fortios.user.Krbkeytab
Explore with Pulumi AI
Configure Kerberos keytab entries.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as fortios from "@pulumiverse/fortios";
const trname2 = new fortios.user.Ldap("trname2", {
accountKeyFilter: "(&(userPrincipalName=%s)(!(UserAccountControl:1.2.840.113556.1.4.803:=2)))",
accountKeyProcessing: "same",
cnid: "cn",
dn: "EIWNCIEW",
groupMemberCheck: "user-attr",
groupObjectFilter: "(&(objectcategory=group)(member=*))",
memberAttr: "memberOf",
passwordExpiryWarning: "disable",
passwordRenewal: "disable",
port: 389,
secure: "disable",
server: "1.1.1.1",
serverIdentityCheck: "disable",
sourceIp: "0.0.0.0",
sslMinProtoVersion: "default",
type: "simple",
});
const trname = new fortios.user.Krbkeytab("trname", {
keytab: "ZXdlY2VxcmVxd3Jld3E=",
ldapServer: trname2.name,
principal: "testprin",
});
import pulumi
import pulumiverse_fortios as fortios
trname2 = fortios.user.Ldap("trname2",
account_key_filter="(&(userPrincipalName=%s)(!(UserAccountControl:1.2.840.113556.1.4.803:=2)))",
account_key_processing="same",
cnid="cn",
dn="EIWNCIEW",
group_member_check="user-attr",
group_object_filter="(&(objectcategory=group)(member=*))",
member_attr="memberOf",
password_expiry_warning="disable",
password_renewal="disable",
port=389,
secure="disable",
server="1.1.1.1",
server_identity_check="disable",
source_ip="0.0.0.0",
ssl_min_proto_version="default",
type="simple")
trname = fortios.user.Krbkeytab("trname",
keytab="ZXdlY2VxcmVxd3Jld3E=",
ldap_server=trname2.name,
principal="testprin")
package main
import (
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
"github.com/pulumiverse/pulumi-fortios/sdk/go/fortios/user"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
trname2, err := user.NewLdap(ctx, "trname2", &user.LdapArgs{
AccountKeyFilter: pulumi.String("(&(userPrincipalName=%s)(!(UserAccountControl:1.2.840.113556.1.4.803:=2)))"),
AccountKeyProcessing: pulumi.String("same"),
Cnid: pulumi.String("cn"),
Dn: pulumi.String("EIWNCIEW"),
GroupMemberCheck: pulumi.String("user-attr"),
GroupObjectFilter: pulumi.String("(&(objectcategory=group)(member=*))"),
MemberAttr: pulumi.String("memberOf"),
PasswordExpiryWarning: pulumi.String("disable"),
PasswordRenewal: pulumi.String("disable"),
Port: pulumi.Int(389),
Secure: pulumi.String("disable"),
Server: pulumi.String("1.1.1.1"),
ServerIdentityCheck: pulumi.String("disable"),
SourceIp: pulumi.String("0.0.0.0"),
SslMinProtoVersion: pulumi.String("default"),
Type: pulumi.String("simple"),
})
if err != nil {
return err
}
_, err = user.NewKrbkeytab(ctx, "trname", &user.KrbkeytabArgs{
Keytab: pulumi.String("ZXdlY2VxcmVxd3Jld3E="),
LdapServer: trname2.Name,
Principal: pulumi.String("testprin"),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Fortios = Pulumiverse.Fortios;
return await Deployment.RunAsync(() =>
{
var trname2 = new Fortios.User.Ldap("trname2", new()
{
AccountKeyFilter = "(&(userPrincipalName=%s)(!(UserAccountControl:1.2.840.113556.1.4.803:=2)))",
AccountKeyProcessing = "same",
Cnid = "cn",
Dn = "EIWNCIEW",
GroupMemberCheck = "user-attr",
GroupObjectFilter = "(&(objectcategory=group)(member=*))",
MemberAttr = "memberOf",
PasswordExpiryWarning = "disable",
PasswordRenewal = "disable",
Port = 389,
Secure = "disable",
Server = "1.1.1.1",
ServerIdentityCheck = "disable",
SourceIp = "0.0.0.0",
SslMinProtoVersion = "default",
Type = "simple",
});
var trname = new Fortios.User.Krbkeytab("trname", new()
{
Keytab = "ZXdlY2VxcmVxd3Jld3E=",
LdapServer = trname2.Name,
Principal = "testprin",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.fortios.user.Ldap;
import com.pulumi.fortios.user.LdapArgs;
import com.pulumi.fortios.user.Krbkeytab;
import com.pulumi.fortios.user.KrbkeytabArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var trname2 = new Ldap("trname2", LdapArgs.builder()
.accountKeyFilter("(&(userPrincipalName=%s)(!(UserAccountControl:1.2.840.113556.1.4.803:=2)))")
.accountKeyProcessing("same")
.cnid("cn")
.dn("EIWNCIEW")
.groupMemberCheck("user-attr")
.groupObjectFilter("(&(objectcategory=group)(member=*))")
.memberAttr("memberOf")
.passwordExpiryWarning("disable")
.passwordRenewal("disable")
.port(389)
.secure("disable")
.server("1.1.1.1")
.serverIdentityCheck("disable")
.sourceIp("0.0.0.0")
.sslMinProtoVersion("default")
.type("simple")
.build());
var trname = new Krbkeytab("trname", KrbkeytabArgs.builder()
.keytab("ZXdlY2VxcmVxd3Jld3E=")
.ldapServer(trname2.name())
.principal("testprin")
.build());
}
}
resources:
trname2:
type: fortios:user:Ldap
properties:
accountKeyFilter: (&(userPrincipalName=%s)(!(UserAccountControl:1.2.840.113556.1.4.803:=2)))
accountKeyProcessing: same
cnid: cn
dn: EIWNCIEW
groupMemberCheck: user-attr
groupObjectFilter: (&(objectcategory=group)(member=*))
memberAttr: memberOf
passwordExpiryWarning: disable
passwordRenewal: disable
port: 389
secure: disable
server: 1.1.1.1
serverIdentityCheck: disable
sourceIp: 0.0.0.0
sslMinProtoVersion: default
type: simple
trname:
type: fortios:user:Krbkeytab
properties:
keytab: ZXdlY2VxcmVxd3Jld3E=
ldapServer: ${trname2.name}
principal: testprin
Create Krbkeytab Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Krbkeytab(name: string, args: KrbkeytabArgs, opts?: CustomResourceOptions);
@overload
def Krbkeytab(resource_name: str,
args: KrbkeytabArgs,
opts: Optional[ResourceOptions] = None)
@overload
def Krbkeytab(resource_name: str,
opts: Optional[ResourceOptions] = None,
keytab: Optional[str] = None,
ldap_server: Optional[str] = None,
principal: Optional[str] = None,
name: Optional[str] = None,
pac_data: Optional[str] = None,
vdomparam: Optional[str] = None)
func NewKrbkeytab(ctx *Context, name string, args KrbkeytabArgs, opts ...ResourceOption) (*Krbkeytab, error)
public Krbkeytab(string name, KrbkeytabArgs args, CustomResourceOptions? opts = null)
public Krbkeytab(String name, KrbkeytabArgs args)
public Krbkeytab(String name, KrbkeytabArgs args, CustomResourceOptions options)
type: fortios:user:Krbkeytab
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args KrbkeytabArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args KrbkeytabArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args KrbkeytabArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args KrbkeytabArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args KrbkeytabArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var krbkeytabResource = new Fortios.User.Krbkeytab("krbkeytabResource", new()
{
Keytab = "string",
LdapServer = "string",
Principal = "string",
Name = "string",
PacData = "string",
Vdomparam = "string",
});
example, err := user.NewKrbkeytab(ctx, "krbkeytabResource", &user.KrbkeytabArgs{
Keytab: pulumi.String("string"),
LdapServer: pulumi.String("string"),
Principal: pulumi.String("string"),
Name: pulumi.String("string"),
PacData: pulumi.String("string"),
Vdomparam: pulumi.String("string"),
})
var krbkeytabResource = new Krbkeytab("krbkeytabResource", KrbkeytabArgs.builder()
.keytab("string")
.ldapServer("string")
.principal("string")
.name("string")
.pacData("string")
.vdomparam("string")
.build());
krbkeytab_resource = fortios.user.Krbkeytab("krbkeytabResource",
keytab="string",
ldap_server="string",
principal="string",
name="string",
pac_data="string",
vdomparam="string")
const krbkeytabResource = new fortios.user.Krbkeytab("krbkeytabResource", {
keytab: "string",
ldapServer: "string",
principal: "string",
name: "string",
pacData: "string",
vdomparam: "string",
});
type: fortios:user:Krbkeytab
properties:
keytab: string
ldapServer: string
name: string
pacData: string
principal: string
vdomparam: string
Krbkeytab Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The Krbkeytab resource accepts the following input properties:
- Keytab string
- base64 coded keytab file containing a pre-shared key.
- Ldap
Server string - LDAP server name.
- Principal string
- Kerberos service principal, e.g. HTTP/fgt.example.com@EXAMPLE.COM.
- Name string
- Kerberos keytab entry name.
- Pac
Data string - Enable/disable parsing PAC data in the ticket. Valid values:
enable
,disable
. - Vdomparam string
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- Keytab string
- base64 coded keytab file containing a pre-shared key.
- Ldap
Server string - LDAP server name.
- Principal string
- Kerberos service principal, e.g. HTTP/fgt.example.com@EXAMPLE.COM.
- Name string
- Kerberos keytab entry name.
- Pac
Data string - Enable/disable parsing PAC data in the ticket. Valid values:
enable
,disable
. - Vdomparam string
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- keytab String
- base64 coded keytab file containing a pre-shared key.
- ldap
Server String - LDAP server name.
- principal String
- Kerberos service principal, e.g. HTTP/fgt.example.com@EXAMPLE.COM.
- name String
- Kerberos keytab entry name.
- pac
Data String - Enable/disable parsing PAC data in the ticket. Valid values:
enable
,disable
. - vdomparam String
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- keytab string
- base64 coded keytab file containing a pre-shared key.
- ldap
Server string - LDAP server name.
- principal string
- Kerberos service principal, e.g. HTTP/fgt.example.com@EXAMPLE.COM.
- name string
- Kerberos keytab entry name.
- pac
Data string - Enable/disable parsing PAC data in the ticket. Valid values:
enable
,disable
. - vdomparam string
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- keytab str
- base64 coded keytab file containing a pre-shared key.
- ldap_
server str - LDAP server name.
- principal str
- Kerberos service principal, e.g. HTTP/fgt.example.com@EXAMPLE.COM.
- name str
- Kerberos keytab entry name.
- pac_
data str - Enable/disable parsing PAC data in the ticket. Valid values:
enable
,disable
. - vdomparam str
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- keytab String
- base64 coded keytab file containing a pre-shared key.
- ldap
Server String - LDAP server name.
- principal String
- Kerberos service principal, e.g. HTTP/fgt.example.com@EXAMPLE.COM.
- name String
- Kerberos keytab entry name.
- pac
Data String - Enable/disable parsing PAC data in the ticket. Valid values:
enable
,disable
. - vdomparam String
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
Outputs
All input properties are implicitly available as output properties. Additionally, the Krbkeytab resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing Krbkeytab Resource
Get an existing Krbkeytab resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: KrbkeytabState, opts?: CustomResourceOptions): Krbkeytab
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
keytab: Optional[str] = None,
ldap_server: Optional[str] = None,
name: Optional[str] = None,
pac_data: Optional[str] = None,
principal: Optional[str] = None,
vdomparam: Optional[str] = None) -> Krbkeytab
func GetKrbkeytab(ctx *Context, name string, id IDInput, state *KrbkeytabState, opts ...ResourceOption) (*Krbkeytab, error)
public static Krbkeytab Get(string name, Input<string> id, KrbkeytabState? state, CustomResourceOptions? opts = null)
public static Krbkeytab get(String name, Output<String> id, KrbkeytabState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Keytab string
- base64 coded keytab file containing a pre-shared key.
- Ldap
Server string - LDAP server name.
- Name string
- Kerberos keytab entry name.
- Pac
Data string - Enable/disable parsing PAC data in the ticket. Valid values:
enable
,disable
. - Principal string
- Kerberos service principal, e.g. HTTP/fgt.example.com@EXAMPLE.COM.
- Vdomparam string
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- Keytab string
- base64 coded keytab file containing a pre-shared key.
- Ldap
Server string - LDAP server name.
- Name string
- Kerberos keytab entry name.
- Pac
Data string - Enable/disable parsing PAC data in the ticket. Valid values:
enable
,disable
. - Principal string
- Kerberos service principal, e.g. HTTP/fgt.example.com@EXAMPLE.COM.
- Vdomparam string
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- keytab String
- base64 coded keytab file containing a pre-shared key.
- ldap
Server String - LDAP server name.
- name String
- Kerberos keytab entry name.
- pac
Data String - Enable/disable parsing PAC data in the ticket. Valid values:
enable
,disable
. - principal String
- Kerberos service principal, e.g. HTTP/fgt.example.com@EXAMPLE.COM.
- vdomparam String
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- keytab string
- base64 coded keytab file containing a pre-shared key.
- ldap
Server string - LDAP server name.
- name string
- Kerberos keytab entry name.
- pac
Data string - Enable/disable parsing PAC data in the ticket. Valid values:
enable
,disable
. - principal string
- Kerberos service principal, e.g. HTTP/fgt.example.com@EXAMPLE.COM.
- vdomparam string
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- keytab str
- base64 coded keytab file containing a pre-shared key.
- ldap_
server str - LDAP server name.
- name str
- Kerberos keytab entry name.
- pac_
data str - Enable/disable parsing PAC data in the ticket. Valid values:
enable
,disable
. - principal str
- Kerberos service principal, e.g. HTTP/fgt.example.com@EXAMPLE.COM.
- vdomparam str
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- keytab String
- base64 coded keytab file containing a pre-shared key.
- ldap
Server String - LDAP server name.
- name String
- Kerberos keytab entry name.
- pac
Data String - Enable/disable parsing PAC data in the ticket. Valid values:
enable
,disable
. - principal String
- Kerberos service principal, e.g. HTTP/fgt.example.com@EXAMPLE.COM.
- vdomparam String
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
Import
User KrbKeytab can be imported using any of these accepted formats:
$ pulumi import fortios:user/krbkeytab:Krbkeytab labelname {{name}}
If you do not want to import arguments of block:
$ export “FORTIOS_IMPORT_TABLE”=“false”
$ pulumi import fortios:user/krbkeytab:Krbkeytab labelname {{name}}
$ unset “FORTIOS_IMPORT_TABLE”
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- fortios pulumiverse/pulumi-fortios
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
fortios
Terraform Provider.