fortios.user.Saml
Explore with Pulumi AI
SAML server entry configuration. Applies to FortiOS Version >= 6.2.4
.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as fortios from "@pulumiverse/fortios";
const tr3 = new fortios.user.Saml("tr3", {
cert: "Fortinet_Factory",
entityId: "https://1.1.1.1",
idpCert: "cer11",
idpEntityId: "https://1.1.1.1/acc",
idpSingleLogoutUrl: "https://1.1.1.1/lo",
idpSingleSignOnUrl: "https://1.1.1.1/sou",
singleLogoutUrl: "https://1.1.1.1/logout",
singleSignOnUrl: "https://1.1.1.1/sign",
userName: "ad111",
});
import pulumi
import pulumiverse_fortios as fortios
tr3 = fortios.user.Saml("tr3",
cert="Fortinet_Factory",
entity_id="https://1.1.1.1",
idp_cert="cer11",
idp_entity_id="https://1.1.1.1/acc",
idp_single_logout_url="https://1.1.1.1/lo",
idp_single_sign_on_url="https://1.1.1.1/sou",
single_logout_url="https://1.1.1.1/logout",
single_sign_on_url="https://1.1.1.1/sign",
user_name="ad111")
package main
import (
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
"github.com/pulumiverse/pulumi-fortios/sdk/go/fortios/user"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := user.NewSaml(ctx, "tr3", &user.SamlArgs{
Cert: pulumi.String("Fortinet_Factory"),
EntityId: pulumi.String("https://1.1.1.1"),
IdpCert: pulumi.String("cer11"),
IdpEntityId: pulumi.String("https://1.1.1.1/acc"),
IdpSingleLogoutUrl: pulumi.String("https://1.1.1.1/lo"),
IdpSingleSignOnUrl: pulumi.String("https://1.1.1.1/sou"),
SingleLogoutUrl: pulumi.String("https://1.1.1.1/logout"),
SingleSignOnUrl: pulumi.String("https://1.1.1.1/sign"),
UserName: pulumi.String("ad111"),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Fortios = Pulumiverse.Fortios;
return await Deployment.RunAsync(() =>
{
var tr3 = new Fortios.User.Saml("tr3", new()
{
Cert = "Fortinet_Factory",
EntityId = "https://1.1.1.1",
IdpCert = "cer11",
IdpEntityId = "https://1.1.1.1/acc",
IdpSingleLogoutUrl = "https://1.1.1.1/lo",
IdpSingleSignOnUrl = "https://1.1.1.1/sou",
SingleLogoutUrl = "https://1.1.1.1/logout",
SingleSignOnUrl = "https://1.1.1.1/sign",
UserName = "ad111",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.fortios.user.Saml;
import com.pulumi.fortios.user.SamlArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var tr3 = new Saml("tr3", SamlArgs.builder()
.cert("Fortinet_Factory")
.entityId("https://1.1.1.1")
.idpCert("cer11")
.idpEntityId("https://1.1.1.1/acc")
.idpSingleLogoutUrl("https://1.1.1.1/lo")
.idpSingleSignOnUrl("https://1.1.1.1/sou")
.singleLogoutUrl("https://1.1.1.1/logout")
.singleSignOnUrl("https://1.1.1.1/sign")
.userName("ad111")
.build());
}
}
resources:
tr3:
type: fortios:user:Saml
properties:
cert: Fortinet_Factory
entityId: https://1.1.1.1
idpCert: cer11
idpEntityId: https://1.1.1.1/acc
idpSingleLogoutUrl: https://1.1.1.1/lo
idpSingleSignOnUrl: https://1.1.1.1/sou
singleLogoutUrl: https://1.1.1.1/logout
singleSignOnUrl: https://1.1.1.1/sign
userName: ad111
Create Saml Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Saml(name: string, args: SamlArgs, opts?: CustomResourceOptions);
@overload
def Saml(resource_name: str,
args: SamlArgs,
opts: Optional[ResourceOptions] = None)
@overload
def Saml(resource_name: str,
opts: Optional[ResourceOptions] = None,
entity_id: Optional[str] = None,
single_sign_on_url: Optional[str] = None,
idp_single_sign_on_url: Optional[str] = None,
idp_entity_id: Optional[str] = None,
idp_cert: Optional[str] = None,
idp_single_logout_url: Optional[str] = None,
limit_relaystate: Optional[str] = None,
group_name: Optional[str] = None,
digest_method: Optional[str] = None,
clock_tolerance: Optional[int] = None,
adfs_claim: Optional[str] = None,
cert: Optional[str] = None,
group_claim_type: Optional[str] = None,
name: Optional[str] = None,
reauth: Optional[str] = None,
single_logout_url: Optional[str] = None,
auth_url: Optional[str] = None,
user_claim_type: Optional[str] = None,
user_name: Optional[str] = None,
vdomparam: Optional[str] = None)
func NewSaml(ctx *Context, name string, args SamlArgs, opts ...ResourceOption) (*Saml, error)
public Saml(string name, SamlArgs args, CustomResourceOptions? opts = null)
type: fortios:user:Saml
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args SamlArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args SamlArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args SamlArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args SamlArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args SamlArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var fortiosSamlResource = new Fortios.User.Saml("fortiosSamlResource", new()
{
EntityId = "string",
SingleSignOnUrl = "string",
IdpSingleSignOnUrl = "string",
IdpEntityId = "string",
IdpCert = "string",
IdpSingleLogoutUrl = "string",
LimitRelaystate = "string",
GroupName = "string",
DigestMethod = "string",
ClockTolerance = 0,
AdfsClaim = "string",
Cert = "string",
GroupClaimType = "string",
Name = "string",
Reauth = "string",
SingleLogoutUrl = "string",
AuthUrl = "string",
UserClaimType = "string",
UserName = "string",
Vdomparam = "string",
});
example, err := user.NewSaml(ctx, "fortiosSamlResource", &user.SamlArgs{
EntityId: pulumi.String("string"),
SingleSignOnUrl: pulumi.String("string"),
IdpSingleSignOnUrl: pulumi.String("string"),
IdpEntityId: pulumi.String("string"),
IdpCert: pulumi.String("string"),
IdpSingleLogoutUrl: pulumi.String("string"),
LimitRelaystate: pulumi.String("string"),
GroupName: pulumi.String("string"),
DigestMethod: pulumi.String("string"),
ClockTolerance: pulumi.Int(0),
AdfsClaim: pulumi.String("string"),
Cert: pulumi.String("string"),
GroupClaimType: pulumi.String("string"),
Name: pulumi.String("string"),
Reauth: pulumi.String("string"),
SingleLogoutUrl: pulumi.String("string"),
AuthUrl: pulumi.String("string"),
UserClaimType: pulumi.String("string"),
UserName: pulumi.String("string"),
Vdomparam: pulumi.String("string"),
})
var fortiosSamlResource = new Saml("fortiosSamlResource", SamlArgs.builder()
.entityId("string")
.singleSignOnUrl("string")
.idpSingleSignOnUrl("string")
.idpEntityId("string")
.idpCert("string")
.idpSingleLogoutUrl("string")
.limitRelaystate("string")
.groupName("string")
.digestMethod("string")
.clockTolerance(0)
.adfsClaim("string")
.cert("string")
.groupClaimType("string")
.name("string")
.reauth("string")
.singleLogoutUrl("string")
.authUrl("string")
.userClaimType("string")
.userName("string")
.vdomparam("string")
.build());
fortios_saml_resource = fortios.user.Saml("fortiosSamlResource",
entity_id="string",
single_sign_on_url="string",
idp_single_sign_on_url="string",
idp_entity_id="string",
idp_cert="string",
idp_single_logout_url="string",
limit_relaystate="string",
group_name="string",
digest_method="string",
clock_tolerance=0,
adfs_claim="string",
cert="string",
group_claim_type="string",
name="string",
reauth="string",
single_logout_url="string",
auth_url="string",
user_claim_type="string",
user_name="string",
vdomparam="string")
const fortiosSamlResource = new fortios.user.Saml("fortiosSamlResource", {
entityId: "string",
singleSignOnUrl: "string",
idpSingleSignOnUrl: "string",
idpEntityId: "string",
idpCert: "string",
idpSingleLogoutUrl: "string",
limitRelaystate: "string",
groupName: "string",
digestMethod: "string",
clockTolerance: 0,
adfsClaim: "string",
cert: "string",
groupClaimType: "string",
name: "string",
reauth: "string",
singleLogoutUrl: "string",
authUrl: "string",
userClaimType: "string",
userName: "string",
vdomparam: "string",
});
type: fortios:user:Saml
properties:
adfsClaim: string
authUrl: string
cert: string
clockTolerance: 0
digestMethod: string
entityId: string
groupClaimType: string
groupName: string
idpCert: string
idpEntityId: string
idpSingleLogoutUrl: string
idpSingleSignOnUrl: string
limitRelaystate: string
name: string
reauth: string
singleLogoutUrl: string
singleSignOnUrl: string
userClaimType: string
userName: string
vdomparam: string
Saml Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The Saml resource accepts the following input properties:
- Entity
Id string - SP entity ID.
- Idp
Cert string - IDP Certificate name.
- Idp
Entity stringId - IDP entity ID.
- Idp
Single stringSign On Url - IDP single sign-on URL.
- Single
Sign stringOn Url - SP single sign-on URL.
- Adfs
Claim string - Enable/disable ADFS Claim for user/group attribute in assertion statement (default = disable). Valid values:
enable
,disable
. - Auth
Url string - URL to verify authentication.
- Cert string
- Certificate to sign SAML messages.
- Clock
Tolerance int - Clock skew tolerance in seconds (0 - 300, default = 15, 0 = no tolerance).
- Digest
Method string - Digest Method Algorithm. (default = sha1). Valid values:
sha1
,sha256
. - Group
Claim stringType - Group claim in assertion statement. Valid values:
email
,given-name
,name
,upn
,common-name
,email-adfs-1x
,group
,upn-adfs-1x
,role
,sur-name
,ppid
,name-identifier
,authentication-method
,deny-only-group-sid
,deny-only-primary-sid
,deny-only-primary-group-sid
,group-sid
,primary-group-sid
,primary-sid
,windows-account-name
. - Group
Name string - Group name in assertion statement.
- Idp
Single stringLogout Url - IDP single logout url.
- Limit
Relaystate string - Enable/disable limiting of relay-state parameter when it exceeds SAML 2.0 specification limits (80 bytes). Valid values:
enable
,disable
. - Name string
- SAML server entry name.
- Reauth string
- Enable/disable signalling of IDP to force user re-authentication (default = disable). Valid values:
enable
,disable
. - Single
Logout stringUrl - SP single logout URL.
- User
Claim stringType - User name claim in assertion statement. Valid values:
email
,given-name
,name
,upn
,common-name
,email-adfs-1x
,group
,upn-adfs-1x
,role
,sur-name
,ppid
,name-identifier
,authentication-method
,deny-only-group-sid
,deny-only-primary-sid
,deny-only-primary-group-sid
,group-sid
,primary-group-sid
,primary-sid
,windows-account-name
. - User
Name string - User name in assertion statement.
- Vdomparam string
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- Entity
Id string - SP entity ID.
- Idp
Cert string - IDP Certificate name.
- Idp
Entity stringId - IDP entity ID.
- Idp
Single stringSign On Url - IDP single sign-on URL.
- Single
Sign stringOn Url - SP single sign-on URL.
- Adfs
Claim string - Enable/disable ADFS Claim for user/group attribute in assertion statement (default = disable). Valid values:
enable
,disable
. - Auth
Url string - URL to verify authentication.
- Cert string
- Certificate to sign SAML messages.
- Clock
Tolerance int - Clock skew tolerance in seconds (0 - 300, default = 15, 0 = no tolerance).
- Digest
Method string - Digest Method Algorithm. (default = sha1). Valid values:
sha1
,sha256
. - Group
Claim stringType - Group claim in assertion statement. Valid values:
email
,given-name
,name
,upn
,common-name
,email-adfs-1x
,group
,upn-adfs-1x
,role
,sur-name
,ppid
,name-identifier
,authentication-method
,deny-only-group-sid
,deny-only-primary-sid
,deny-only-primary-group-sid
,group-sid
,primary-group-sid
,primary-sid
,windows-account-name
. - Group
Name string - Group name in assertion statement.
- Idp
Single stringLogout Url - IDP single logout url.
- Limit
Relaystate string - Enable/disable limiting of relay-state parameter when it exceeds SAML 2.0 specification limits (80 bytes). Valid values:
enable
,disable
. - Name string
- SAML server entry name.
- Reauth string
- Enable/disable signalling of IDP to force user re-authentication (default = disable). Valid values:
enable
,disable
. - Single
Logout stringUrl - SP single logout URL.
- User
Claim stringType - User name claim in assertion statement. Valid values:
email
,given-name
,name
,upn
,common-name
,email-adfs-1x
,group
,upn-adfs-1x
,role
,sur-name
,ppid
,name-identifier
,authentication-method
,deny-only-group-sid
,deny-only-primary-sid
,deny-only-primary-group-sid
,group-sid
,primary-group-sid
,primary-sid
,windows-account-name
. - User
Name string - User name in assertion statement.
- Vdomparam string
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- entity
Id String - SP entity ID.
- idp
Cert String - IDP Certificate name.
- idp
Entity StringId - IDP entity ID.
- idp
Single StringSign On Url - IDP single sign-on URL.
- single
Sign StringOn Url - SP single sign-on URL.
- adfs
Claim String - Enable/disable ADFS Claim for user/group attribute in assertion statement (default = disable). Valid values:
enable
,disable
. - auth
Url String - URL to verify authentication.
- cert String
- Certificate to sign SAML messages.
- clock
Tolerance Integer - Clock skew tolerance in seconds (0 - 300, default = 15, 0 = no tolerance).
- digest
Method String - Digest Method Algorithm. (default = sha1). Valid values:
sha1
,sha256
. - group
Claim StringType - Group claim in assertion statement. Valid values:
email
,given-name
,name
,upn
,common-name
,email-adfs-1x
,group
,upn-adfs-1x
,role
,sur-name
,ppid
,name-identifier
,authentication-method
,deny-only-group-sid
,deny-only-primary-sid
,deny-only-primary-group-sid
,group-sid
,primary-group-sid
,primary-sid
,windows-account-name
. - group
Name String - Group name in assertion statement.
- idp
Single StringLogout Url - IDP single logout url.
- limit
Relaystate String - Enable/disable limiting of relay-state parameter when it exceeds SAML 2.0 specification limits (80 bytes). Valid values:
enable
,disable
. - name String
- SAML server entry name.
- reauth String
- Enable/disable signalling of IDP to force user re-authentication (default = disable). Valid values:
enable
,disable
. - single
Logout StringUrl - SP single logout URL.
- user
Claim StringType - User name claim in assertion statement. Valid values:
email
,given-name
,name
,upn
,common-name
,email-adfs-1x
,group
,upn-adfs-1x
,role
,sur-name
,ppid
,name-identifier
,authentication-method
,deny-only-group-sid
,deny-only-primary-sid
,deny-only-primary-group-sid
,group-sid
,primary-group-sid
,primary-sid
,windows-account-name
. - user
Name String - User name in assertion statement.
- vdomparam String
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- entity
Id string - SP entity ID.
- idp
Cert string - IDP Certificate name.
- idp
Entity stringId - IDP entity ID.
- idp
Single stringSign On Url - IDP single sign-on URL.
- single
Sign stringOn Url - SP single sign-on URL.
- adfs
Claim string - Enable/disable ADFS Claim for user/group attribute in assertion statement (default = disable). Valid values:
enable
,disable
. - auth
Url string - URL to verify authentication.
- cert string
- Certificate to sign SAML messages.
- clock
Tolerance number - Clock skew tolerance in seconds (0 - 300, default = 15, 0 = no tolerance).
- digest
Method string - Digest Method Algorithm. (default = sha1). Valid values:
sha1
,sha256
. - group
Claim stringType - Group claim in assertion statement. Valid values:
email
,given-name
,name
,upn
,common-name
,email-adfs-1x
,group
,upn-adfs-1x
,role
,sur-name
,ppid
,name-identifier
,authentication-method
,deny-only-group-sid
,deny-only-primary-sid
,deny-only-primary-group-sid
,group-sid
,primary-group-sid
,primary-sid
,windows-account-name
. - group
Name string - Group name in assertion statement.
- idp
Single stringLogout Url - IDP single logout url.
- limit
Relaystate string - Enable/disable limiting of relay-state parameter when it exceeds SAML 2.0 specification limits (80 bytes). Valid values:
enable
,disable
. - name string
- SAML server entry name.
- reauth string
- Enable/disable signalling of IDP to force user re-authentication (default = disable). Valid values:
enable
,disable
. - single
Logout stringUrl - SP single logout URL.
- user
Claim stringType - User name claim in assertion statement. Valid values:
email
,given-name
,name
,upn
,common-name
,email-adfs-1x
,group
,upn-adfs-1x
,role
,sur-name
,ppid
,name-identifier
,authentication-method
,deny-only-group-sid
,deny-only-primary-sid
,deny-only-primary-group-sid
,group-sid
,primary-group-sid
,primary-sid
,windows-account-name
. - user
Name string - User name in assertion statement.
- vdomparam string
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- entity_
id str - SP entity ID.
- idp_
cert str - IDP Certificate name.
- idp_
entity_ strid - IDP entity ID.
- idp_
single_ strsign_ on_ url - IDP single sign-on URL.
- single_
sign_ stron_ url - SP single sign-on URL.
- adfs_
claim str - Enable/disable ADFS Claim for user/group attribute in assertion statement (default = disable). Valid values:
enable
,disable
. - auth_
url str - URL to verify authentication.
- cert str
- Certificate to sign SAML messages.
- clock_
tolerance int - Clock skew tolerance in seconds (0 - 300, default = 15, 0 = no tolerance).
- digest_
method str - Digest Method Algorithm. (default = sha1). Valid values:
sha1
,sha256
. - group_
claim_ strtype - Group claim in assertion statement. Valid values:
email
,given-name
,name
,upn
,common-name
,email-adfs-1x
,group
,upn-adfs-1x
,role
,sur-name
,ppid
,name-identifier
,authentication-method
,deny-only-group-sid
,deny-only-primary-sid
,deny-only-primary-group-sid
,group-sid
,primary-group-sid
,primary-sid
,windows-account-name
. - group_
name str - Group name in assertion statement.
- idp_
single_ strlogout_ url - IDP single logout url.
- limit_
relaystate str - Enable/disable limiting of relay-state parameter when it exceeds SAML 2.0 specification limits (80 bytes). Valid values:
enable
,disable
. - name str
- SAML server entry name.
- reauth str
- Enable/disable signalling of IDP to force user re-authentication (default = disable). Valid values:
enable
,disable
. - single_
logout_ strurl - SP single logout URL.
- user_
claim_ strtype - User name claim in assertion statement. Valid values:
email
,given-name
,name
,upn
,common-name
,email-adfs-1x
,group
,upn-adfs-1x
,role
,sur-name
,ppid
,name-identifier
,authentication-method
,deny-only-group-sid
,deny-only-primary-sid
,deny-only-primary-group-sid
,group-sid
,primary-group-sid
,primary-sid
,windows-account-name
. - user_
name str - User name in assertion statement.
- vdomparam str
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- entity
Id String - SP entity ID.
- idp
Cert String - IDP Certificate name.
- idp
Entity StringId - IDP entity ID.
- idp
Single StringSign On Url - IDP single sign-on URL.
- single
Sign StringOn Url - SP single sign-on URL.
- adfs
Claim String - Enable/disable ADFS Claim for user/group attribute in assertion statement (default = disable). Valid values:
enable
,disable
. - auth
Url String - URL to verify authentication.
- cert String
- Certificate to sign SAML messages.
- clock
Tolerance Number - Clock skew tolerance in seconds (0 - 300, default = 15, 0 = no tolerance).
- digest
Method String - Digest Method Algorithm. (default = sha1). Valid values:
sha1
,sha256
. - group
Claim StringType - Group claim in assertion statement. Valid values:
email
,given-name
,name
,upn
,common-name
,email-adfs-1x
,group
,upn-adfs-1x
,role
,sur-name
,ppid
,name-identifier
,authentication-method
,deny-only-group-sid
,deny-only-primary-sid
,deny-only-primary-group-sid
,group-sid
,primary-group-sid
,primary-sid
,windows-account-name
. - group
Name String - Group name in assertion statement.
- idp
Single StringLogout Url - IDP single logout url.
- limit
Relaystate String - Enable/disable limiting of relay-state parameter when it exceeds SAML 2.0 specification limits (80 bytes). Valid values:
enable
,disable
. - name String
- SAML server entry name.
- reauth String
- Enable/disable signalling of IDP to force user re-authentication (default = disable). Valid values:
enable
,disable
. - single
Logout StringUrl - SP single logout URL.
- user
Claim StringType - User name claim in assertion statement. Valid values:
email
,given-name
,name
,upn
,common-name
,email-adfs-1x
,group
,upn-adfs-1x
,role
,sur-name
,ppid
,name-identifier
,authentication-method
,deny-only-group-sid
,deny-only-primary-sid
,deny-only-primary-group-sid
,group-sid
,primary-group-sid
,primary-sid
,windows-account-name
. - user
Name String - User name in assertion statement.
- vdomparam String
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
Outputs
All input properties are implicitly available as output properties. Additionally, the Saml resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing Saml Resource
Get an existing Saml resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: SamlState, opts?: CustomResourceOptions): Saml
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
adfs_claim: Optional[str] = None,
auth_url: Optional[str] = None,
cert: Optional[str] = None,
clock_tolerance: Optional[int] = None,
digest_method: Optional[str] = None,
entity_id: Optional[str] = None,
group_claim_type: Optional[str] = None,
group_name: Optional[str] = None,
idp_cert: Optional[str] = None,
idp_entity_id: Optional[str] = None,
idp_single_logout_url: Optional[str] = None,
idp_single_sign_on_url: Optional[str] = None,
limit_relaystate: Optional[str] = None,
name: Optional[str] = None,
reauth: Optional[str] = None,
single_logout_url: Optional[str] = None,
single_sign_on_url: Optional[str] = None,
user_claim_type: Optional[str] = None,
user_name: Optional[str] = None,
vdomparam: Optional[str] = None) -> Saml
func GetSaml(ctx *Context, name string, id IDInput, state *SamlState, opts ...ResourceOption) (*Saml, error)
public static Saml Get(string name, Input<string> id, SamlState? state, CustomResourceOptions? opts = null)
public static Saml get(String name, Output<String> id, SamlState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Adfs
Claim string - Enable/disable ADFS Claim for user/group attribute in assertion statement (default = disable). Valid values:
enable
,disable
. - Auth
Url string - URL to verify authentication.
- Cert string
- Certificate to sign SAML messages.
- Clock
Tolerance int - Clock skew tolerance in seconds (0 - 300, default = 15, 0 = no tolerance).
- Digest
Method string - Digest Method Algorithm. (default = sha1). Valid values:
sha1
,sha256
. - Entity
Id string - SP entity ID.
- Group
Claim stringType - Group claim in assertion statement. Valid values:
email
,given-name
,name
,upn
,common-name
,email-adfs-1x
,group
,upn-adfs-1x
,role
,sur-name
,ppid
,name-identifier
,authentication-method
,deny-only-group-sid
,deny-only-primary-sid
,deny-only-primary-group-sid
,group-sid
,primary-group-sid
,primary-sid
,windows-account-name
. - Group
Name string - Group name in assertion statement.
- Idp
Cert string - IDP Certificate name.
- Idp
Entity stringId - IDP entity ID.
- Idp
Single stringLogout Url - IDP single logout url.
- Idp
Single stringSign On Url - IDP single sign-on URL.
- Limit
Relaystate string - Enable/disable limiting of relay-state parameter when it exceeds SAML 2.0 specification limits (80 bytes). Valid values:
enable
,disable
. - Name string
- SAML server entry name.
- Reauth string
- Enable/disable signalling of IDP to force user re-authentication (default = disable). Valid values:
enable
,disable
. - Single
Logout stringUrl - SP single logout URL.
- Single
Sign stringOn Url - SP single sign-on URL.
- User
Claim stringType - User name claim in assertion statement. Valid values:
email
,given-name
,name
,upn
,common-name
,email-adfs-1x
,group
,upn-adfs-1x
,role
,sur-name
,ppid
,name-identifier
,authentication-method
,deny-only-group-sid
,deny-only-primary-sid
,deny-only-primary-group-sid
,group-sid
,primary-group-sid
,primary-sid
,windows-account-name
. - User
Name string - User name in assertion statement.
- Vdomparam string
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- Adfs
Claim string - Enable/disable ADFS Claim for user/group attribute in assertion statement (default = disable). Valid values:
enable
,disable
. - Auth
Url string - URL to verify authentication.
- Cert string
- Certificate to sign SAML messages.
- Clock
Tolerance int - Clock skew tolerance in seconds (0 - 300, default = 15, 0 = no tolerance).
- Digest
Method string - Digest Method Algorithm. (default = sha1). Valid values:
sha1
,sha256
. - Entity
Id string - SP entity ID.
- Group
Claim stringType - Group claim in assertion statement. Valid values:
email
,given-name
,name
,upn
,common-name
,email-adfs-1x
,group
,upn-adfs-1x
,role
,sur-name
,ppid
,name-identifier
,authentication-method
,deny-only-group-sid
,deny-only-primary-sid
,deny-only-primary-group-sid
,group-sid
,primary-group-sid
,primary-sid
,windows-account-name
. - Group
Name string - Group name in assertion statement.
- Idp
Cert string - IDP Certificate name.
- Idp
Entity stringId - IDP entity ID.
- Idp
Single stringLogout Url - IDP single logout url.
- Idp
Single stringSign On Url - IDP single sign-on URL.
- Limit
Relaystate string - Enable/disable limiting of relay-state parameter when it exceeds SAML 2.0 specification limits (80 bytes). Valid values:
enable
,disable
. - Name string
- SAML server entry name.
- Reauth string
- Enable/disable signalling of IDP to force user re-authentication (default = disable). Valid values:
enable
,disable
. - Single
Logout stringUrl - SP single logout URL.
- Single
Sign stringOn Url - SP single sign-on URL.
- User
Claim stringType - User name claim in assertion statement. Valid values:
email
,given-name
,name
,upn
,common-name
,email-adfs-1x
,group
,upn-adfs-1x
,role
,sur-name
,ppid
,name-identifier
,authentication-method
,deny-only-group-sid
,deny-only-primary-sid
,deny-only-primary-group-sid
,group-sid
,primary-group-sid
,primary-sid
,windows-account-name
. - User
Name string - User name in assertion statement.
- Vdomparam string
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- adfs
Claim String - Enable/disable ADFS Claim for user/group attribute in assertion statement (default = disable). Valid values:
enable
,disable
. - auth
Url String - URL to verify authentication.
- cert String
- Certificate to sign SAML messages.
- clock
Tolerance Integer - Clock skew tolerance in seconds (0 - 300, default = 15, 0 = no tolerance).
- digest
Method String - Digest Method Algorithm. (default = sha1). Valid values:
sha1
,sha256
. - entity
Id String - SP entity ID.
- group
Claim StringType - Group claim in assertion statement. Valid values:
email
,given-name
,name
,upn
,common-name
,email-adfs-1x
,group
,upn-adfs-1x
,role
,sur-name
,ppid
,name-identifier
,authentication-method
,deny-only-group-sid
,deny-only-primary-sid
,deny-only-primary-group-sid
,group-sid
,primary-group-sid
,primary-sid
,windows-account-name
. - group
Name String - Group name in assertion statement.
- idp
Cert String - IDP Certificate name.
- idp
Entity StringId - IDP entity ID.
- idp
Single StringLogout Url - IDP single logout url.
- idp
Single StringSign On Url - IDP single sign-on URL.
- limit
Relaystate String - Enable/disable limiting of relay-state parameter when it exceeds SAML 2.0 specification limits (80 bytes). Valid values:
enable
,disable
. - name String
- SAML server entry name.
- reauth String
- Enable/disable signalling of IDP to force user re-authentication (default = disable). Valid values:
enable
,disable
. - single
Logout StringUrl - SP single logout URL.
- single
Sign StringOn Url - SP single sign-on URL.
- user
Claim StringType - User name claim in assertion statement. Valid values:
email
,given-name
,name
,upn
,common-name
,email-adfs-1x
,group
,upn-adfs-1x
,role
,sur-name
,ppid
,name-identifier
,authentication-method
,deny-only-group-sid
,deny-only-primary-sid
,deny-only-primary-group-sid
,group-sid
,primary-group-sid
,primary-sid
,windows-account-name
. - user
Name String - User name in assertion statement.
- vdomparam String
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- adfs
Claim string - Enable/disable ADFS Claim for user/group attribute in assertion statement (default = disable). Valid values:
enable
,disable
. - auth
Url string - URL to verify authentication.
- cert string
- Certificate to sign SAML messages.
- clock
Tolerance number - Clock skew tolerance in seconds (0 - 300, default = 15, 0 = no tolerance).
- digest
Method string - Digest Method Algorithm. (default = sha1). Valid values:
sha1
,sha256
. - entity
Id string - SP entity ID.
- group
Claim stringType - Group claim in assertion statement. Valid values:
email
,given-name
,name
,upn
,common-name
,email-adfs-1x
,group
,upn-adfs-1x
,role
,sur-name
,ppid
,name-identifier
,authentication-method
,deny-only-group-sid
,deny-only-primary-sid
,deny-only-primary-group-sid
,group-sid
,primary-group-sid
,primary-sid
,windows-account-name
. - group
Name string - Group name in assertion statement.
- idp
Cert string - IDP Certificate name.
- idp
Entity stringId - IDP entity ID.
- idp
Single stringLogout Url - IDP single logout url.
- idp
Single stringSign On Url - IDP single sign-on URL.
- limit
Relaystate string - Enable/disable limiting of relay-state parameter when it exceeds SAML 2.0 specification limits (80 bytes). Valid values:
enable
,disable
. - name string
- SAML server entry name.
- reauth string
- Enable/disable signalling of IDP to force user re-authentication (default = disable). Valid values:
enable
,disable
. - single
Logout stringUrl - SP single logout URL.
- single
Sign stringOn Url - SP single sign-on URL.
- user
Claim stringType - User name claim in assertion statement. Valid values:
email
,given-name
,name
,upn
,common-name
,email-adfs-1x
,group
,upn-adfs-1x
,role
,sur-name
,ppid
,name-identifier
,authentication-method
,deny-only-group-sid
,deny-only-primary-sid
,deny-only-primary-group-sid
,group-sid
,primary-group-sid
,primary-sid
,windows-account-name
. - user
Name string - User name in assertion statement.
- vdomparam string
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- adfs_
claim str - Enable/disable ADFS Claim for user/group attribute in assertion statement (default = disable). Valid values:
enable
,disable
. - auth_
url str - URL to verify authentication.
- cert str
- Certificate to sign SAML messages.
- clock_
tolerance int - Clock skew tolerance in seconds (0 - 300, default = 15, 0 = no tolerance).
- digest_
method str - Digest Method Algorithm. (default = sha1). Valid values:
sha1
,sha256
. - entity_
id str - SP entity ID.
- group_
claim_ strtype - Group claim in assertion statement. Valid values:
email
,given-name
,name
,upn
,common-name
,email-adfs-1x
,group
,upn-adfs-1x
,role
,sur-name
,ppid
,name-identifier
,authentication-method
,deny-only-group-sid
,deny-only-primary-sid
,deny-only-primary-group-sid
,group-sid
,primary-group-sid
,primary-sid
,windows-account-name
. - group_
name str - Group name in assertion statement.
- idp_
cert str - IDP Certificate name.
- idp_
entity_ strid - IDP entity ID.
- idp_
single_ strlogout_ url - IDP single logout url.
- idp_
single_ strsign_ on_ url - IDP single sign-on URL.
- limit_
relaystate str - Enable/disable limiting of relay-state parameter when it exceeds SAML 2.0 specification limits (80 bytes). Valid values:
enable
,disable
. - name str
- SAML server entry name.
- reauth str
- Enable/disable signalling of IDP to force user re-authentication (default = disable). Valid values:
enable
,disable
. - single_
logout_ strurl - SP single logout URL.
- single_
sign_ stron_ url - SP single sign-on URL.
- user_
claim_ strtype - User name claim in assertion statement. Valid values:
email
,given-name
,name
,upn
,common-name
,email-adfs-1x
,group
,upn-adfs-1x
,role
,sur-name
,ppid
,name-identifier
,authentication-method
,deny-only-group-sid
,deny-only-primary-sid
,deny-only-primary-group-sid
,group-sid
,primary-group-sid
,primary-sid
,windows-account-name
. - user_
name str - User name in assertion statement.
- vdomparam str
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- adfs
Claim String - Enable/disable ADFS Claim for user/group attribute in assertion statement (default = disable). Valid values:
enable
,disable
. - auth
Url String - URL to verify authentication.
- cert String
- Certificate to sign SAML messages.
- clock
Tolerance Number - Clock skew tolerance in seconds (0 - 300, default = 15, 0 = no tolerance).
- digest
Method String - Digest Method Algorithm. (default = sha1). Valid values:
sha1
,sha256
. - entity
Id String - SP entity ID.
- group
Claim StringType - Group claim in assertion statement. Valid values:
email
,given-name
,name
,upn
,common-name
,email-adfs-1x
,group
,upn-adfs-1x
,role
,sur-name
,ppid
,name-identifier
,authentication-method
,deny-only-group-sid
,deny-only-primary-sid
,deny-only-primary-group-sid
,group-sid
,primary-group-sid
,primary-sid
,windows-account-name
. - group
Name String - Group name in assertion statement.
- idp
Cert String - IDP Certificate name.
- idp
Entity StringId - IDP entity ID.
- idp
Single StringLogout Url - IDP single logout url.
- idp
Single StringSign On Url - IDP single sign-on URL.
- limit
Relaystate String - Enable/disable limiting of relay-state parameter when it exceeds SAML 2.0 specification limits (80 bytes). Valid values:
enable
,disable
. - name String
- SAML server entry name.
- reauth String
- Enable/disable signalling of IDP to force user re-authentication (default = disable). Valid values:
enable
,disable
. - single
Logout StringUrl - SP single logout URL.
- single
Sign StringOn Url - SP single sign-on URL.
- user
Claim StringType - User name claim in assertion statement. Valid values:
email
,given-name
,name
,upn
,common-name
,email-adfs-1x
,group
,upn-adfs-1x
,role
,sur-name
,ppid
,name-identifier
,authentication-method
,deny-only-group-sid
,deny-only-primary-sid
,deny-only-primary-group-sid
,group-sid
,primary-group-sid
,primary-sid
,windows-account-name
. - user
Name String - User name in assertion statement.
- vdomparam String
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
Import
User Saml can be imported using any of these accepted formats:
$ pulumi import fortios:user/saml:Saml labelname {{name}}
If you do not want to import arguments of block:
$ export “FORTIOS_IMPORT_TABLE”=“false”
$ pulumi import fortios:user/saml:Saml labelname {{name}}
$ unset “FORTIOS_IMPORT_TABLE”
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- fortios pulumiverse/pulumi-fortios
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
fortios
Terraform Provider.