
    When set, the system will automatically create new users for those who have logged in using LDAP, and assign them to the default groups. Default value is true.
    EmailAttribute string
    An attribute that can be used to map a user's email address to a user created automatically in Artifactory. Default value is mail.

    • Note: If blank/empty string input was set for email_attribute, Default value mail takes effect. This is to match with Artifactory behavior.
    Enabled bool
    When set, these settings are enabled. Default value is true.
    Key string
    The unique ID of the LDAP setting.
    LdapPoisoningProtection bool
    Protects against LDAP poisoning by filtering out users exposed to vulnerabilities. Default value is true.
    LdapUrl string
    Location of the LDAP server in the following format: ldap://myserver:myport/dc=sampledomain,dc=com. The URL should include the base DN used to search for and/or authenticate users.
    ManagerDn string
    The full DN of a user with permissions that allow querying the LDAP server. When working with LDAP Groups, the user should have permissions for any extra group attributes such as memberOf.
    ManagerPassword string
    The password of the user binding to the LDAP server when using "search" authentication.
    PagingSupportEnabled bool
    When set, supports paging results for the LDAP server. This feature requires that the LDAP Server supports a PagedResultsControl configuration. Default value is true.
    SearchBase string
    The Context name in which to search relative to the base DN in the LDAP URL. Multiple search bases may be specified separated by a pipe ( | ).
    SearchFilter string
    A filter expression used to search for the user DN that is used in LDAP authentication. This is an LDAP search filter (as defined in 'RFC 2254') with optional arguments. In this case, the username is the only argument, denoted by '{0}'. Possible examples are: uid={0}) - this would search for a username match on the uid attribute. Authentication using LDAP is performed from the DN found if successful. Default value is blank/empty.

    • Note: LDAP settings should provide a userDnPattern or a searchFilter (or both)
    SearchSubTree bool
    When set, enables deep search through the sub-tree of the LDAP URL + Search Base. Default value is true.
    UserDnPattern string
    A DN pattern used to log users directly in to the LDAP database. This pattern is used to create a DN string for "direct" user authentication, and is relative to the base DN in the LDAP URL. The pattern argument {0} is replaced with the username at runtime. This only works if anonymous binding is allowed and a direct user DN can be used (which is not the default case for Active Directory). For example: uid={0},ou=People. Default value is blank/empty.

    • Note: LDAP settings should provide a userDnPattern or a searchFilter (or both).
    AllowUserToAccessProfile bool
    When set, users created after logging in using LDAP will be able to access their profile page. Default value is false.
    AutoCreateUser bool
    When set, the system will automatically create new users for those who have logged in using LDAP, and assign them to the default groups. Default value is true.
    EmailAttribute string
    An attribute that can be used to map a user's email address to a user created automatically in Artifactory. Default value is mail.

    • Note: If blank/empty string input was set for email_attribute, Default value mail takes effect. This is to match with Artifactory behavior.
    Enabled bool
    When set, these settings are enabled. Default value is true.
    Key string
    The unique ID of the LDAP setting.
    LdapPoisoningProtection bool
    Protects against LDAP poisoning by filtering out users exposed to vulnerabilities. Default value is true.
    LdapUrl string
    Location of the LDAP server in the following format: ldap://myserver:myport/dc=sampledomain,dc=com. The URL should include the base DN used to search for and/or authenticate users.
    ManagerDn string
    The full DN of a user with permissions that allow querying the LDAP server. When working with LDAP Groups, the user should have permissions for any extra group attributes such as memberOf.
    ManagerPassword string
    The password of the user binding to the LDAP server when using "search" authentication.
    PagingSupportEnabled bool
    When set, supports paging results for the LDAP server. This feature requires that the LDAP Server supports a PagedResultsControl configuration. Default value is true.
    SearchBase string
    The Context name in which to search relative to the base DN in the LDAP URL. Multiple search bases may be specified separated by a pipe ( | ).
    SearchFilter string
    A filter expression used to search for the user DN that is used in LDAP authentication. This is an LDAP search filter (as defined in 'RFC 2254') with optional arguments. In this case, the username is the only argument, denoted by '{0}'. Possible examples are: uid={0}) - this would search for a username match on the uid attribute. Authentication using LDAP is performed from the DN found if successful. Default value is blank/empty.

    • Note: LDAP settings should provide a userDnPattern or a searchFilter (or both)
    SearchSubTree bool
    When set, enables deep search through the sub-tree of the LDAP URL + Search Base. Default value is true.
    UserDnPattern string
    A DN pattern used to log users directly in to the LDAP database. This pattern is used to create a DN string for "direct" user authentication, and is relative to the base DN in the LDAP URL. The pattern argument {0} is replaced with the username at runtime. This only works if anonymous binding is allowed and a direct user DN can be used (which is not the default case for Active Directory). For example: uid={0},ou=People. Default value is blank/empty.

    • Note: LDAP settings should provide a userDnPattern or a searchFilter (or both).
    allowUserToAccessProfile Boolean
    When set, users created after logging in using LDAP will be able to access their profile page. Default value is false.
    autoCreateUser Boolean
    When set, the system will automatically create new users for those who have logged in using LDAP, and assign them to the default groups. Default value is true.
    emailAttribute String
    An attribute that can be used to map a user's email address to a user created automatically in Artifactory. Default value is mail.

    • Note: If blank/empty string input was set for email_attribute, Default value mail takes effect. This is to match with Artifactory behavior.
    enabled Boolean
    When set, these settings are enabled. Default value is true.
    key String
    The unique ID of the LDAP setting.
    ldapPoisoningProtection Boolean
    Protects against LDAP poisoning by filtering out users exposed to vulnerabilities. Default value is true.
    ldapUrl String
    Location of the LDAP server in the following format: ldap://myserver:myport/dc=sampledomain,dc=com. The URL should include the base DN used to search for and/or authenticate users.
    managerDn String
    The full DN of a user with permissions that allow querying the LDAP server. When working with LDAP Groups, the user should have permissions for any extra group attributes such as memberOf.
    managerPassword String
    The password of the user binding to the LDAP server when using "search" authentication.
    pagingSupportEnabled Boolean
    When set, supports paging results for the LDAP server. This feature requires that the LDAP Server supports a PagedResultsControl configuration. Default value is true.
    searchBase String
    The Context name in which to search relative to the base DN in the LDAP URL. Multiple search bases may be specified separated by a pipe ( | ).
    searchFilter String
    A filter expression used to search for the user DN that is used in LDAP authentication. This is an LDAP search filter (as defined in 'RFC 2254') with optional arguments. In this case, the username is the only argument, denoted by '{0}'. Possible examples are: uid={0}) - this would search for a username match on the uid attribute. Authentication using LDAP is performed from the DN found if successful. Default value is blank/empty.

    • Note: LDAP settings should provide a userDnPattern or a searchFilter (or both)
    searchSubTree Boolean
    When set, enables deep search through the sub-tree of the LDAP URL + Search Base. Default value is true.
    userDnPattern String
    A DN pattern used to log users directly in to the LDAP database. This pattern is used to create a DN string for "direct" user authentication, and is relative to the base DN in the LDAP URL. The pattern argument {0} is replaced with the username at runtime. This only works if anonymous binding is allowed and a direct user DN can be used (which is not the default case for Active Directory). For example: uid={0},ou=People. Default value is blank/empty.

    • Note: LDAP settings should provide a userDnPattern or a searchFilter (or both).
    allowUserToAccessProfile boolean
    When set, users created after logging in using LDAP will be able to access their profile page. Default value is false.
    autoCreateUser boolean
    When set, the system will automatically create new users for those who have logged in using LDAP, and assign them to the default groups. Default value is true.
    emailAttribute string
    An attribute that can be used to map a user's email address to a user created automatically in Artifactory. Default value is mail.

    • Note: If blank/empty string input was set for email_attribute, Default value mail takes effect. This is to match with Artifactory behavior.
    enabled boolean
    When set, these settings are enabled. Default value is true.
    key string
    The unique ID of the LDAP setting.
    ldapPoisoningProtection boolean
    Protects against LDAP poisoning by filtering out users exposed to vulnerabilities. Default value is true.
    ldapUrl string
    Location of the LDAP server in the following format: ldap://myserver:myport/dc=sampledomain,dc=com. The URL should include the base DN used to search for and/or authenticate users.
    managerDn string
    The full DN of a user with permissions that allow querying the LDAP server. When working with LDAP Groups, the user should have permissions for any extra group attributes such as memberOf.
    managerPassword string
    The password of the user binding to the LDAP server when using "search" authentication.
    pagingSupportEnabled boolean
    When set, supports paging results for the LDAP server. This feature requires that the LDAP Server supports a PagedResultsControl configuration. Default value is true.
    searchBase string
    The Context name in which to search relative to the base DN in the LDAP URL. Multiple search bases may be specified separated by a pipe ( | ).
    searchFilter string
    A filter expression used to search for the user DN that is used in LDAP authentication. This is an LDAP search filter (as defined in 'RFC 2254') with optional arguments. In this case, the username is the only argument, denoted by '{0}'. Possible examples are: uid={0}) - this would search for a username match on the uid attribute. Authentication using LDAP is performed from the DN found if successful. Default value is blank/empty.

    • Note: LDAP settings should provide a userDnPattern or a searchFilter (or both)
    searchSubTree boolean
    When set, enables deep search through the sub-tree of the LDAP URL + Search Base. Default value is true.
    userDnPattern string
    A DN pattern used to log users directly in to the LDAP database. This pattern is used to create a DN string for "direct" user authentication, and is relative to the base DN in the LDAP URL. The pattern argument {0} is replaced with the username at runtime. This only works if anonymous binding is allowed and a direct user DN can be used (which is not the default case for Active Directory). For example: uid={0},ou=People. Default value is blank/empty.

    • Note: LDAP settings should provide a userDnPattern or a searchFilter (or both).
    allow_user_to_access_profile bool
    When set, users created after logging in using LDAP will be able to access their profile page. Default value is false.
    auto_create_user bool
    When set, the system will automatically create new users for those who have logged in using LDAP, and assign them to the default groups. Default value is true.
    email_attribute str
    An attribute that can be used to map a user's email address to a user created automatically in Artifactory. Default value is mail.

    • Note: If blank/empty string input was set for email_attribute, Default value mail takes effect. This is to match with Artifactory behavior.
    enabled bool
    When set, these settings are enabled. Default value is true.
    key str
    The unique ID of the LDAP setting.
    ldap_poisoning_protection bool
    Protects against LDAP poisoning by filtering out users exposed to vulnerabilities. Default value is true.
    ldap_url str
    Location of the LDAP server in the following format: ldap://myserver:myport/dc=sampledomain,dc=com. The URL should include the base DN used to search for and/or authenticate users.
    manager_dn str
    The full DN of a user with permissions that allow querying the LDAP server. When working with LDAP Groups, the user should have permissions for any extra group attributes such as memberOf.
    manager_password str
    The password of the user binding to the LDAP server when using "search" authentication.
    paging_support_enabled bool
    When set, supports paging results for the LDAP server. This feature requires that the LDAP Server supports a PagedResultsControl configuration. Default value is true.
    search_base str
    The Context name in which to search relative to the base DN in the LDAP URL. Multiple search bases may be specified separated by a pipe ( | ).
    search_filter str
    A filter expression used to search for the user DN that is used in LDAP authentication. This is an LDAP search filter (as defined in 'RFC 2254') with optional arguments. In this case, the username is the only argument, denoted by '{0}'. Possible examples are: uid={0}) - this would search for a username match on the uid attribute. Authentication using LDAP is performed from the DN found if successful. Default value is blank/empty.

    • Note: LDAP settings should provide a userDnPattern or a searchFilter (or both)
    search_sub_tree bool
    When set, enables deep search through the sub-tree of the LDAP URL + Search Base. Default value is true.
    user_dn_pattern str
    A DN pattern used to log users directly in to the LDAP database. This pattern is used to create a DN string for "direct" user authentication, and is relative to the base DN in the LDAP URL. The pattern argument {0} is replaced with the username at runtime. This only works if anonymous binding is allowed and a direct user DN can be used (which is not the default case for Active Directory). For example: uid={0},ou=People. Default value is blank/empty.

    • Note: LDAP settings should provide a userDnPattern or a searchFilter (or both).
    allowUserToAccessProfile Boolean
    When set, users created after logging in using LDAP will be able to access their profile page. Default value is false.
    autoCreateUser Boolean
    When set, the system will automatically create new users for those who have logged in using LDAP, and assign them to the default groups. Default value is true.
    emailAttribute String
    An attribute that can be used to map a user's email address to a user created automatically in Artifactory. Default value is mail.

    • Note: If blank/empty string input was set for email_attribute, Default value mail takes effect. This is to match with Artifactory behavior.
    enabled Boolean
    When set, these settings are enabled. Default value is true.
    key String
    The unique ID of the LDAP setting.
    ldapPoisoningProtection Boolean
    Protects against LDAP poisoning by filtering out users exposed to vulnerabilities. Default value is true.
    ldapUrl String
    Location of the LDAP server in the following format: ldap://myserver:myport/dc=sampledomain,dc=com. The URL should include the base DN used to search for and/or authenticate users.
    managerDn String
    The full DN of a user with permissions that allow querying the LDAP server. When working with LDAP Groups, the user should have permissions for any extra group attributes such as memberOf.
    managerPassword String
    The password of the user binding to the LDAP server when using "search" authentication.
    pagingSupportEnabled Boolean
    When set, supports paging results for the LDAP server. This feature requires that the LDAP Server supports a PagedResultsControl configuration. Default value is true.
    searchBase String
    The Context name in which to search relative to the base DN in the LDAP URL. Multiple search bases may be specified separated by a pipe ( | ).
    searchFilter String
    A filter expression used to search for the user DN that is used in LDAP authentication. This is an LDAP search filter (as defined in 'RFC 2254') with optional arguments. In this case, the username is the only argument, denoted by '{0}'. Possible examples are: uid={0}) - this would search for a username match on the uid attribute. Authentication using LDAP is performed from the DN found if successful. Default value is blank/empty.

    • Note: LDAP settings should provide a userDnPattern or a searchFilter (or both)
    searchSubTree Boolean
    When set, enables deep search through the sub-tree of the LDAP URL + Search Base. Default value is true.
    userDnPattern String
    A DN pattern used to log users directly in to the LDAP database. This pattern is used to create a DN string for "direct" user authentication, and is relative to the base DN in the LDAP URL. The pattern argument {0} is replaced with the username at runtime. This only works if anonymous binding is allowed and a direct user DN can be used (which is not the default case for Active Directory). For example: uid={0},ou=People. Default value is blank/empty.

    • Note: LDAP settings should provide a userDnPattern or a searchFilter (or both).

    Import

    LDAP setting can be imported using the key, e.g.

    $ pulumi import artifactory:index/ldapSetting:LdapSetting ldap_name ldap_name
    

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    artifactory pulumi/pulumi-artifactory
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the artifactory Terraform Provider.
    artifactory logo
    artifactory v8.4.0 published on Tuesday, Nov 19, 2024 by Pulumi