Docs Home
artifactory v8.4.0 published on Tuesday, Nov 19, 2024 by Pulumi
artifactory.OauthSettings
Explore with Pulumi AI
This resource can be used to manage Artifactory’s OAuth SSO settings.
Only a single artifactory.OauthSettings resource is meant to be defined.
~>The artifactory.OauthSettings resource utilizes endpoints which are blocked/removed in SaaS environments (i.e. in Artifactory online), rendering this resource incompatible with Artifactory SaaS environments.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as artifactory from "@pulumi/artifactory";
// Configure Artifactory OAuth SSO settings
const oauth = new artifactory.OauthSettings("oauth", {
enable: true,
persistUsers: true,
allowUserToAccessProfile: true,
oauthProviders: [{
name: "okta",
enabled: false,
type: "openId",
clientId: "foo",
clientSecret: "bar",
apiUrl: "https://organization.okta.com/oauth2/v1/userinfo",
authUrl: "https://organization.okta.com/oauth2/v1/authorize",
tokenUrl: "https://organization.okta.com/oauth2/v1/token",
}],
});
import pulumi
import pulumi_artifactory as artifactory
# Configure Artifactory OAuth SSO settings
oauth = artifactory.OauthSettings("oauth",
enable=True,
persist_users=True,
allow_user_to_access_profile=True,
oauth_providers=[{
"name": "okta",
"enabled": False,
"type": "openId",
"client_id": "foo",
"client_secret": "bar",
"api_url": "https://organization.okta.com/oauth2/v1/userinfo",
"auth_url": "https://organization.okta.com/oauth2/v1/authorize",
"token_url": "https://organization.okta.com/oauth2/v1/token",
}])
package main
import (
"github.com/pulumi/pulumi-artifactory/sdk/v8/go/artifactory"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
// Configure Artifactory OAuth SSO settings
_, err := artifactory.NewOauthSettings(ctx, "oauth", &artifactory.OauthSettingsArgs{
Enable: pulumi.Bool(true),
PersistUsers: pulumi.Bool(true),
AllowUserToAccessProfile: pulumi.Bool(true),
OauthProviders: artifactory.OauthSettingsOauthProviderArray{
&artifactory.OauthSettingsOauthProviderArgs{
Name: pulumi.String("okta"),
Enabled: pulumi.Bool(false),
Type: pulumi.String("openId"),
ClientId: pulumi.String("foo"),
ClientSecret: pulumi.String("bar"),
ApiUrl: pulumi.String("https://organization.okta.com/oauth2/v1/userinfo"),
AuthUrl: pulumi.String("https://organization.okta.com/oauth2/v1/authorize"),
TokenUrl: pulumi.String("https://organization.okta.com/oauth2/v1/token"),
},
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Artifactory = Pulumi.Artifactory;
return await Deployment.RunAsync(() =>
{
// Configure Artifactory OAuth SSO settings
var oauth = new Artifactory.OauthSettings("oauth", new()
{
Enable = true,
PersistUsers = true,
AllowUserToAccessProfile = true,
OauthProviders = new[]
{
new Artifactory.Inputs.OauthSettingsOauthProviderArgs
{
Name = "okta",
Enabled = false,
Type = "openId",
ClientId = "foo",
ClientSecret = "bar",
ApiUrl = "https://organization.okta.com/oauth2/v1/userinfo",
AuthUrl = "https://organization.okta.com/oauth2/v1/authorize",
TokenUrl = "https://organization.okta.com/oauth2/v1/token",
},
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.artifactory.OauthSettings;
import com.pulumi.artifactory.OauthSettingsArgs;
import com.pulumi.artifactory.inputs.OauthSettingsOauthProviderArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
// Configure Artifactory OAuth SSO settings
var oauth = new OauthSettings("oauth", OauthSettingsArgs.builder()
.enable(true)
.persistUsers(true)
.allowUserToAccessProfile(true)
.oauthProviders(OauthSettingsOauthProviderArgs.builder()
.name("okta")
.enabled(false)
.type("openId")
.clientId("foo")
.clientSecret("bar")
.apiUrl("https://organization.okta.com/oauth2/v1/userinfo")
.authUrl("https://organization.okta.com/oauth2/v1/authorize")
.tokenUrl("https://organization.okta.com/oauth2/v1/token")
.build())
.build());
}
}
resources:
# Configure Artifactory OAuth SSO settings
oauth:
type: artifactory:OauthSettings
properties:
enable: true
persistUsers: true
allowUserToAccessProfile: true
oauthProviders:
- name: okta
enabled: false
type: openId
clientId: foo
clientSecret: bar
apiUrl: https://organization.okta.com/oauth2/v1/userinfo
authUrl: https://organization.okta.com/oauth2/v1/authorize
tokenUrl: https://organization.okta.com/oauth2/v1/token
Create OauthSettings Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new OauthSettings(name: string, args: OauthSettingsArgs, opts?: CustomResourceOptions);@overload
def OauthSettings(resource_name: str,
args: OauthSettingsArgs,
opts: Optional[ResourceOptions] = None)
@overload
def OauthSettings(resource_name: str,
opts: Optional[ResourceOptions] = None,
oauth_providers: Optional[Sequence[OauthSettingsOauthProviderArgs]] = None,
allow_user_to_access_profile: Optional[bool] = None,
enable: Optional[bool] = None,
persist_users: Optional[bool] = None)func NewOauthSettings(ctx *Context, name string, args OauthSettingsArgs, opts ...ResourceOption) (*OauthSettings, error)public OauthSettings(string name, OauthSettingsArgs args, CustomResourceOptions? opts = null)
public OauthSettings(String name, OauthSettingsArgs args)
public OauthSettings(String name, OauthSettingsArgs args, CustomResourceOptions options)
type: artifactory:OauthSettings
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args OauthSettingsArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args OauthSettingsArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args OauthSettingsArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args OauthSettingsArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args OauthSettingsArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var oauthSettingsResource = new Artifactory.OauthSettings("oauthSettingsResource", new()
{
OauthProviders = new[]
{
new Artifactory.Inputs.OauthSettingsOauthProviderArgs
{
ApiUrl = "string",
AuthUrl = "string",
ClientId = "string",
ClientSecret = "string",
Name = "string",
TokenUrl = "string",
Type = "string",
Enabled = false,
},
},
AllowUserToAccessProfile = false,
Enable = false,
PersistUsers = false,
});
example, err := artifactory.NewOauthSettings(ctx, "oauthSettingsResource", &artifactory.OauthSettingsArgs{
OauthProviders: artifactory.OauthSettingsOauthProviderArray{
&artifactory.OauthSettingsOauthProviderArgs{
ApiUrl: pulumi.String("string"),
AuthUrl: pulumi.String("string"),
ClientId: pulumi.String("string"),
ClientSecret: pulumi.String("string"),
Name: pulumi.String("string"),
TokenUrl: pulumi.String("string"),
Type: pulumi.String("string"),
Enabled: pulumi.Bool(false),
},
},
AllowUserToAccessProfile: pulumi.Bool(false),
Enable: pulumi.Bool(false),
PersistUsers: pulumi.Bool(false),
})
var oauthSettingsResource = new OauthSettings("oauthSettingsResource", OauthSettingsArgs.builder()
.oauthProviders(OauthSettingsOauthProviderArgs.builder()
.apiUrl("string")
.authUrl("string")
.clientId("string")
.clientSecret("string")
.name("string")
.tokenUrl("string")
.type("string")
.enabled(false)
.build())
.allowUserToAccessProfile(false)
.enable(false)
.persistUsers(false)
.build());
oauth_settings_resource = artifactory.OauthSettings("oauthSettingsResource",
oauth_providers=[{
"api_url": "string",
"auth_url": "string",
"client_id": "string",
"client_secret": "string",
"name": "string",
"token_url": "string",
"type": "string",
"enabled": False,
}],
allow_user_to_access_profile=False,
enable=False,
persist_users=False)
const oauthSettingsResource = new artifactory.OauthSettings("oauthSettingsResource", {
oauthProviders: [{
apiUrl: "string",
authUrl: "string",
clientId: "string",
clientSecret: "string",
name: "string",
tokenUrl: "string",
type: "string",
enabled: false,
}],
allowUserToAccessProfile: false,
enable: false,
persistUsers: false,
});
type: artifactory:OauthSettings
properties:
allowUserToAccessProfile: false
enable: false
oauthProviders:
- apiUrl: string
authUrl: string
clientId: string
clientSecret: string
enabled: false
name: string
tokenUrl: string
type: string
persistUsers: false
OauthSettings Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The OauthSettings resource accepts the following input properties:
- Oauth
Providers List<OauthSettings Oauth Provider> - OAuth provider settings block. Multiple blocks can be defined, at least one is required.
- Allow
User boolTo Access Profile - Allow persisted users to access their profile. Default value is
false. - Enable bool
- Enable OAuth SSO. Default value is
true. - Persist
Users bool - Enable the creation of local Artifactory users. Default value is
false.
- Oauth
Providers []OauthSettings Oauth Provider Args - OAuth provider settings block. Multiple blocks can be defined, at least one is required.
- Allow
User boolTo Access Profile - Allow persisted users to access their profile. Default value is
false. - Enable bool
- Enable OAuth SSO. Default value is
true. - Persist
Users bool - Enable the creation of local Artifactory users. Default value is
false.
- oauth
Providers List<OauthSettings Oauth Provider> - OAuth provider settings block. Multiple blocks can be defined, at least one is required.
- allow
User BooleanTo Access Profile - Allow persisted users to access their profile. Default value is
false. - enable Boolean
- Enable OAuth SSO. Default value is
true. - persist
Users Boolean - Enable the creation of local Artifactory users. Default value is
false.
- oauth
Providers OauthSettings Oauth Provider[] - OAuth provider settings block. Multiple blocks can be defined, at least one is required.
- allow
User booleanTo Access Profile - Allow persisted users to access their profile. Default value is
false. - enable boolean
- Enable OAuth SSO. Default value is
true. - persist
Users boolean - Enable the creation of local Artifactory users. Default value is
false.
- oauth_
providers Sequence[OauthSettings Oauth Provider Args] - OAuth provider settings block. Multiple blocks can be defined, at least one is required.
- allow_
user_ boolto_ access_ profile - Allow persisted users to access their profile. Default value is
false. - enable bool
- Enable OAuth SSO. Default value is
true. - persist_
users bool - Enable the creation of local Artifactory users. Default value is
false.
- oauth
Providers List<Property Map> - OAuth provider settings block. Multiple blocks can be defined, at least one is required.
- allow
User BooleanTo Access Profile - Allow persisted users to access their profile. Default value is
false. - enable Boolean
- Enable OAuth SSO. Default value is
true. - persist
Users Boolean - Enable the creation of local Artifactory users. Default value is
false.
Outputs
All input properties are implicitly available as output properties. Additionally, the OauthSettings resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing OauthSettings Resource
Get an existing OauthSettings resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: OauthSettingsState, opts?: CustomResourceOptions): OauthSettings@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
allow_user_to_access_profile: Optional[bool] = None,
enable: Optional[bool] = None,
oauth_providers: Optional[Sequence[OauthSettingsOauthProviderArgs]] = None,
persist_users: Optional[bool] = None) -> OauthSettingsfunc GetOauthSettings(ctx *Context, name string, id IDInput, state *OauthSettingsState, opts ...ResourceOption) (*OauthSettings, error)public static OauthSettings Get(string name, Input<string> id, OauthSettingsState? state, CustomResourceOptions? opts = null)public static OauthSettings get(String name, Output<String> id, OauthSettingsState state, CustomResourceOptions options)Resource lookup is not supported in YAML- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Allow
User boolTo Access Profile - Allow persisted users to access their profile. Default value is
false. - Enable bool
- Enable OAuth SSO. Default value is
true. - Oauth
Providers List<OauthSettings Oauth Provider> - OAuth provider settings block. Multiple blocks can be defined, at least one is required.
- Persist
Users bool - Enable the creation of local Artifactory users. Default value is
false.
- Allow
User boolTo Access Profile - Allow persisted users to access their profile. Default value is
false. - Enable bool
- Enable OAuth SSO. Default value is
true. - Oauth
Providers []OauthSettings Oauth Provider Args - OAuth provider settings block. Multiple blocks can be defined, at least one is required.
- Persist
Users bool - Enable the creation of local Artifactory users. Default value is
false.
- allow
User BooleanTo Access Profile - Allow persisted users to access their profile. Default value is
false. - enable Boolean
- Enable OAuth SSO. Default value is
true. - oauth
Providers List<OauthSettings Oauth Provider> - OAuth provider settings block. Multiple blocks can be defined, at least one is required.
- persist
Users Boolean - Enable the creation of local Artifactory users. Default value is
false.
- allow
User booleanTo Access Profile - Allow persisted users to access their profile. Default value is
false. - enable boolean
- Enable OAuth SSO. Default value is
true. - oauth
Providers OauthSettings Oauth Provider[] - OAuth provider settings block. Multiple blocks can be defined, at least one is required.
- persist
Users boolean - Enable the creation of local Artifactory users. Default value is
false.
- allow_
user_ boolto_ access_ profile - Allow persisted users to access their profile. Default value is
false. - enable bool
- Enable OAuth SSO. Default value is
true. - oauth_
providers Sequence[OauthSettings Oauth Provider Args] - OAuth provider settings block. Multiple blocks can be defined, at least one is required.
- persist_
users bool - Enable the creation of local Artifactory users. Default value is
false.
- allow
User BooleanTo Access Profile - Allow persisted users to access their profile. Default value is
false. - enable Boolean
- Enable OAuth SSO. Default value is
true. - oauth
Providers List<Property Map> - OAuth provider settings block. Multiple blocks can be defined, at least one is required.
- persist
Users Boolean - Enable the creation of local Artifactory users. Default value is
false.
Supporting Types
OauthSettingsOauthProvider, OauthSettingsOauthProviderArgs
- Api
Url string - OAuth user info endpoint for the IdP.
- Auth
Url string - OAuth authorization endpoint for the IdP.
- Client
Id string - OAuth client ID configured on the IdP.
- Client
Secret string - OAuth client secret configured on the IdP.
- Name string
- Name of the Artifactory OAuth provider.
- Token
Url string - OAuth token endpoint for the IdP.
- Type string
- Type of OAuth provider. (e.g.,
github,google,cloudfoundry, oropenId) - Enabled bool
- Enable the Artifactory OAuth provider. Default value is
true.
- Api
Url string - OAuth user info endpoint for the IdP.
- Auth
Url string - OAuth authorization endpoint for the IdP.
- Client
Id string - OAuth client ID configured on the IdP.
- Client
Secret string - OAuth client secret configured on the IdP.
- Name string
- Name of the Artifactory OAuth provider.
- Token
Url string - OAuth token endpoint for the IdP.
- Type string
- Type of OAuth provider. (e.g.,
github,google,cloudfoundry, oropenId) - Enabled bool
- Enable the Artifactory OAuth provider. Default value is
true.
- api
Url String - OAuth user info endpoint for the IdP.
- auth
Url String - OAuth authorization endpoint for the IdP.
- client
Id String - OAuth client ID configured on the IdP.
- client
Secret String - OAuth client secret configured on the IdP.
- name String
- Name of the Artifactory OAuth provider.
- token
Url String - OAuth token endpoint for the IdP.
- type String
- Type of OAuth provider. (e.g.,
github,google,cloudfoundry, oropenId) - enabled Boolean
- Enable the Artifactory OAuth provider. Default value is
true.
- api
Url string - OAuth user info endpoint for the IdP.
- auth
Url string - OAuth authorization endpoint for the IdP.
- client
Id string - OAuth client ID configured on the IdP.
- client
Secret string - OAuth client secret configured on the IdP.
- name string
- Name of the Artifactory OAuth provider.
- token
Url string - OAuth token endpoint for the IdP.
- type string
- Type of OAuth provider. (e.g.,
github,google,cloudfoundry, oropenId) - enabled boolean
- Enable the Artifactory OAuth provider. Default value is
true.
- api_
url str - OAuth user info endpoint for the IdP.
- auth_
url str - OAuth authorization endpoint for the IdP.
- client_
id str - OAuth client ID configured on the IdP.
- client_
secret str - OAuth client secret configured on the IdP.
- name str
- Name of the Artifactory OAuth provider.
- token_
url str - OAuth token endpoint for the IdP.
- type str
- Type of OAuth provider. (e.g.,
github,google,cloudfoundry, oropenId) - enabled bool
- Enable the Artifactory OAuth provider. Default value is
true.
- api
Url String - OAuth user info endpoint for the IdP.
- auth
Url String - OAuth authorization endpoint for the IdP.
- client
Id String - OAuth client ID configured on the IdP.
- client
Secret String - OAuth client secret configured on the IdP.
- name String
- Name of the Artifactory OAuth provider.
- token
Url String - OAuth token endpoint for the IdP.
- type String
- Type of OAuth provider. (e.g.,
github,google,cloudfoundry, oropenId) - enabled Boolean
- Enable the Artifactory OAuth provider. Default value is
true.
Import
Current OAuth SSO settings can be imported using oauth_settings as the ID.
If the resource is being imported, there will be a state drift, because client_secret can’t be known. There are two options on how to approach this:
- Don’t set
client_secretinitially, import, then update the config with actual secret; - Accept that there is a drift initially and run
pulumi uptwice;
$ pulumi import artifactory:index/oauthSettings:OauthSettings oauth oauth_settings
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- artifactory pulumi/pulumi-artifactory
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
artifactoryTerraform Provider.