@pulumi/ise
Version:
A Pulumi package for managing resources on a Cisco ISE (Identity Service Engine) instance.. Based on terraform-provider-ise: version v0.2.1
547 lines (546 loc) • 16.1 kB
TypeScript
import * as pulumi from "@pulumi/pulumi";
import * as inputs from "../types/input";
import * as outputs from "../types/output";
/**
* This resource can manage an Active Directory Join Point.
*
* ## Example Usage
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as ise from "@pulumi/ise";
*
* const example = new ise.identitymanagement.ActiveDirectoryJoinPoint("example", {
* name: "cisco.local",
* description: "My AD join point",
* domain: "cisco.local",
* adScopesNames: "Default_Scope",
* enableDomainAllowedList: true,
* groups: [{
* name: "cisco.local/operators",
* sid: "S-1-5-32-548",
* type: "GLOBAL",
* }],
* attributes: [{
* name: "Attribute_1",
* type: "STRING",
* internalName: "internal_name",
* defaultValue: "default_string",
* }],
* rewriteRules: [{
* rowId: "0",
* rewriteMatch: "rewrite_match",
* rewriteResult: "rewrite_result",
* }],
* enableRewrites: false,
* enablePassChange: true,
* enableMachineAuth: true,
* enableMachineAccess: true,
* enableDialinPermissionCheck: false,
* plaintextAuth: false,
* agingTime: 5,
* enableCallbackForDialinClient: false,
* identityNotInAdBehaviour: "SEARCH_JOINED_FOREST",
* unreachableDomainsBehaviour: "PROCEED",
* schema: "ACTIVE_DIRECTORY",
* firstName: "givenName",
* department: "department",
* lastName: "sn",
* organizationalUnit: "company",
* jobTitle: "title",
* locality: "l",
* email: "mail",
* stateOrProvince: "st",
* telephone: "telephoneNumber",
* country: "co",
* streetAddress: "streetAddress",
* enableFailedAuthProtection: false,
* failedAuthThreshold: 5,
* authProtectionType: "WIRELESS",
* });
* ```
*
* ## Import
*
* The `pulumi import` command can be used, for example:
*
* ```sh
* $ pulumi import ise:identitymanagement/activeDirectoryJoinPoint:ActiveDirectoryJoinPoint example "76d24097-41c4-4558-a4d0-a8c07ac08470"
* ```
*/
export declare class ActiveDirectoryJoinPoint extends pulumi.CustomResource {
/**
* Get an existing ActiveDirectoryJoinPoint resource's state with the given name, ID, and optional extra
* properties used to qualify the lookup.
*
* @param name The _unique_ name of the resulting resource.
* @param id The _unique_ provider ID of the resource to lookup.
* @param state Any extra arguments used during the lookup.
* @param opts Optional settings to control the behavior of the CustomResource.
*/
static get(name: string, id: pulumi.Input<pulumi.ID>, state?: ActiveDirectoryJoinPointState, opts?: pulumi.CustomResourceOptions): ActiveDirectoryJoinPoint;
/**
* Returns true if the given object is an instance of ActiveDirectoryJoinPoint. This is designed to work even
* when multiple copies of the Pulumi SDK have been loaded into the same process.
*/
static isInstance(obj: any): obj is ActiveDirectoryJoinPoint;
/**
* String that contains the names of the scopes that the active directory belongs to. Names are separated by comma.
* - Default value: `Default_Scope`
*/
readonly adScopesNames: pulumi.Output<string>;
/**
* Aging Time
* - Default value: `5`
*/
readonly agingTime: pulumi.Output<number>;
/**
* List of AD attributes
*/
readonly attributes: pulumi.Output<outputs.identitymanagement.ActiveDirectoryJoinPointAttribute[] | undefined>;
/**
* Enable prevent AD account lockout for WIRELESS/WIRED/BOTH
* - Choices: `WIRELESS`, `WIRED`, `BOTH`
*/
readonly authProtectionType: pulumi.Output<string | undefined>;
/**
* User info attribute
*/
readonly country: pulumi.Output<string | undefined>;
/**
* User info attribute
*/
readonly department: pulumi.Output<string | undefined>;
/**
* Join point description
*/
readonly description: pulumi.Output<string | undefined>;
/**
* AD domain associated with the join point
*/
readonly domain: pulumi.Output<string>;
/**
* User info attribute
*/
readonly email: pulumi.Output<string | undefined>;
/**
* Enable Callback For Dial In Client
* - Default value: `false`
*/
readonly enableCallbackForDialinClient: pulumi.Output<boolean>;
/**
* Enable Dial In Permission Check
* - Default value: `false`
*/
readonly enableDialinPermissionCheck: pulumi.Output<boolean>;
/**
* - Default value: `true`
*/
readonly enableDomainAllowedList: pulumi.Output<boolean>;
/**
* Enable prevent AD account lockout due to too many bad password attempts
* - Default value: `false`
*/
readonly enableFailedAuthProtection: pulumi.Output<boolean>;
/**
* Enable Machine Access
* - Default value: `true`
*/
readonly enableMachineAccess: pulumi.Output<boolean>;
/**
* Enable Machine Authentication
* - Default value: `true`
*/
readonly enableMachineAuth: pulumi.Output<boolean>;
/**
* Enable Password Change
* - Default value: `true`
*/
readonly enablePassChange: pulumi.Output<boolean>;
/**
* Enable Rewrites
* - Default value: `false`
*/
readonly enableRewrites: pulumi.Output<boolean>;
/**
* Number of bad password attempts
* - Default value: `5`
*/
readonly failedAuthThreshold: pulumi.Output<number>;
/**
* User info attribute
*/
readonly firstName: pulumi.Output<string | undefined>;
/**
* List of AD Groups
*/
readonly groups: pulumi.Output<outputs.identitymanagement.ActiveDirectoryJoinPointGroup[] | undefined>;
/**
* Identity Not In AD Behaviour
* - Choices: `REJECT`, `SEARCH_JOINED_FOREST`, `SEARCH_ALL`
*/
readonly identityNotInAdBehaviour: pulumi.Output<string | undefined>;
/**
* User info attribute
*/
readonly jobTitle: pulumi.Output<string | undefined>;
/**
* User info attribute
*/
readonly lastName: pulumi.Output<string | undefined>;
/**
* User info attribute
*/
readonly locality: pulumi.Output<string | undefined>;
/**
* The name of the active directory join point
*/
readonly name: pulumi.Output<string>;
/**
* User info attribute
*/
readonly organizationalUnit: pulumi.Output<string | undefined>;
/**
* Plain Text Authentication
* - Default value: `false`
*/
readonly plaintextAuth: pulumi.Output<boolean>;
/**
* List of Rewrite rules
*/
readonly rewriteRules: pulumi.Output<outputs.identitymanagement.ActiveDirectoryJoinPointRewriteRule[] | undefined>;
/**
* Schema
* - Choices: `ACTIVE_DIRECTORY`, `CUSTOM`
*/
readonly schema: pulumi.Output<string | undefined>;
/**
* User info attribute
*/
readonly stateOrProvince: pulumi.Output<string | undefined>;
/**
* User info attribute
*/
readonly streetAddress: pulumi.Output<string | undefined>;
/**
* User info attribute
*/
readonly telephone: pulumi.Output<string | undefined>;
/**
* Unreachable Domains Behaviour
* - Choices: `PROCEED`, `DROP`
*/
readonly unreachableDomainsBehaviour: pulumi.Output<string | undefined>;
/**
* Create a ActiveDirectoryJoinPoint resource with the given unique name, arguments, and options.
*
* @param name The _unique_ name of the resource.
* @param args The arguments to use to populate this resource's properties.
* @param opts A bag of options that control this resource's behavior.
*/
constructor(name: string, args: ActiveDirectoryJoinPointArgs, opts?: pulumi.CustomResourceOptions);
}
/**
* Input properties used for looking up and filtering ActiveDirectoryJoinPoint resources.
*/
export interface ActiveDirectoryJoinPointState {
/**
* String that contains the names of the scopes that the active directory belongs to. Names are separated by comma.
* - Default value: `Default_Scope`
*/
adScopesNames?: pulumi.Input<string>;
/**
* Aging Time
* - Default value: `5`
*/
agingTime?: pulumi.Input<number>;
/**
* List of AD attributes
*/
attributes?: pulumi.Input<pulumi.Input<inputs.identitymanagement.ActiveDirectoryJoinPointAttribute>[]>;
/**
* Enable prevent AD account lockout for WIRELESS/WIRED/BOTH
* - Choices: `WIRELESS`, `WIRED`, `BOTH`
*/
authProtectionType?: pulumi.Input<string>;
/**
* User info attribute
*/
country?: pulumi.Input<string>;
/**
* User info attribute
*/
department?: pulumi.Input<string>;
/**
* Join point description
*/
description?: pulumi.Input<string>;
/**
* AD domain associated with the join point
*/
domain?: pulumi.Input<string>;
/**
* User info attribute
*/
email?: pulumi.Input<string>;
/**
* Enable Callback For Dial In Client
* - Default value: `false`
*/
enableCallbackForDialinClient?: pulumi.Input<boolean>;
/**
* Enable Dial In Permission Check
* - Default value: `false`
*/
enableDialinPermissionCheck?: pulumi.Input<boolean>;
/**
* - Default value: `true`
*/
enableDomainAllowedList?: pulumi.Input<boolean>;
/**
* Enable prevent AD account lockout due to too many bad password attempts
* - Default value: `false`
*/
enableFailedAuthProtection?: pulumi.Input<boolean>;
/**
* Enable Machine Access
* - Default value: `true`
*/
enableMachineAccess?: pulumi.Input<boolean>;
/**
* Enable Machine Authentication
* - Default value: `true`
*/
enableMachineAuth?: pulumi.Input<boolean>;
/**
* Enable Password Change
* - Default value: `true`
*/
enablePassChange?: pulumi.Input<boolean>;
/**
* Enable Rewrites
* - Default value: `false`
*/
enableRewrites?: pulumi.Input<boolean>;
/**
* Number of bad password attempts
* - Default value: `5`
*/
failedAuthThreshold?: pulumi.Input<number>;
/**
* User info attribute
*/
firstName?: pulumi.Input<string>;
/**
* List of AD Groups
*/
groups?: pulumi.Input<pulumi.Input<inputs.identitymanagement.ActiveDirectoryJoinPointGroup>[]>;
/**
* Identity Not In AD Behaviour
* - Choices: `REJECT`, `SEARCH_JOINED_FOREST`, `SEARCH_ALL`
*/
identityNotInAdBehaviour?: pulumi.Input<string>;
/**
* User info attribute
*/
jobTitle?: pulumi.Input<string>;
/**
* User info attribute
*/
lastName?: pulumi.Input<string>;
/**
* User info attribute
*/
locality?: pulumi.Input<string>;
/**
* The name of the active directory join point
*/
name?: pulumi.Input<string>;
/**
* User info attribute
*/
organizationalUnit?: pulumi.Input<string>;
/**
* Plain Text Authentication
* - Default value: `false`
*/
plaintextAuth?: pulumi.Input<boolean>;
/**
* List of Rewrite rules
*/
rewriteRules?: pulumi.Input<pulumi.Input<inputs.identitymanagement.ActiveDirectoryJoinPointRewriteRule>[]>;
/**
* Schema
* - Choices: `ACTIVE_DIRECTORY`, `CUSTOM`
*/
schema?: pulumi.Input<string>;
/**
* User info attribute
*/
stateOrProvince?: pulumi.Input<string>;
/**
* User info attribute
*/
streetAddress?: pulumi.Input<string>;
/**
* User info attribute
*/
telephone?: pulumi.Input<string>;
/**
* Unreachable Domains Behaviour
* - Choices: `PROCEED`, `DROP`
*/
unreachableDomainsBehaviour?: pulumi.Input<string>;
}
/**
* The set of arguments for constructing a ActiveDirectoryJoinPoint resource.
*/
export interface ActiveDirectoryJoinPointArgs {
/**
* String that contains the names of the scopes that the active directory belongs to. Names are separated by comma.
* - Default value: `Default_Scope`
*/
adScopesNames?: pulumi.Input<string>;
/**
* Aging Time
* - Default value: `5`
*/
agingTime?: pulumi.Input<number>;
/**
* List of AD attributes
*/
attributes?: pulumi.Input<pulumi.Input<inputs.identitymanagement.ActiveDirectoryJoinPointAttribute>[]>;
/**
* Enable prevent AD account lockout for WIRELESS/WIRED/BOTH
* - Choices: `WIRELESS`, `WIRED`, `BOTH`
*/
authProtectionType?: pulumi.Input<string>;
/**
* User info attribute
*/
country?: pulumi.Input<string>;
/**
* User info attribute
*/
department?: pulumi.Input<string>;
/**
* Join point description
*/
description?: pulumi.Input<string>;
/**
* AD domain associated with the join point
*/
domain: pulumi.Input<string>;
/**
* User info attribute
*/
email?: pulumi.Input<string>;
/**
* Enable Callback For Dial In Client
* - Default value: `false`
*/
enableCallbackForDialinClient?: pulumi.Input<boolean>;
/**
* Enable Dial In Permission Check
* - Default value: `false`
*/
enableDialinPermissionCheck?: pulumi.Input<boolean>;
/**
* - Default value: `true`
*/
enableDomainAllowedList?: pulumi.Input<boolean>;
/**
* Enable prevent AD account lockout due to too many bad password attempts
* - Default value: `false`
*/
enableFailedAuthProtection?: pulumi.Input<boolean>;
/**
* Enable Machine Access
* - Default value: `true`
*/
enableMachineAccess?: pulumi.Input<boolean>;
/**
* Enable Machine Authentication
* - Default value: `true`
*/
enableMachineAuth?: pulumi.Input<boolean>;
/**
* Enable Password Change
* - Default value: `true`
*/
enablePassChange?: pulumi.Input<boolean>;
/**
* Enable Rewrites
* - Default value: `false`
*/
enableRewrites?: pulumi.Input<boolean>;
/**
* Number of bad password attempts
* - Default value: `5`
*/
failedAuthThreshold?: pulumi.Input<number>;
/**
* User info attribute
*/
firstName?: pulumi.Input<string>;
/**
* List of AD Groups
*/
groups?: pulumi.Input<pulumi.Input<inputs.identitymanagement.ActiveDirectoryJoinPointGroup>[]>;
/**
* Identity Not In AD Behaviour
* - Choices: `REJECT`, `SEARCH_JOINED_FOREST`, `SEARCH_ALL`
*/
identityNotInAdBehaviour?: pulumi.Input<string>;
/**
* User info attribute
*/
jobTitle?: pulumi.Input<string>;
/**
* User info attribute
*/
lastName?: pulumi.Input<string>;
/**
* User info attribute
*/
locality?: pulumi.Input<string>;
/**
* The name of the active directory join point
*/
name?: pulumi.Input<string>;
/**
* User info attribute
*/
organizationalUnit?: pulumi.Input<string>;
/**
* Plain Text Authentication
* - Default value: `false`
*/
plaintextAuth?: pulumi.Input<boolean>;
/**
* List of Rewrite rules
*/
rewriteRules?: pulumi.Input<pulumi.Input<inputs.identitymanagement.ActiveDirectoryJoinPointRewriteRule>[]>;
/**
* Schema
* - Choices: `ACTIVE_DIRECTORY`, `CUSTOM`
*/
schema?: pulumi.Input<string>;
/**
* User info attribute
*/
stateOrProvince?: pulumi.Input<string>;
/**
* User info attribute
*/
streetAddress?: pulumi.Input<string>;
/**
* User info attribute
*/
telephone?: pulumi.Input<string>;
/**
* Unreachable Domains Behaviour
* - Choices: `PROCEED`, `DROP`
*/
unreachableDomainsBehaviour?: pulumi.Input<string>;
}