@pulumi/aws/verifiedpermissions/identitySource.js

A Pulumi package for creating and managing Amazon Web Services (AWS) cloud resources.

"use strict";
// *** WARNING: this file was generated by pulumi-language-nodejs. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
Object.defineProperty(exports, "__esModule", { value: true });
exports.IdentitySource = void 0;
const pulumi = require("@pulumi/pulumi");
const utilities = require("../utilities");
/**
 * Resource for managing an AWS Verified Permissions Identity Source.
 *
 * ## Example Usage
 *
 * ### Cognito User Pool Configuration Usage
 *
 * ```typescript
 * import * as pulumi from "@pulumi/pulumi";
 * import * as aws from "@pulumi/aws";
 *
 * const example = new aws.verifiedpermissions.PolicyStore("example", {validationSettings: {
 *     mode: "STRICT",
 * }});
 * const exampleUserPool = new aws.cognito.UserPool("example", {name: "example"});
 * const exampleUserPoolClient = new aws.cognito.UserPoolClient("example", {
 *     name: "example",
 *     userPoolId: exampleUserPool.id,
 *     explicitAuthFlows: ["ADMIN_NO_SRP_AUTH"],
 * });
 * const exampleIdentitySource = new aws.verifiedpermissions.IdentitySource("example", {
 *     policyStoreId: example.id,
 *     configuration: {
 *         cognitoUserPoolConfiguration: {
 *             userPoolArn: exampleUserPool.arn,
 *             clientIds: [exampleUserPoolClient.id],
 *         },
 *     },
 * });
 * ```
 *
 * ### OpenID Connect Configuration Usage
 *
 * ```typescript
 * import * as pulumi from "@pulumi/pulumi";
 * import * as aws from "@pulumi/aws";
 *
 * const example = new aws.verifiedpermissions.PolicyStore("example", {validationSettings: {
 *     mode: "STRICT",
 * }});
 * const exampleIdentitySource = new aws.verifiedpermissions.IdentitySource("example", {
 *     policyStoreId: example.id,
 *     configuration: {
 *         openIdConnectConfiguration: {
 *             issuer: "https://auth.example.com",
 *             tokenSelection: {
 *                 accessTokenOnly: {
 *                     audiences: ["https://myapp.example.com"],
 *                     principalIdClaim: "sub",
 *                 },
 *             },
 *             entityIdPrefix: "MyOIDCProvider",
 *             groupConfiguration: {
 *                 groupClaim: "groups",
 *                 groupEntityType: "MyCorp::UserGroup",
 *             },
 *         },
 *     },
 *     principalEntityType: "MyCorp::User",
 * });
 * ```
 *
 * ## Import
 *
 * Using `pulumi import`, import Verified Permissions Identity Source using the `policy_store_id:identity_source_id`. For example:
 *
 * ```sh
 * $ pulumi import aws:verifiedpermissions/identitySource:IdentitySource example policy-store-id-12345678:identity-source-id-12345678
 * ```
 */
class IdentitySource extends pulumi.CustomResource {
    /**
     * Get an existing IdentitySource resource's state with the given name, ID, and optional extra
     * properties used to qualify the lookup.
     *
     * @param name The _unique_ name of the resulting resource.
     * @param id The _unique_ provider ID of the resource to lookup.
     * @param state Any extra arguments used during the lookup.
     * @param opts Optional settings to control the behavior of the CustomResource.
     */
    static get(name, id, state, opts) {
        return new IdentitySource(name, state, { ...opts, id: id });
    }
    /**
     * Returns true if the given object is an instance of IdentitySource.  This is designed to work even
     * when multiple copies of the Pulumi SDK have been loaded into the same process.
     */
    static isInstance(obj) {
        if (obj === undefined || obj === null) {
            return false;
        }
        return obj['__pulumiType'] === IdentitySource.__pulumiType;
    }
    constructor(name, argsOrState, opts) {
        let resourceInputs = {};
        opts = opts || {};
        if (opts.id) {
            const state = argsOrState;
            resourceInputs["configuration"] = state?.configuration;
            resourceInputs["policyStoreId"] = state?.policyStoreId;
            resourceInputs["principalEntityType"] = state?.principalEntityType;
            resourceInputs["region"] = state?.region;
        }
        else {
            const args = argsOrState;
            if (args?.policyStoreId === undefined && !opts.urn) {
                throw new Error("Missing required property 'policyStoreId'");
            }
            resourceInputs["configuration"] = args?.configuration;
            resourceInputs["policyStoreId"] = args?.policyStoreId;
            resourceInputs["principalEntityType"] = args?.principalEntityType;
            resourceInputs["region"] = args?.region;
        }
        opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts);
        super(IdentitySource.__pulumiType, name, resourceInputs, opts);
    }
}
exports.IdentitySource = IdentitySource;
/** @internal */
IdentitySource.__pulumiType = 'aws:verifiedpermissions/identitySource:IdentitySource';
//# sourceMappingURL=identitySource.js.map