UNPKG

@osmit-gmbh/pulumi-authentik

Version:

A Pulumi package for creating and managing authentik cloud resources.

226 lines (225 loc) 10.4 kB
import * as pulumi from "@pulumi/pulumi"; /** * ## Example Usage * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as authentik from "@osmit-gmbh/pulumi-authentik"; * import * as authentik from "@pulumi/authentik"; * * // Create a SAML Source * const default-source-pre-authentication = authentik.getFlow({ * slug: "default-source-pre-authentication", * }); * const default-source-authentication = authentik.getFlow({ * slug: "default-source-authentication", * }); * const default-source-enrollment = authentik.getFlow({ * slug: "default-source-enrollment", * }); * const name = new authentik.SourceSaml("name", { * name: "test-source", * slug: "test-source", * authenticationFlow: default_source_authentication.then(default_source_authentication => default_source_authentication.id), * enrollmentFlow: default_source_enrollment.then(default_source_enrollment => default_source_enrollment.id), * preAuthenticationFlow: default_source_pre_authentication.then(default_source_pre_authentication => default_source_pre_authentication.id), * ssoUrl: "http://localhost", * }); * ``` */ export declare class SourceSaml extends pulumi.CustomResource { /** * Get an existing SourceSaml resource's state with the given name, ID, and optional extra * properties used to qualify the lookup. * * @param name The _unique_ name of the resulting resource. * @param id The _unique_ provider ID of the resource to lookup. * @param state Any extra arguments used during the lookup. * @param opts Optional settings to control the behavior of the CustomResource. */ static get(name: string, id: pulumi.Input<pulumi.ID>, state?: SourceSamlState, opts?: pulumi.CustomResourceOptions): SourceSaml; /** * Returns true if the given object is an instance of SourceSaml. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj: any): obj is SourceSaml; readonly allowIdpInitiated: pulumi.Output<boolean | undefined>; readonly authenticationFlow: pulumi.Output<string | undefined>; /** * Allowed values: - `REDIRECT` - `POST` - `POST_AUTO` */ readonly bindingType: pulumi.Output<string | undefined>; /** * Allowed values: - `http://www.w3.org/2000/09/xmldsig#sha1` - `http://www.w3.org/2001/04/xmlenc#sha256` - * `http://www.w3.org/2001/04/xmldsig-more#sha384` - `http://www.w3.org/2001/04/xmlenc#sha512` */ readonly digestAlgorithm: pulumi.Output<string | undefined>; readonly enabled: pulumi.Output<boolean | undefined>; readonly encryptionKp: pulumi.Output<string | undefined>; readonly enrollmentFlow: pulumi.Output<string | undefined>; /** * Allowed values: - `identifier` - `nameLink` - `nameDeny` */ readonly groupMatchingMode: pulumi.Output<string | undefined>; readonly issuer: pulumi.Output<string | undefined>; /** * SAML Metadata */ readonly metadata: pulumi.Output<string>; readonly name: pulumi.Output<string>; /** * Allowed values: - `urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress` - * `urn:oasis:names:tc:SAML:2.0:nameid-format:persistent` - `urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName` - * `urn:oasis:names:tc:SAML:2.0:nameid-format:WindowsDomainQualifiedName` - * `urn:oasis:names:tc:SAML:2.0:nameid-format:transient` */ readonly nameIdPolicy: pulumi.Output<string | undefined>; /** * Allowed values: - `all` - `any` */ readonly policyEngineMode: pulumi.Output<string | undefined>; readonly preAuthenticationFlow: pulumi.Output<string>; /** * Allowed values: - `http://www.w3.org/2000/09/xmldsig#rsa-sha1` - `http://www.w3.org/2001/04/xmldsig-more#rsa-sha256` - * `http://www.w3.org/2001/04/xmldsig-more#rsa-sha384` - `http://www.w3.org/2001/04/xmldsig-more#rsa-sha512` - * `http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1` - `http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256` - * `http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384` - `http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512` - * `http://www.w3.org/2000/09/xmldsig#dsa-sha1` */ readonly signatureAlgorithm: pulumi.Output<string | undefined>; readonly signingKp: pulumi.Output<string | undefined>; readonly sloUrl: pulumi.Output<string | undefined>; readonly slug: pulumi.Output<string>; readonly ssoUrl: pulumi.Output<string>; readonly temporaryUserDeleteAfter: pulumi.Output<string | undefined>; /** * Allowed values: - `identifier` - `emailLink` - `emailDeny` - `usernameLink` - `usernameDeny` */ readonly userMatchingMode: pulumi.Output<string | undefined>; readonly userPathTemplate: pulumi.Output<string | undefined>; readonly uuid: pulumi.Output<string>; /** * Create a SourceSaml resource with the given unique name, arguments, and options. * * @param name The _unique_ name of the resource. * @param args The arguments to use to populate this resource's properties. * @param opts A bag of options that control this resource's behavior. */ constructor(name: string, args: SourceSamlArgs, opts?: pulumi.CustomResourceOptions); } /** * Input properties used for looking up and filtering SourceSaml resources. */ export interface SourceSamlState { allowIdpInitiated?: pulumi.Input<boolean>; authenticationFlow?: pulumi.Input<string>; /** * Allowed values: - `REDIRECT` - `POST` - `POST_AUTO` */ bindingType?: pulumi.Input<string>; /** * Allowed values: - `http://www.w3.org/2000/09/xmldsig#sha1` - `http://www.w3.org/2001/04/xmlenc#sha256` - * `http://www.w3.org/2001/04/xmldsig-more#sha384` - `http://www.w3.org/2001/04/xmlenc#sha512` */ digestAlgorithm?: pulumi.Input<string>; enabled?: pulumi.Input<boolean>; encryptionKp?: pulumi.Input<string>; enrollmentFlow?: pulumi.Input<string>; /** * Allowed values: - `identifier` - `nameLink` - `nameDeny` */ groupMatchingMode?: pulumi.Input<string>; issuer?: pulumi.Input<string>; /** * SAML Metadata */ metadata?: pulumi.Input<string>; name?: pulumi.Input<string>; /** * Allowed values: - `urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress` - * `urn:oasis:names:tc:SAML:2.0:nameid-format:persistent` - `urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName` - * `urn:oasis:names:tc:SAML:2.0:nameid-format:WindowsDomainQualifiedName` - * `urn:oasis:names:tc:SAML:2.0:nameid-format:transient` */ nameIdPolicy?: pulumi.Input<string>; /** * Allowed values: - `all` - `any` */ policyEngineMode?: pulumi.Input<string>; preAuthenticationFlow?: pulumi.Input<string>; /** * Allowed values: - `http://www.w3.org/2000/09/xmldsig#rsa-sha1` - `http://www.w3.org/2001/04/xmldsig-more#rsa-sha256` - * `http://www.w3.org/2001/04/xmldsig-more#rsa-sha384` - `http://www.w3.org/2001/04/xmldsig-more#rsa-sha512` - * `http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1` - `http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256` - * `http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384` - `http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512` - * `http://www.w3.org/2000/09/xmldsig#dsa-sha1` */ signatureAlgorithm?: pulumi.Input<string>; signingKp?: pulumi.Input<string>; sloUrl?: pulumi.Input<string>; slug?: pulumi.Input<string>; ssoUrl?: pulumi.Input<string>; temporaryUserDeleteAfter?: pulumi.Input<string>; /** * Allowed values: - `identifier` - `emailLink` - `emailDeny` - `usernameLink` - `usernameDeny` */ userMatchingMode?: pulumi.Input<string>; userPathTemplate?: pulumi.Input<string>; uuid?: pulumi.Input<string>; } /** * The set of arguments for constructing a SourceSaml resource. */ export interface SourceSamlArgs { allowIdpInitiated?: pulumi.Input<boolean>; authenticationFlow?: pulumi.Input<string>; /** * Allowed values: - `REDIRECT` - `POST` - `POST_AUTO` */ bindingType?: pulumi.Input<string>; /** * Allowed values: - `http://www.w3.org/2000/09/xmldsig#sha1` - `http://www.w3.org/2001/04/xmlenc#sha256` - * `http://www.w3.org/2001/04/xmldsig-more#sha384` - `http://www.w3.org/2001/04/xmlenc#sha512` */ digestAlgorithm?: pulumi.Input<string>; enabled?: pulumi.Input<boolean>; encryptionKp?: pulumi.Input<string>; enrollmentFlow?: pulumi.Input<string>; /** * Allowed values: - `identifier` - `nameLink` - `nameDeny` */ groupMatchingMode?: pulumi.Input<string>; issuer?: pulumi.Input<string>; name?: pulumi.Input<string>; /** * Allowed values: - `urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress` - * `urn:oasis:names:tc:SAML:2.0:nameid-format:persistent` - `urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName` - * `urn:oasis:names:tc:SAML:2.0:nameid-format:WindowsDomainQualifiedName` - * `urn:oasis:names:tc:SAML:2.0:nameid-format:transient` */ nameIdPolicy?: pulumi.Input<string>; /** * Allowed values: - `all` - `any` */ policyEngineMode?: pulumi.Input<string>; preAuthenticationFlow: pulumi.Input<string>; /** * Allowed values: - `http://www.w3.org/2000/09/xmldsig#rsa-sha1` - `http://www.w3.org/2001/04/xmldsig-more#rsa-sha256` - * `http://www.w3.org/2001/04/xmldsig-more#rsa-sha384` - `http://www.w3.org/2001/04/xmldsig-more#rsa-sha512` - * `http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1` - `http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256` - * `http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384` - `http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512` - * `http://www.w3.org/2000/09/xmldsig#dsa-sha1` */ signatureAlgorithm?: pulumi.Input<string>; signingKp?: pulumi.Input<string>; sloUrl?: pulumi.Input<string>; slug: pulumi.Input<string>; ssoUrl: pulumi.Input<string>; temporaryUserDeleteAfter?: pulumi.Input<string>; /** * Allowed values: - `identifier` - `emailLink` - `emailDeny` - `usernameLink` - `usernameDeny` */ userMatchingMode?: pulumi.Input<string>; userPathTemplate?: pulumi.Input<string>; uuid?: pulumi.Input<string>; }