consul.AclAuthMethod
Explore with Pulumi AI
Starting with Consul 1.5.0, the consul.AclAuthMethod
resource can be used to managed Consul ACL auth methods.
Example Usage
Define a kubernetes
auth method:
import * as pulumi from "@pulumi/pulumi";
import * as consul from "@pulumi/consul";
const minikube = new consul.AclAuthMethod("minikube", {
name: "minikube",
type: "kubernetes",
description: "dev minikube cluster",
configJson: JSON.stringify({
Host: "https://192.0.2.42:8443",
CACert: `-----BEGIN CERTIFICATE-----
...-----END CERTIFICATE-----
`,
ServiceAccountJWT: "eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9...",
}),
});
import pulumi
import json
import pulumi_consul as consul
minikube = consul.AclAuthMethod("minikube",
name="minikube",
type="kubernetes",
description="dev minikube cluster",
config_json=json.dumps({
"Host": "https://192.0.2.42:8443",
"CACert": """-----BEGIN CERTIFICATE-----
...-----END CERTIFICATE-----
""",
"ServiceAccountJWT": "eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9...",
}))
package main
import (
"encoding/json"
"github.com/pulumi/pulumi-consul/sdk/v3/go/consul"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
tmpJSON0, err := json.Marshal(map[string]interface{}{
"Host": "https://192.0.2.42:8443",
"CACert": "-----BEGIN CERTIFICATE-----\n...-----END CERTIFICATE-----\n",
"ServiceAccountJWT": "eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9...",
})
if err != nil {
return err
}
json0 := string(tmpJSON0)
_, err = consul.NewAclAuthMethod(ctx, "minikube", &consul.AclAuthMethodArgs{
Name: pulumi.String("minikube"),
Type: pulumi.String("kubernetes"),
Description: pulumi.String("dev minikube cluster"),
ConfigJson: pulumi.String(json0),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using System.Text.Json;
using Pulumi;
using Consul = Pulumi.Consul;
return await Deployment.RunAsync(() =>
{
var minikube = new Consul.AclAuthMethod("minikube", new()
{
Name = "minikube",
Type = "kubernetes",
Description = "dev minikube cluster",
ConfigJson = JsonSerializer.Serialize(new Dictionary<string, object?>
{
["Host"] = "https://192.0.2.42:8443",
["CACert"] = @"-----BEGIN CERTIFICATE-----
...-----END CERTIFICATE-----
",
["ServiceAccountJWT"] = "eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9...",
}),
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.consul.AclAuthMethod;
import com.pulumi.consul.AclAuthMethodArgs;
import static com.pulumi.codegen.internal.Serialization.*;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var minikube = new AclAuthMethod("minikube", AclAuthMethodArgs.builder()
.name("minikube")
.type("kubernetes")
.description("dev minikube cluster")
.configJson(serializeJson(
jsonObject(
jsonProperty("Host", "https://192.0.2.42:8443"),
jsonProperty("CACert", """
-----BEGIN CERTIFICATE-----
...-----END CERTIFICATE-----
"""),
jsonProperty("ServiceAccountJWT", "eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9...")
)))
.build());
}
}
resources:
minikube:
type: consul:AclAuthMethod
properties:
name: minikube
type: kubernetes
description: dev minikube cluster
configJson:
fn::toJSON:
Host: https://192.0.2.42:8443
CACert: |
-----BEGIN CERTIFICATE-----
...-----END CERTIFICATE-----
ServiceAccountJWT: eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9...
Define a jwt
auth method:
import * as pulumi from "@pulumi/pulumi";
import * as consul from "@pulumi/consul";
const oidc = new consul.AclAuthMethod("oidc", {
name: "auth0",
type: "oidc",
maxTokenTtl: "5m",
configJson: JSON.stringify({
AllowedRedirectURIs: [
"http://localhost:8550/oidc/callback",
"http://localhost:8500/ui/oidc/callback",
],
BoundAudiences: ["V1RPi2MYptMV1RPi2MYptMV1RPi2MYpt"],
ClaimMappings: {
"http://example.com/first_name": "first_name",
"http://example.com/last_name": "last_name",
},
ListClaimMappings: {
"http://consul.com/groups": "groups",
},
OIDCClientID: "V1RPi2MYptMV1RPi2MYptMV1RPi2MYpt",
OIDCClientSecret: "...(omitted)...",
OIDCDiscoveryURL: "https://my-corp-app-name.auth0.com/",
}),
});
import pulumi
import json
import pulumi_consul as consul
oidc = consul.AclAuthMethod("oidc",
name="auth0",
type="oidc",
max_token_ttl="5m",
config_json=json.dumps({
"AllowedRedirectURIs": [
"http://localhost:8550/oidc/callback",
"http://localhost:8500/ui/oidc/callback",
],
"BoundAudiences": ["V1RPi2MYptMV1RPi2MYptMV1RPi2MYpt"],
"ClaimMappings": {
"http://example.com/first_name": "first_name",
"http://example.com/last_name": "last_name",
},
"ListClaimMappings": {
"http://consul.com/groups": "groups",
},
"OIDCClientID": "V1RPi2MYptMV1RPi2MYptMV1RPi2MYpt",
"OIDCClientSecret": "...(omitted)...",
"OIDCDiscoveryURL": "https://my-corp-app-name.auth0.com/",
}))
package main
import (
"encoding/json"
"github.com/pulumi/pulumi-consul/sdk/v3/go/consul"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
tmpJSON0, err := json.Marshal(map[string]interface{}{
"AllowedRedirectURIs": []string{
"http://localhost:8550/oidc/callback",
"http://localhost:8500/ui/oidc/callback",
},
"BoundAudiences": []string{
"V1RPi2MYptMV1RPi2MYptMV1RPi2MYpt",
},
"ClaimMappings": map[string]interface{}{
"http://example.com/first_name": "first_name",
"http://example.com/last_name": "last_name",
},
"ListClaimMappings": map[string]interface{}{
"http://consul.com/groups": "groups",
},
"OIDCClientID": "V1RPi2MYptMV1RPi2MYptMV1RPi2MYpt",
"OIDCClientSecret": "...(omitted)...",
"OIDCDiscoveryURL": "https://my-corp-app-name.auth0.com/",
})
if err != nil {
return err
}
json0 := string(tmpJSON0)
_, err = consul.NewAclAuthMethod(ctx, "oidc", &consul.AclAuthMethodArgs{
Name: pulumi.String("auth0"),
Type: pulumi.String("oidc"),
MaxTokenTtl: pulumi.String("5m"),
ConfigJson: pulumi.String(json0),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using System.Text.Json;
using Pulumi;
using Consul = Pulumi.Consul;
return await Deployment.RunAsync(() =>
{
var oidc = new Consul.AclAuthMethod("oidc", new()
{
Name = "auth0",
Type = "oidc",
MaxTokenTtl = "5m",
ConfigJson = JsonSerializer.Serialize(new Dictionary<string, object?>
{
["AllowedRedirectURIs"] = new[]
{
"http://localhost:8550/oidc/callback",
"http://localhost:8500/ui/oidc/callback",
},
["BoundAudiences"] = new[]
{
"V1RPi2MYptMV1RPi2MYptMV1RPi2MYpt",
},
["ClaimMappings"] = new Dictionary<string, object?>
{
["http://example.com/first_name"] = "first_name",
["http://example.com/last_name"] = "last_name",
},
["ListClaimMappings"] = new Dictionary<string, object?>
{
["http://consul.com/groups"] = "groups",
},
["OIDCClientID"] = "V1RPi2MYptMV1RPi2MYptMV1RPi2MYpt",
["OIDCClientSecret"] = "...(omitted)...",
["OIDCDiscoveryURL"] = "https://my-corp-app-name.auth0.com/",
}),
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.consul.AclAuthMethod;
import com.pulumi.consul.AclAuthMethodArgs;
import static com.pulumi.codegen.internal.Serialization.*;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var oidc = new AclAuthMethod("oidc", AclAuthMethodArgs.builder()
.name("auth0")
.type("oidc")
.maxTokenTtl("5m")
.configJson(serializeJson(
jsonObject(
jsonProperty("AllowedRedirectURIs", jsonArray(
"http://localhost:8550/oidc/callback",
"http://localhost:8500/ui/oidc/callback"
)),
jsonProperty("BoundAudiences", jsonArray("V1RPi2MYptMV1RPi2MYptMV1RPi2MYpt")),
jsonProperty("ClaimMappings", jsonObject(
jsonProperty("http://example.com/first_name", "first_name"),
jsonProperty("http://example.com/last_name", "last_name")
)),
jsonProperty("ListClaimMappings", jsonObject(
jsonProperty("http://consul.com/groups", "groups")
)),
jsonProperty("OIDCClientID", "V1RPi2MYptMV1RPi2MYptMV1RPi2MYpt"),
jsonProperty("OIDCClientSecret", "...(omitted)..."),
jsonProperty("OIDCDiscoveryURL", "https://my-corp-app-name.auth0.com/")
)))
.build());
}
}
resources:
oidc:
type: consul:AclAuthMethod
properties:
name: auth0
type: oidc
maxTokenTtl: 5m
configJson:
fn::toJSON:
AllowedRedirectURIs:
- http://localhost:8550/oidc/callback
- http://localhost:8500/ui/oidc/callback
BoundAudiences:
- V1RPi2MYptMV1RPi2MYptMV1RPi2MYpt
ClaimMappings:
http://example.com/first_name: first_name
http://example.com/last_name: last_name
ListClaimMappings:
http://consul.com/groups: groups
OIDCClientID: V1RPi2MYptMV1RPi2MYptMV1RPi2MYpt
OIDCClientSecret: '...(omitted)...'
OIDCDiscoveryURL: https://my-corp-app-name.auth0.com/
Create AclAuthMethod Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new AclAuthMethod(name: string, args: AclAuthMethodArgs, opts?: CustomResourceOptions);
@overload
def AclAuthMethod(resource_name: str,
args: AclAuthMethodArgs,
opts: Optional[ResourceOptions] = None)
@overload
def AclAuthMethod(resource_name: str,
opts: Optional[ResourceOptions] = None,
type: Optional[str] = None,
config: Optional[Mapping[str, str]] = None,
config_json: Optional[str] = None,
description: Optional[str] = None,
display_name: Optional[str] = None,
max_token_ttl: Optional[str] = None,
name: Optional[str] = None,
namespace: Optional[str] = None,
namespace_rules: Optional[Sequence[AclAuthMethodNamespaceRuleArgs]] = None,
partition: Optional[str] = None,
token_locality: Optional[str] = None)
func NewAclAuthMethod(ctx *Context, name string, args AclAuthMethodArgs, opts ...ResourceOption) (*AclAuthMethod, error)
public AclAuthMethod(string name, AclAuthMethodArgs args, CustomResourceOptions? opts = null)
public AclAuthMethod(String name, AclAuthMethodArgs args)
public AclAuthMethod(String name, AclAuthMethodArgs args, CustomResourceOptions options)
type: consul:AclAuthMethod
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args AclAuthMethodArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args AclAuthMethodArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args AclAuthMethodArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args AclAuthMethodArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args AclAuthMethodArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var aclAuthMethodResource = new Consul.AclAuthMethod("aclAuthMethodResource", new()
{
Type = "string",
ConfigJson = "string",
Description = "string",
DisplayName = "string",
MaxTokenTtl = "string",
Name = "string",
Namespace = "string",
NamespaceRules = new[]
{
new Consul.Inputs.AclAuthMethodNamespaceRuleArgs
{
BindNamespace = "string",
Selector = "string",
},
},
Partition = "string",
TokenLocality = "string",
});
example, err := consul.NewAclAuthMethod(ctx, "aclAuthMethodResource", &consul.AclAuthMethodArgs{
Type: pulumi.String("string"),
ConfigJson: pulumi.String("string"),
Description: pulumi.String("string"),
DisplayName: pulumi.String("string"),
MaxTokenTtl: pulumi.String("string"),
Name: pulumi.String("string"),
Namespace: pulumi.String("string"),
NamespaceRules: consul.AclAuthMethodNamespaceRuleArray{
&consul.AclAuthMethodNamespaceRuleArgs{
BindNamespace: pulumi.String("string"),
Selector: pulumi.String("string"),
},
},
Partition: pulumi.String("string"),
TokenLocality: pulumi.String("string"),
})
var aclAuthMethodResource = new AclAuthMethod("aclAuthMethodResource", AclAuthMethodArgs.builder()
.type("string")
.configJson("string")
.description("string")
.displayName("string")
.maxTokenTtl("string")
.name("string")
.namespace("string")
.namespaceRules(AclAuthMethodNamespaceRuleArgs.builder()
.bindNamespace("string")
.selector("string")
.build())
.partition("string")
.tokenLocality("string")
.build());
acl_auth_method_resource = consul.AclAuthMethod("aclAuthMethodResource",
type="string",
config_json="string",
description="string",
display_name="string",
max_token_ttl="string",
name="string",
namespace="string",
namespace_rules=[{
"bind_namespace": "string",
"selector": "string",
}],
partition="string",
token_locality="string")
const aclAuthMethodResource = new consul.AclAuthMethod("aclAuthMethodResource", {
type: "string",
configJson: "string",
description: "string",
displayName: "string",
maxTokenTtl: "string",
name: "string",
namespace: "string",
namespaceRules: [{
bindNamespace: "string",
selector: "string",
}],
partition: "string",
tokenLocality: "string",
});
type: consul:AclAuthMethod
properties:
configJson: string
description: string
displayName: string
maxTokenTtl: string
name: string
namespace: string
namespaceRules:
- bindNamespace: string
selector: string
partition: string
tokenLocality: string
type: string
AclAuthMethod Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The AclAuthMethod resource accepts the following input properties:
- Type string
- The type of the ACL auth method.
- Config Dictionary<string, string>
- The raw configuration for this ACL auth method.
- Config
Json string - The raw configuration for this ACL auth method.
- Description string
- A free form human readable description of the auth method.
- Display
Name string - An optional name to use instead of the name attribute when displaying information about this auth method.
- Max
Token stringTtl - The maximum life of any token created by this auth method. This attribute is required and must be set to a nonzero for the OIDC auth method.
- Name string
- The name of the ACL auth method.
- Namespace string
- The namespace in which to create the auth method.
- Namespace
Rules List<AclAuth Method Namespace Rule> - A set of rules that control which namespace tokens created via this auth method will be created within.
- Partition string
- The partition the ACL auth method is associated with.
- Token
Locality string - The kind of token that this auth method produces. This can be either 'local' or 'global'.
- Type string
- The type of the ACL auth method.
- Config map[string]string
- The raw configuration for this ACL auth method.
- Config
Json string - The raw configuration for this ACL auth method.
- Description string
- A free form human readable description of the auth method.
- Display
Name string - An optional name to use instead of the name attribute when displaying information about this auth method.
- Max
Token stringTtl - The maximum life of any token created by this auth method. This attribute is required and must be set to a nonzero for the OIDC auth method.
- Name string
- The name of the ACL auth method.
- Namespace string
- The namespace in which to create the auth method.
- Namespace
Rules []AclAuth Method Namespace Rule Args - A set of rules that control which namespace tokens created via this auth method will be created within.
- Partition string
- The partition the ACL auth method is associated with.
- Token
Locality string - The kind of token that this auth method produces. This can be either 'local' or 'global'.
- type String
- The type of the ACL auth method.
- config Map<String,String>
- The raw configuration for this ACL auth method.
- config
Json String - The raw configuration for this ACL auth method.
- description String
- A free form human readable description of the auth method.
- display
Name String - An optional name to use instead of the name attribute when displaying information about this auth method.
- max
Token StringTtl - The maximum life of any token created by this auth method. This attribute is required and must be set to a nonzero for the OIDC auth method.
- name String
- The name of the ACL auth method.
- namespace String
- The namespace in which to create the auth method.
- namespace
Rules List<AclAuth Method Namespace Rule> - A set of rules that control which namespace tokens created via this auth method will be created within.
- partition String
- The partition the ACL auth method is associated with.
- token
Locality String - The kind of token that this auth method produces. This can be either 'local' or 'global'.
- type string
- The type of the ACL auth method.
- config {[key: string]: string}
- The raw configuration for this ACL auth method.
- config
Json string - The raw configuration for this ACL auth method.
- description string
- A free form human readable description of the auth method.
- display
Name string - An optional name to use instead of the name attribute when displaying information about this auth method.
- max
Token stringTtl - The maximum life of any token created by this auth method. This attribute is required and must be set to a nonzero for the OIDC auth method.
- name string
- The name of the ACL auth method.
- namespace string
- The namespace in which to create the auth method.
- namespace
Rules AclAuth Method Namespace Rule[] - A set of rules that control which namespace tokens created via this auth method will be created within.
- partition string
- The partition the ACL auth method is associated with.
- token
Locality string - The kind of token that this auth method produces. This can be either 'local' or 'global'.
- type str
- The type of the ACL auth method.
- config Mapping[str, str]
- The raw configuration for this ACL auth method.
- config_
json str - The raw configuration for this ACL auth method.
- description str
- A free form human readable description of the auth method.
- display_
name str - An optional name to use instead of the name attribute when displaying information about this auth method.
- max_
token_ strttl - The maximum life of any token created by this auth method. This attribute is required and must be set to a nonzero for the OIDC auth method.
- name str
- The name of the ACL auth method.
- namespace str
- The namespace in which to create the auth method.
- namespace_
rules Sequence[AclAuth Method Namespace Rule Args] - A set of rules that control which namespace tokens created via this auth method will be created within.
- partition str
- The partition the ACL auth method is associated with.
- token_
locality str - The kind of token that this auth method produces. This can be either 'local' or 'global'.
- type String
- The type of the ACL auth method.
- config Map<String>
- The raw configuration for this ACL auth method.
- config
Json String - The raw configuration for this ACL auth method.
- description String
- A free form human readable description of the auth method.
- display
Name String - An optional name to use instead of the name attribute when displaying information about this auth method.
- max
Token StringTtl - The maximum life of any token created by this auth method. This attribute is required and must be set to a nonzero for the OIDC auth method.
- name String
- The name of the ACL auth method.
- namespace String
- The namespace in which to create the auth method.
- namespace
Rules List<Property Map> - A set of rules that control which namespace tokens created via this auth method will be created within.
- partition String
- The partition the ACL auth method is associated with.
- token
Locality String - The kind of token that this auth method produces. This can be either 'local' or 'global'.
Outputs
All input properties are implicitly available as output properties. Additionally, the AclAuthMethod resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing AclAuthMethod Resource
Get an existing AclAuthMethod resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: AclAuthMethodState, opts?: CustomResourceOptions): AclAuthMethod
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
config: Optional[Mapping[str, str]] = None,
config_json: Optional[str] = None,
description: Optional[str] = None,
display_name: Optional[str] = None,
max_token_ttl: Optional[str] = None,
name: Optional[str] = None,
namespace: Optional[str] = None,
namespace_rules: Optional[Sequence[AclAuthMethodNamespaceRuleArgs]] = None,
partition: Optional[str] = None,
token_locality: Optional[str] = None,
type: Optional[str] = None) -> AclAuthMethod
func GetAclAuthMethod(ctx *Context, name string, id IDInput, state *AclAuthMethodState, opts ...ResourceOption) (*AclAuthMethod, error)
public static AclAuthMethod Get(string name, Input<string> id, AclAuthMethodState? state, CustomResourceOptions? opts = null)
public static AclAuthMethod get(String name, Output<String> id, AclAuthMethodState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Config Dictionary<string, string>
- The raw configuration for this ACL auth method.
- Config
Json string - The raw configuration for this ACL auth method.
- Description string
- A free form human readable description of the auth method.
- Display
Name string - An optional name to use instead of the name attribute when displaying information about this auth method.
- Max
Token stringTtl - The maximum life of any token created by this auth method. This attribute is required and must be set to a nonzero for the OIDC auth method.
- Name string
- The name of the ACL auth method.
- Namespace string
- The namespace in which to create the auth method.
- Namespace
Rules List<AclAuth Method Namespace Rule> - A set of rules that control which namespace tokens created via this auth method will be created within.
- Partition string
- The partition the ACL auth method is associated with.
- Token
Locality string - The kind of token that this auth method produces. This can be either 'local' or 'global'.
- Type string
- The type of the ACL auth method.
- Config map[string]string
- The raw configuration for this ACL auth method.
- Config
Json string - The raw configuration for this ACL auth method.
- Description string
- A free form human readable description of the auth method.
- Display
Name string - An optional name to use instead of the name attribute when displaying information about this auth method.
- Max
Token stringTtl - The maximum life of any token created by this auth method. This attribute is required and must be set to a nonzero for the OIDC auth method.
- Name string
- The name of the ACL auth method.
- Namespace string
- The namespace in which to create the auth method.
- Namespace
Rules []AclAuth Method Namespace Rule Args - A set of rules that control which namespace tokens created via this auth method will be created within.
- Partition string
- The partition the ACL auth method is associated with.
- Token
Locality string - The kind of token that this auth method produces. This can be either 'local' or 'global'.
- Type string
- The type of the ACL auth method.
- config Map<String,String>
- The raw configuration for this ACL auth method.
- config
Json String - The raw configuration for this ACL auth method.
- description String
- A free form human readable description of the auth method.
- display
Name String - An optional name to use instead of the name attribute when displaying information about this auth method.
- max
Token StringTtl - The maximum life of any token created by this auth method. This attribute is required and must be set to a nonzero for the OIDC auth method.
- name String
- The name of the ACL auth method.
- namespace String
- The namespace in which to create the auth method.
- namespace
Rules List<AclAuth Method Namespace Rule> - A set of rules that control which namespace tokens created via this auth method will be created within.
- partition String
- The partition the ACL auth method is associated with.
- token
Locality String - The kind of token that this auth method produces. This can be either 'local' or 'global'.
- type String
- The type of the ACL auth method.
- config {[key: string]: string}
- The raw configuration for this ACL auth method.
- config
Json string - The raw configuration for this ACL auth method.
- description string
- A free form human readable description of the auth method.
- display
Name string - An optional name to use instead of the name attribute when displaying information about this auth method.
- max
Token stringTtl - The maximum life of any token created by this auth method. This attribute is required and must be set to a nonzero for the OIDC auth method.
- name string
- The name of the ACL auth method.
- namespace string
- The namespace in which to create the auth method.
- namespace
Rules AclAuth Method Namespace Rule[] - A set of rules that control which namespace tokens created via this auth method will be created within.
- partition string
- The partition the ACL auth method is associated with.
- token
Locality string - The kind of token that this auth method produces. This can be either 'local' or 'global'.
- type string
- The type of the ACL auth method.
- config Mapping[str, str]
- The raw configuration for this ACL auth method.
- config_
json str - The raw configuration for this ACL auth method.
- description str
- A free form human readable description of the auth method.
- display_
name str - An optional name to use instead of the name attribute when displaying information about this auth method.
- max_
token_ strttl - The maximum life of any token created by this auth method. This attribute is required and must be set to a nonzero for the OIDC auth method.
- name str
- The name of the ACL auth method.
- namespace str
- The namespace in which to create the auth method.
- namespace_
rules Sequence[AclAuth Method Namespace Rule Args] - A set of rules that control which namespace tokens created via this auth method will be created within.
- partition str
- The partition the ACL auth method is associated with.
- token_
locality str - The kind of token that this auth method produces. This can be either 'local' or 'global'.
- type str
- The type of the ACL auth method.
- config Map<String>
- The raw configuration for this ACL auth method.
- config
Json String - The raw configuration for this ACL auth method.
- description String
- A free form human readable description of the auth method.
- display
Name String - An optional name to use instead of the name attribute when displaying information about this auth method.
- max
Token StringTtl - The maximum life of any token created by this auth method. This attribute is required and must be set to a nonzero for the OIDC auth method.
- name String
- The name of the ACL auth method.
- namespace String
- The namespace in which to create the auth method.
- namespace
Rules List<Property Map> - A set of rules that control which namespace tokens created via this auth method will be created within.
- partition String
- The partition the ACL auth method is associated with.
- token
Locality String - The kind of token that this auth method produces. This can be either 'local' or 'global'.
- type String
- The type of the ACL auth method.
Supporting Types
AclAuthMethodNamespaceRule, AclAuthMethodNamespaceRuleArgs
- Bind
Namespace string - If the namespace rule's
selector
matches then this is used to control the namespace where the token is created. - Selector string
- Specifies the expression used to match this namespace rule against valid identities returned from an auth method validation.
- Bind
Namespace string - If the namespace rule's
selector
matches then this is used to control the namespace where the token is created. - Selector string
- Specifies the expression used to match this namespace rule against valid identities returned from an auth method validation.
- bind
Namespace String - If the namespace rule's
selector
matches then this is used to control the namespace where the token is created. - selector String
- Specifies the expression used to match this namespace rule against valid identities returned from an auth method validation.
- bind
Namespace string - If the namespace rule's
selector
matches then this is used to control the namespace where the token is created. - selector string
- Specifies the expression used to match this namespace rule against valid identities returned from an auth method validation.
- bind_
namespace str - If the namespace rule's
selector
matches then this is used to control the namespace where the token is created. - selector str
- Specifies the expression used to match this namespace rule against valid identities returned from an auth method validation.
- bind
Namespace String - If the namespace rule's
selector
matches then this is used to control the namespace where the token is created. - selector String
- Specifies the expression used to match this namespace rule against valid identities returned from an auth method validation.
Package Details
- Repository
- HashiCorp Consul pulumi/pulumi-consul
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
consul
Terraform Provider.