artifactory.SamlSettings
Explore with Pulumi AI
This resource can be used to manage Artifactory’s SAML SSO settings.
Only a single artifactory.SamlSettings
resource is meant to be defined.
~>The artifactory.SamlSettings
resource utilizes endpoints which are blocked/removed in SaaS environments (i.e. in Artifactory online), rendering this resource incompatible with Artifactory SaaS environments.
!>This resource is deprecated in favor of platform_saml_settings resource in the Platform provider.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as artifactory from "@pulumi/artifactory";
// Configure Artifactory SAML SSO settings
const saml = new artifactory.SamlSettings("saml", {
enable: true,
serviceProviderName: "okta",
loginUrl: "test-login-url",
logoutUrl: "test-logout-url",
certificate: "test-certificate",
emailAttribute: "email",
groupAttribute: "groups",
noAutoUserCreation: false,
allowUserToAccessProfile: true,
autoRedirect: true,
syncGroups: true,
verifyAudienceRestriction: true,
useEncryptedAssertion: false,
});
import pulumi
import pulumi_artifactory as artifactory
# Configure Artifactory SAML SSO settings
saml = artifactory.SamlSettings("saml",
enable=True,
service_provider_name="okta",
login_url="test-login-url",
logout_url="test-logout-url",
certificate="test-certificate",
email_attribute="email",
group_attribute="groups",
no_auto_user_creation=False,
allow_user_to_access_profile=True,
auto_redirect=True,
sync_groups=True,
verify_audience_restriction=True,
use_encrypted_assertion=False)
package main
import (
"github.com/pulumi/pulumi-artifactory/sdk/v8/go/artifactory"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
// Configure Artifactory SAML SSO settings
_, err := artifactory.NewSamlSettings(ctx, "saml", &artifactory.SamlSettingsArgs{
Enable: pulumi.Bool(true),
ServiceProviderName: pulumi.String("okta"),
LoginUrl: pulumi.String("test-login-url"),
LogoutUrl: pulumi.String("test-logout-url"),
Certificate: pulumi.String("test-certificate"),
EmailAttribute: pulumi.String("email"),
GroupAttribute: pulumi.String("groups"),
NoAutoUserCreation: pulumi.Bool(false),
AllowUserToAccessProfile: pulumi.Bool(true),
AutoRedirect: pulumi.Bool(true),
SyncGroups: pulumi.Bool(true),
VerifyAudienceRestriction: pulumi.Bool(true),
UseEncryptedAssertion: pulumi.Bool(false),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Artifactory = Pulumi.Artifactory;
return await Deployment.RunAsync(() =>
{
// Configure Artifactory SAML SSO settings
var saml = new Artifactory.SamlSettings("saml", new()
{
Enable = true,
ServiceProviderName = "okta",
LoginUrl = "test-login-url",
LogoutUrl = "test-logout-url",
Certificate = "test-certificate",
EmailAttribute = "email",
GroupAttribute = "groups",
NoAutoUserCreation = false,
AllowUserToAccessProfile = true,
AutoRedirect = true,
SyncGroups = true,
VerifyAudienceRestriction = true,
UseEncryptedAssertion = false,
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.artifactory.SamlSettings;
import com.pulumi.artifactory.SamlSettingsArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
// Configure Artifactory SAML SSO settings
var saml = new SamlSettings("saml", SamlSettingsArgs.builder()
.enable(true)
.serviceProviderName("okta")
.loginUrl("test-login-url")
.logoutUrl("test-logout-url")
.certificate("test-certificate")
.emailAttribute("email")
.groupAttribute("groups")
.noAutoUserCreation(false)
.allowUserToAccessProfile(true)
.autoRedirect(true)
.syncGroups(true)
.verifyAudienceRestriction(true)
.useEncryptedAssertion(false)
.build());
}
}
resources:
# Configure Artifactory SAML SSO settings
saml:
type: artifactory:SamlSettings
properties:
enable: true
serviceProviderName: okta
loginUrl: test-login-url
logoutUrl: test-logout-url
certificate: test-certificate
emailAttribute: email
groupAttribute: groups
noAutoUserCreation: false
allowUserToAccessProfile: true
autoRedirect: true
syncGroups: true
verifyAudienceRestriction: true
useEncryptedAssertion: false
Create SamlSettings Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new SamlSettings(name: string, args: SamlSettingsArgs, opts?: CustomResourceOptions);
@overload
def SamlSettings(resource_name: str,
args: SamlSettingsArgs,
opts: Optional[ResourceOptions] = None)
@overload
def SamlSettings(resource_name: str,
opts: Optional[ResourceOptions] = None,
service_provider_name: Optional[str] = None,
login_url: Optional[str] = None,
logout_url: Optional[str] = None,
auto_redirect: Optional[bool] = None,
certificate: Optional[str] = None,
email_attribute: Optional[str] = None,
enable: Optional[bool] = None,
group_attribute: Optional[str] = None,
no_auto_user_creation: Optional[bool] = None,
allow_user_to_access_profile: Optional[bool] = None,
sync_groups: Optional[bool] = None,
use_encrypted_assertion: Optional[bool] = None,
verify_audience_restriction: Optional[bool] = None)
func NewSamlSettings(ctx *Context, name string, args SamlSettingsArgs, opts ...ResourceOption) (*SamlSettings, error)
public SamlSettings(string name, SamlSettingsArgs args, CustomResourceOptions? opts = null)
public SamlSettings(String name, SamlSettingsArgs args)
public SamlSettings(String name, SamlSettingsArgs args, CustomResourceOptions options)
type: artifactory:SamlSettings
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args SamlSettingsArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args SamlSettingsArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args SamlSettingsArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args SamlSettingsArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args SamlSettingsArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var samlSettingsResource = new Artifactory.SamlSettings("samlSettingsResource", new()
{
ServiceProviderName = "string",
LoginUrl = "string",
LogoutUrl = "string",
AutoRedirect = false,
Certificate = "string",
EmailAttribute = "string",
Enable = false,
GroupAttribute = "string",
NoAutoUserCreation = false,
AllowUserToAccessProfile = false,
SyncGroups = false,
UseEncryptedAssertion = false,
VerifyAudienceRestriction = false,
});
example, err := artifactory.NewSamlSettings(ctx, "samlSettingsResource", &artifactory.SamlSettingsArgs{
ServiceProviderName: pulumi.String("string"),
LoginUrl: pulumi.String("string"),
LogoutUrl: pulumi.String("string"),
AutoRedirect: pulumi.Bool(false),
Certificate: pulumi.String("string"),
EmailAttribute: pulumi.String("string"),
Enable: pulumi.Bool(false),
GroupAttribute: pulumi.String("string"),
NoAutoUserCreation: pulumi.Bool(false),
AllowUserToAccessProfile: pulumi.Bool(false),
SyncGroups: pulumi.Bool(false),
UseEncryptedAssertion: pulumi.Bool(false),
VerifyAudienceRestriction: pulumi.Bool(false),
})
var samlSettingsResource = new SamlSettings("samlSettingsResource", SamlSettingsArgs.builder()
.serviceProviderName("string")
.loginUrl("string")
.logoutUrl("string")
.autoRedirect(false)
.certificate("string")
.emailAttribute("string")
.enable(false)
.groupAttribute("string")
.noAutoUserCreation(false)
.allowUserToAccessProfile(false)
.syncGroups(false)
.useEncryptedAssertion(false)
.verifyAudienceRestriction(false)
.build());
saml_settings_resource = artifactory.SamlSettings("samlSettingsResource",
service_provider_name="string",
login_url="string",
logout_url="string",
auto_redirect=False,
certificate="string",
email_attribute="string",
enable=False,
group_attribute="string",
no_auto_user_creation=False,
allow_user_to_access_profile=False,
sync_groups=False,
use_encrypted_assertion=False,
verify_audience_restriction=False)
const samlSettingsResource = new artifactory.SamlSettings("samlSettingsResource", {
serviceProviderName: "string",
loginUrl: "string",
logoutUrl: "string",
autoRedirect: false,
certificate: "string",
emailAttribute: "string",
enable: false,
groupAttribute: "string",
noAutoUserCreation: false,
allowUserToAccessProfile: false,
syncGroups: false,
useEncryptedAssertion: false,
verifyAudienceRestriction: false,
});
type: artifactory:SamlSettings
properties:
allowUserToAccessProfile: false
autoRedirect: false
certificate: string
emailAttribute: string
enable: false
groupAttribute: string
loginUrl: string
logoutUrl: string
noAutoUserCreation: false
serviceProviderName: string
syncGroups: false
useEncryptedAssertion: false
verifyAudienceRestriction: false
SamlSettings Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The SamlSettings resource accepts the following input properties:
- Login
Url string - Service provider login url configured on the IdP.
- Logout
Url string - Service provider logout url, or where to redirect after user logs out.
- Service
Provider stringName - The SAML service provider name. This should be a URI that is also known as the entityID, providerID, or entity identity.
- Allow
User boolTo Access Profile - Allow persisted users to access their profile. Default value is
true
. - Auto
Redirect bool - Auto redirect to login through the IdP when clicking on Artifactory's login link. Default value is
false
. - Certificate string
- SAML certificate that contains the public key for the IdP service provider. Used by Artifactory to verify sign-in requests. Default value is ``.
- Email
Attribute string - Name of the attribute in the SAML response from the IdP that contains the user's email. Default value is ``.
- Enable bool
- Enable SAML SSO. Default value is
true
. - Group
Attribute string - Name of the attribute in the SAML response from the IdP that contains the user's group memberships. Default value is ``.
- No
Auto boolUser Creation - When automatic user creation is off, authenticated users are not automatically created inside Artifactory. Instead, for every request from an SSO user, the user is temporarily associated with default groups (if such groups are defined), and the permissions for these groups apply. Without auto-user creation, you must manually create the user inside Artifactory to manage user permissions not attached to their default groups. Default value is
false
. - Sync
Groups bool - Associate user with Artifactory groups based on the
group_attribute
provided in the SAML response from the identity provider. Default value isfalse
. - Use
Encrypted boolAssertion - When set, an X.509 public certificate will be created by Artifactory. Download this certificate and upload it to your IDP and choose your own encryption algorithm. This process will let you encrypt the assertion section in your SAML response. Default value is
false
. - Verify
Audience boolRestriction - Enable "audience", or who the SAML assertion is intended for. Ensures that the correct service provider intended for Artifactory is used on the IdP. Default value is
true
.
- Login
Url string - Service provider login url configured on the IdP.
- Logout
Url string - Service provider logout url, or where to redirect after user logs out.
- Service
Provider stringName - The SAML service provider name. This should be a URI that is also known as the entityID, providerID, or entity identity.
- Allow
User boolTo Access Profile - Allow persisted users to access their profile. Default value is
true
. - Auto
Redirect bool - Auto redirect to login through the IdP when clicking on Artifactory's login link. Default value is
false
. - Certificate string
- SAML certificate that contains the public key for the IdP service provider. Used by Artifactory to verify sign-in requests. Default value is ``.
- Email
Attribute string - Name of the attribute in the SAML response from the IdP that contains the user's email. Default value is ``.
- Enable bool
- Enable SAML SSO. Default value is
true
. - Group
Attribute string - Name of the attribute in the SAML response from the IdP that contains the user's group memberships. Default value is ``.
- No
Auto boolUser Creation - When automatic user creation is off, authenticated users are not automatically created inside Artifactory. Instead, for every request from an SSO user, the user is temporarily associated with default groups (if such groups are defined), and the permissions for these groups apply. Without auto-user creation, you must manually create the user inside Artifactory to manage user permissions not attached to their default groups. Default value is
false
. - Sync
Groups bool - Associate user with Artifactory groups based on the
group_attribute
provided in the SAML response from the identity provider. Default value isfalse
. - Use
Encrypted boolAssertion - When set, an X.509 public certificate will be created by Artifactory. Download this certificate and upload it to your IDP and choose your own encryption algorithm. This process will let you encrypt the assertion section in your SAML response. Default value is
false
. - Verify
Audience boolRestriction - Enable "audience", or who the SAML assertion is intended for. Ensures that the correct service provider intended for Artifactory is used on the IdP. Default value is
true
.
- login
Url String - Service provider login url configured on the IdP.
- logout
Url String - Service provider logout url, or where to redirect after user logs out.
- service
Provider StringName - The SAML service provider name. This should be a URI that is also known as the entityID, providerID, or entity identity.
- allow
User BooleanTo Access Profile - Allow persisted users to access their profile. Default value is
true
. - auto
Redirect Boolean - Auto redirect to login through the IdP when clicking on Artifactory's login link. Default value is
false
. - certificate String
- SAML certificate that contains the public key for the IdP service provider. Used by Artifactory to verify sign-in requests. Default value is ``.
- email
Attribute String - Name of the attribute in the SAML response from the IdP that contains the user's email. Default value is ``.
- enable Boolean
- Enable SAML SSO. Default value is
true
. - group
Attribute String - Name of the attribute in the SAML response from the IdP that contains the user's group memberships. Default value is ``.
- no
Auto BooleanUser Creation - When automatic user creation is off, authenticated users are not automatically created inside Artifactory. Instead, for every request from an SSO user, the user is temporarily associated with default groups (if such groups are defined), and the permissions for these groups apply. Without auto-user creation, you must manually create the user inside Artifactory to manage user permissions not attached to their default groups. Default value is
false
. - sync
Groups Boolean - Associate user with Artifactory groups based on the
group_attribute
provided in the SAML response from the identity provider. Default value isfalse
. - use
Encrypted BooleanAssertion - When set, an X.509 public certificate will be created by Artifactory. Download this certificate and upload it to your IDP and choose your own encryption algorithm. This process will let you encrypt the assertion section in your SAML response. Default value is
false
. - verify
Audience BooleanRestriction - Enable "audience", or who the SAML assertion is intended for. Ensures that the correct service provider intended for Artifactory is used on the IdP. Default value is
true
.
- login
Url string - Service provider login url configured on the IdP.
- logout
Url string - Service provider logout url, or where to redirect after user logs out.
- service
Provider stringName - The SAML service provider name. This should be a URI that is also known as the entityID, providerID, or entity identity.
- allow
User booleanTo Access Profile - Allow persisted users to access their profile. Default value is
true
. - auto
Redirect boolean - Auto redirect to login through the IdP when clicking on Artifactory's login link. Default value is
false
. - certificate string
- SAML certificate that contains the public key for the IdP service provider. Used by Artifactory to verify sign-in requests. Default value is ``.
- email
Attribute string - Name of the attribute in the SAML response from the IdP that contains the user's email. Default value is ``.
- enable boolean
- Enable SAML SSO. Default value is
true
. - group
Attribute string - Name of the attribute in the SAML response from the IdP that contains the user's group memberships. Default value is ``.
- no
Auto booleanUser Creation - When automatic user creation is off, authenticated users are not automatically created inside Artifactory. Instead, for every request from an SSO user, the user is temporarily associated with default groups (if such groups are defined), and the permissions for these groups apply. Without auto-user creation, you must manually create the user inside Artifactory to manage user permissions not attached to their default groups. Default value is
false
. - sync
Groups boolean - Associate user with Artifactory groups based on the
group_attribute
provided in the SAML response from the identity provider. Default value isfalse
. - use
Encrypted booleanAssertion - When set, an X.509 public certificate will be created by Artifactory. Download this certificate and upload it to your IDP and choose your own encryption algorithm. This process will let you encrypt the assertion section in your SAML response. Default value is
false
. - verify
Audience booleanRestriction - Enable "audience", or who the SAML assertion is intended for. Ensures that the correct service provider intended for Artifactory is used on the IdP. Default value is
true
.
- login_
url str - Service provider login url configured on the IdP.
- logout_
url str - Service provider logout url, or where to redirect after user logs out.
- service_
provider_ strname - The SAML service provider name. This should be a URI that is also known as the entityID, providerID, or entity identity.
- allow_
user_ boolto_ access_ profile - Allow persisted users to access their profile. Default value is
true
. - auto_
redirect bool - Auto redirect to login through the IdP when clicking on Artifactory's login link. Default value is
false
. - certificate str
- SAML certificate that contains the public key for the IdP service provider. Used by Artifactory to verify sign-in requests. Default value is ``.
- email_
attribute str - Name of the attribute in the SAML response from the IdP that contains the user's email. Default value is ``.
- enable bool
- Enable SAML SSO. Default value is
true
. - group_
attribute str - Name of the attribute in the SAML response from the IdP that contains the user's group memberships. Default value is ``.
- no_
auto_ booluser_ creation - When automatic user creation is off, authenticated users are not automatically created inside Artifactory. Instead, for every request from an SSO user, the user is temporarily associated with default groups (if such groups are defined), and the permissions for these groups apply. Without auto-user creation, you must manually create the user inside Artifactory to manage user permissions not attached to their default groups. Default value is
false
. - sync_
groups bool - Associate user with Artifactory groups based on the
group_attribute
provided in the SAML response from the identity provider. Default value isfalse
. - use_
encrypted_ boolassertion - When set, an X.509 public certificate will be created by Artifactory. Download this certificate and upload it to your IDP and choose your own encryption algorithm. This process will let you encrypt the assertion section in your SAML response. Default value is
false
. - verify_
audience_ boolrestriction - Enable "audience", or who the SAML assertion is intended for. Ensures that the correct service provider intended for Artifactory is used on the IdP. Default value is
true
.
- login
Url String - Service provider login url configured on the IdP.
- logout
Url String - Service provider logout url, or where to redirect after user logs out.
- service
Provider StringName - The SAML service provider name. This should be a URI that is also known as the entityID, providerID, or entity identity.
- allow
User BooleanTo Access Profile - Allow persisted users to access their profile. Default value is
true
. - auto
Redirect Boolean - Auto redirect to login through the IdP when clicking on Artifactory's login link. Default value is
false
. - certificate String
- SAML certificate that contains the public key for the IdP service provider. Used by Artifactory to verify sign-in requests. Default value is ``.
- email
Attribute String - Name of the attribute in the SAML response from the IdP that contains the user's email. Default value is ``.
- enable Boolean
- Enable SAML SSO. Default value is
true
. - group
Attribute String - Name of the attribute in the SAML response from the IdP that contains the user's group memberships. Default value is ``.
- no
Auto BooleanUser Creation - When automatic user creation is off, authenticated users are not automatically created inside Artifactory. Instead, for every request from an SSO user, the user is temporarily associated with default groups (if such groups are defined), and the permissions for these groups apply. Without auto-user creation, you must manually create the user inside Artifactory to manage user permissions not attached to their default groups. Default value is
false
. - sync
Groups Boolean - Associate user with Artifactory groups based on the
group_attribute
provided in the SAML response from the identity provider. Default value isfalse
. - use
Encrypted BooleanAssertion - When set, an X.509 public certificate will be created by Artifactory. Download this certificate and upload it to your IDP and choose your own encryption algorithm. This process will let you encrypt the assertion section in your SAML response. Default value is
false
. - verify
Audience BooleanRestriction - Enable "audience", or who the SAML assertion is intended for. Ensures that the correct service provider intended for Artifactory is used on the IdP. Default value is
true
.
Outputs
All input properties are implicitly available as output properties. Additionally, the SamlSettings resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing SamlSettings Resource
Get an existing SamlSettings resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: SamlSettingsState, opts?: CustomResourceOptions): SamlSettings
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
allow_user_to_access_profile: Optional[bool] = None,
auto_redirect: Optional[bool] = None,
certificate: Optional[str] = None,
email_attribute: Optional[str] = None,
enable: Optional[bool] = None,
group_attribute: Optional[str] = None,
login_url: Optional[str] = None,
logout_url: Optional[str] = None,
no_auto_user_creation: Optional[bool] = None,
service_provider_name: Optional[str] = None,
sync_groups: Optional[bool] = None,
use_encrypted_assertion: Optional[bool] = None,
verify_audience_restriction: Optional[bool] = None) -> SamlSettings
func GetSamlSettings(ctx *Context, name string, id IDInput, state *SamlSettingsState, opts ...ResourceOption) (*SamlSettings, error)
public static SamlSettings Get(string name, Input<string> id, SamlSettingsState? state, CustomResourceOptions? opts = null)
public static SamlSettings get(String name, Output<String> id, SamlSettingsState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Allow
User boolTo Access Profile - Allow persisted users to access their profile. Default value is
true
. - Auto
Redirect bool - Auto redirect to login through the IdP when clicking on Artifactory's login link. Default value is
false
. - Certificate string
- SAML certificate that contains the public key for the IdP service provider. Used by Artifactory to verify sign-in requests. Default value is ``.
- Email
Attribute string - Name of the attribute in the SAML response from the IdP that contains the user's email. Default value is ``.
- Enable bool
- Enable SAML SSO. Default value is
true
. - Group
Attribute string - Name of the attribute in the SAML response from the IdP that contains the user's group memberships. Default value is ``.
- Login
Url string - Service provider login url configured on the IdP.
- Logout
Url string - Service provider logout url, or where to redirect after user logs out.
- No
Auto boolUser Creation - When automatic user creation is off, authenticated users are not automatically created inside Artifactory. Instead, for every request from an SSO user, the user is temporarily associated with default groups (if such groups are defined), and the permissions for these groups apply. Without auto-user creation, you must manually create the user inside Artifactory to manage user permissions not attached to their default groups. Default value is
false
. - Service
Provider stringName - The SAML service provider name. This should be a URI that is also known as the entityID, providerID, or entity identity.
- Sync
Groups bool - Associate user with Artifactory groups based on the
group_attribute
provided in the SAML response from the identity provider. Default value isfalse
. - Use
Encrypted boolAssertion - When set, an X.509 public certificate will be created by Artifactory. Download this certificate and upload it to your IDP and choose your own encryption algorithm. This process will let you encrypt the assertion section in your SAML response. Default value is
false
. - Verify
Audience boolRestriction - Enable "audience", or who the SAML assertion is intended for. Ensures that the correct service provider intended for Artifactory is used on the IdP. Default value is
true
.
- Allow
User boolTo Access Profile - Allow persisted users to access their profile. Default value is
true
. - Auto
Redirect bool - Auto redirect to login through the IdP when clicking on Artifactory's login link. Default value is
false
. - Certificate string
- SAML certificate that contains the public key for the IdP service provider. Used by Artifactory to verify sign-in requests. Default value is ``.
- Email
Attribute string - Name of the attribute in the SAML response from the IdP that contains the user's email. Default value is ``.
- Enable bool
- Enable SAML SSO. Default value is
true
. - Group
Attribute string - Name of the attribute in the SAML response from the IdP that contains the user's group memberships. Default value is ``.
- Login
Url string - Service provider login url configured on the IdP.
- Logout
Url string - Service provider logout url, or where to redirect after user logs out.
- No
Auto boolUser Creation - When automatic user creation is off, authenticated users are not automatically created inside Artifactory. Instead, for every request from an SSO user, the user is temporarily associated with default groups (if such groups are defined), and the permissions for these groups apply. Without auto-user creation, you must manually create the user inside Artifactory to manage user permissions not attached to their default groups. Default value is
false
. - Service
Provider stringName - The SAML service provider name. This should be a URI that is also known as the entityID, providerID, or entity identity.
- Sync
Groups bool - Associate user with Artifactory groups based on the
group_attribute
provided in the SAML response from the identity provider. Default value isfalse
. - Use
Encrypted boolAssertion - When set, an X.509 public certificate will be created by Artifactory. Download this certificate and upload it to your IDP and choose your own encryption algorithm. This process will let you encrypt the assertion section in your SAML response. Default value is
false
. - Verify
Audience boolRestriction - Enable "audience", or who the SAML assertion is intended for. Ensures that the correct service provider intended for Artifactory is used on the IdP. Default value is
true
.
- allow
User BooleanTo Access Profile - Allow persisted users to access their profile. Default value is
true
. - auto
Redirect Boolean - Auto redirect to login through the IdP when clicking on Artifactory's login link. Default value is
false
. - certificate String
- SAML certificate that contains the public key for the IdP service provider. Used by Artifactory to verify sign-in requests. Default value is ``.
- email
Attribute String - Name of the attribute in the SAML response from the IdP that contains the user's email. Default value is ``.
- enable Boolean
- Enable SAML SSO. Default value is
true
. - group
Attribute String - Name of the attribute in the SAML response from the IdP that contains the user's group memberships. Default value is ``.
- login
Url String - Service provider login url configured on the IdP.
- logout
Url String - Service provider logout url, or where to redirect after user logs out.
- no
Auto BooleanUser Creation - When automatic user creation is off, authenticated users are not automatically created inside Artifactory. Instead, for every request from an SSO user, the user is temporarily associated with default groups (if such groups are defined), and the permissions for these groups apply. Without auto-user creation, you must manually create the user inside Artifactory to manage user permissions not attached to their default groups. Default value is
false
. - service
Provider StringName - The SAML service provider name. This should be a URI that is also known as the entityID, providerID, or entity identity.
- sync
Groups Boolean - Associate user with Artifactory groups based on the
group_attribute
provided in the SAML response from the identity provider. Default value isfalse
. - use
Encrypted BooleanAssertion - When set, an X.509 public certificate will be created by Artifactory. Download this certificate and upload it to your IDP and choose your own encryption algorithm. This process will let you encrypt the assertion section in your SAML response. Default value is
false
. - verify
Audience BooleanRestriction - Enable "audience", or who the SAML assertion is intended for. Ensures that the correct service provider intended for Artifactory is used on the IdP. Default value is
true
.
- allow
User booleanTo Access Profile - Allow persisted users to access their profile. Default value is
true
. - auto
Redirect boolean - Auto redirect to login through the IdP when clicking on Artifactory's login link. Default value is
false
. - certificate string
- SAML certificate that contains the public key for the IdP service provider. Used by Artifactory to verify sign-in requests. Default value is ``.
- email
Attribute string - Name of the attribute in the SAML response from the IdP that contains the user's email. Default value is ``.
- enable boolean
- Enable SAML SSO. Default value is
true
. - group
Attribute string - Name of the attribute in the SAML response from the IdP that contains the user's group memberships. Default value is ``.
- login
Url string - Service provider login url configured on the IdP.
- logout
Url string - Service provider logout url, or where to redirect after user logs out.
- no
Auto booleanUser Creation - When automatic user creation is off, authenticated users are not automatically created inside Artifactory. Instead, for every request from an SSO user, the user is temporarily associated with default groups (if such groups are defined), and the permissions for these groups apply. Without auto-user creation, you must manually create the user inside Artifactory to manage user permissions not attached to their default groups. Default value is
false
. - service
Provider stringName - The SAML service provider name. This should be a URI that is also known as the entityID, providerID, or entity identity.
- sync
Groups boolean - Associate user with Artifactory groups based on the
group_attribute
provided in the SAML response from the identity provider. Default value isfalse
. - use
Encrypted booleanAssertion - When set, an X.509 public certificate will be created by Artifactory. Download this certificate and upload it to your IDP and choose your own encryption algorithm. This process will let you encrypt the assertion section in your SAML response. Default value is
false
. - verify
Audience booleanRestriction - Enable "audience", or who the SAML assertion is intended for. Ensures that the correct service provider intended for Artifactory is used on the IdP. Default value is
true
.
- allow_
user_ boolto_ access_ profile - Allow persisted users to access their profile. Default value is
true
. - auto_
redirect bool - Auto redirect to login through the IdP when clicking on Artifactory's login link. Default value is
false
. - certificate str
- SAML certificate that contains the public key for the IdP service provider. Used by Artifactory to verify sign-in requests. Default value is ``.
- email_
attribute str - Name of the attribute in the SAML response from the IdP that contains the user's email. Default value is ``.
- enable bool
- Enable SAML SSO. Default value is
true
. - group_
attribute str - Name of the attribute in the SAML response from the IdP that contains the user's group memberships. Default value is ``.
- login_
url str - Service provider login url configured on the IdP.
- logout_
url str - Service provider logout url, or where to redirect after user logs out.
- no_
auto_ booluser_ creation - When automatic user creation is off, authenticated users are not automatically created inside Artifactory. Instead, for every request from an SSO user, the user is temporarily associated with default groups (if such groups are defined), and the permissions for these groups apply. Without auto-user creation, you must manually create the user inside Artifactory to manage user permissions not attached to their default groups. Default value is
false
. - service_
provider_ strname - The SAML service provider name. This should be a URI that is also known as the entityID, providerID, or entity identity.
- sync_
groups bool - Associate user with Artifactory groups based on the
group_attribute
provided in the SAML response from the identity provider. Default value isfalse
. - use_
encrypted_ boolassertion - When set, an X.509 public certificate will be created by Artifactory. Download this certificate and upload it to your IDP and choose your own encryption algorithm. This process will let you encrypt the assertion section in your SAML response. Default value is
false
. - verify_
audience_ boolrestriction - Enable "audience", or who the SAML assertion is intended for. Ensures that the correct service provider intended for Artifactory is used on the IdP. Default value is
true
.
- allow
User BooleanTo Access Profile - Allow persisted users to access their profile. Default value is
true
. - auto
Redirect Boolean - Auto redirect to login through the IdP when clicking on Artifactory's login link. Default value is
false
. - certificate String
- SAML certificate that contains the public key for the IdP service provider. Used by Artifactory to verify sign-in requests. Default value is ``.
- email
Attribute String - Name of the attribute in the SAML response from the IdP that contains the user's email. Default value is ``.
- enable Boolean
- Enable SAML SSO. Default value is
true
. - group
Attribute String - Name of the attribute in the SAML response from the IdP that contains the user's group memberships. Default value is ``.
- login
Url String - Service provider login url configured on the IdP.
- logout
Url String - Service provider logout url, or where to redirect after user logs out.
- no
Auto BooleanUser Creation - When automatic user creation is off, authenticated users are not automatically created inside Artifactory. Instead, for every request from an SSO user, the user is temporarily associated with default groups (if such groups are defined), and the permissions for these groups apply. Without auto-user creation, you must manually create the user inside Artifactory to manage user permissions not attached to their default groups. Default value is
false
. - service
Provider StringName - The SAML service provider name. This should be a URI that is also known as the entityID, providerID, or entity identity.
- sync
Groups Boolean - Associate user with Artifactory groups based on the
group_attribute
provided in the SAML response from the identity provider. Default value isfalse
. - use
Encrypted BooleanAssertion - When set, an X.509 public certificate will be created by Artifactory. Download this certificate and upload it to your IDP and choose your own encryption algorithm. This process will let you encrypt the assertion section in your SAML response. Default value is
false
. - verify
Audience BooleanRestriction - Enable "audience", or who the SAML assertion is intended for. Ensures that the correct service provider intended for Artifactory is used on the IdP. Default value is
true
.
Import
Current SAML SSO settings can be imported using saml_settings
as the ID
, e.g.
$ pulumi import artifactory:index/samlSettings:SamlSettings saml saml_settings
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- artifactory pulumi/pulumi-artifactory
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
artifactory
Terraform Provider.