UNPKG

@pulumi/sumologic

Version:

A Pulumi package for creating and managing sumologic cloud resources.

304 lines (303 loc) 12.6 kB
import * as pulumi from "@pulumi/pulumi"; import * as inputs from "./types/input"; import * as outputs from "./types/output"; /** * Provides a [Sumologic SAML Configuration](https://help.sumologic.com/Manage/Security/SAML/01-Set-Up-SAML-for-Single-Sign-On). * * ## Example Usage * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as sumologic from "@pulumi/sumologic"; * * const exampleSamlConfiguration = new sumologic.SamlConfiguration("exampleSamlConfiguration", { * spInitiatedLoginPath: "", * configurationName: "SumoLogic", * issuer: "http://www.okta.com/abxcseyuiwelflkdjh", * spInitiatedLoginEnabled: false, * authnRequestUrl: "", * x509cert1: "string", * x509cert2: "", * x509cert3: "", * onDemandProvisioningEnabled: { * firstNameAttribute: "firstName", * lastNameAttribute: "lastName", * onDemandProvisioningRoles: ["Administrator"], * }, * rolesAttribute: "Administrator", * logoutEnabled: false, * logoutUrl: "", * emailAttribute: "", * debugMode: false, * signAuthnRequest: false, * disableRequestedAuthnContext: false, * isRedirectBinding: false, * }); * ``` * * ## Attributes reference * * The following attributes are exported: * * - `id` - Unique identifier for the SAML Configuration. * - `certificate` - Authentication Request Signing Certificate for the user. * - `assertionConsumerUrl` - The URL on Sumo Logic where the IdP will redirect to with its authentication response. * - `entityId` - A unique identifier that is the intended audience of the SAML assertion. * * ## Import * * SAML Configuration can be imported using the SAML configuration id, e.g.: * * hcl * * ```sh * $ pulumi import sumologic:index/samlConfiguration:SamlConfiguration example 00000000454A5979 * ``` * * [1]: https://help.sumologic.com/Manage/Security/SAML/01-Set-Up-SAML-for-Single-Sign-On */ export declare class SamlConfiguration extends pulumi.CustomResource { /** * Get an existing SamlConfiguration resource's state with the given name, ID, and optional extra * properties used to qualify the lookup. * * @param name The _unique_ name of the resulting resource. * @param id The _unique_ provider ID of the resource to lookup. * @param state Any extra arguments used during the lookup. * @param opts Optional settings to control the behavior of the CustomResource. */ static get(name: string, id: pulumi.Input<pulumi.ID>, state?: SamlConfigurationState, opts?: pulumi.CustomResourceOptions): SamlConfiguration; /** * Returns true if the given object is an instance of SamlConfiguration. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj: any): obj is SamlConfiguration; readonly assertionConsumerUrl: pulumi.Output<string>; /** * The URL that the identity provider has assigned for Sumo Logic to submit SAML authentication requests to the identity provider. Defaults to "". */ readonly authnRequestUrl: pulumi.Output<string | undefined>; readonly certificate: pulumi.Output<string>; /** * Name of the SSO policy or another name used to describe the policy internally. */ readonly configurationName: pulumi.Output<string>; /** * True if additional details are included when a user fails to sign in. Defaults to false. */ readonly debugMode: pulumi.Output<boolean | undefined>; /** * True if Sumo Logic will include the RequestedAuthnContext element of the SAML AuthnRequests it sends to the identity provider. Defaults to false. */ readonly disableRequestedAuthnContext: pulumi.Output<boolean | undefined>; /** * The email address of the new user account. Defaults to "". */ readonly emailAttribute: pulumi.Output<string | undefined>; readonly entityId: pulumi.Output<string>; /** * True if the SAML binding is of HTTP Redirect type. Defaults to false. */ readonly isRedirectBinding: pulumi.Output<boolean | undefined>; /** * The unique URL assigned to the organization by the SAML Identity Provider. */ readonly issuer: pulumi.Output<string>; /** * True if users are redirected to a URL after signing out of Sumo Logic. Defaults to false. */ readonly logoutEnabled: pulumi.Output<boolean | undefined>; /** * The URL that users will be redirected to after signing out of Sumo Logic. Defaults to "". */ readonly logoutUrl: pulumi.Output<string | undefined>; /** * The configuration for on-demand provisioning. See onDemandProvisioningEnabled schema for details. */ readonly onDemandProvisioningEnabled: pulumi.Output<outputs.SamlConfigurationOnDemandProvisioningEnabled | undefined>; /** * The role that Sumo Logic will assign to users when they sign in. Defaults to "". */ readonly rolesAttribute: pulumi.Output<string | undefined>; /** * True if Sumo Logic will send signed Authn requests to the identity provider. Defaults to false. */ readonly signAuthnRequest: pulumi.Output<boolean | undefined>; /** * True if Sumo Logic redirects users to your identity provider with a SAML AuthnRequest when signing in. Defaults to false. */ readonly spInitiatedLoginEnabled: pulumi.Output<boolean | undefined>; /** * The identifier used to generate a unique URL for user login. Defaults to "". */ readonly spInitiatedLoginPath: pulumi.Output<string | undefined>; /** * The certificate is used to verify the signature in SAML assertions. */ readonly x509cert1: pulumi.Output<string>; /** * The backup certificate used to verify the signature in SAML assertions when x509cert1 expires. Defaults to "". */ readonly x509cert2: pulumi.Output<string | undefined>; /** * The backup certificate used to verify the signature in SAML assertions when x509cert1 expires and x509cert2 is empty. Defaults to "". */ readonly x509cert3: pulumi.Output<string | undefined>; /** * Create a SamlConfiguration resource with the given unique name, arguments, and options. * * @param name The _unique_ name of the resource. * @param args The arguments to use to populate this resource's properties. * @param opts A bag of options that control this resource's behavior. */ constructor(name: string, args: SamlConfigurationArgs, opts?: pulumi.CustomResourceOptions); } /** * Input properties used for looking up and filtering SamlConfiguration resources. */ export interface SamlConfigurationState { assertionConsumerUrl?: pulumi.Input<string>; /** * The URL that the identity provider has assigned for Sumo Logic to submit SAML authentication requests to the identity provider. Defaults to "". */ authnRequestUrl?: pulumi.Input<string>; certificate?: pulumi.Input<string>; /** * Name of the SSO policy or another name used to describe the policy internally. */ configurationName?: pulumi.Input<string>; /** * True if additional details are included when a user fails to sign in. Defaults to false. */ debugMode?: pulumi.Input<boolean>; /** * True if Sumo Logic will include the RequestedAuthnContext element of the SAML AuthnRequests it sends to the identity provider. Defaults to false. */ disableRequestedAuthnContext?: pulumi.Input<boolean>; /** * The email address of the new user account. Defaults to "". */ emailAttribute?: pulumi.Input<string>; entityId?: pulumi.Input<string>; /** * True if the SAML binding is of HTTP Redirect type. Defaults to false. */ isRedirectBinding?: pulumi.Input<boolean>; /** * The unique URL assigned to the organization by the SAML Identity Provider. */ issuer?: pulumi.Input<string>; /** * True if users are redirected to a URL after signing out of Sumo Logic. Defaults to false. */ logoutEnabled?: pulumi.Input<boolean>; /** * The URL that users will be redirected to after signing out of Sumo Logic. Defaults to "". */ logoutUrl?: pulumi.Input<string>; /** * The configuration for on-demand provisioning. See onDemandProvisioningEnabled schema for details. */ onDemandProvisioningEnabled?: pulumi.Input<inputs.SamlConfigurationOnDemandProvisioningEnabled>; /** * The role that Sumo Logic will assign to users when they sign in. Defaults to "". */ rolesAttribute?: pulumi.Input<string>; /** * True if Sumo Logic will send signed Authn requests to the identity provider. Defaults to false. */ signAuthnRequest?: pulumi.Input<boolean>; /** * True if Sumo Logic redirects users to your identity provider with a SAML AuthnRequest when signing in. Defaults to false. */ spInitiatedLoginEnabled?: pulumi.Input<boolean>; /** * The identifier used to generate a unique URL for user login. Defaults to "". */ spInitiatedLoginPath?: pulumi.Input<string>; /** * The certificate is used to verify the signature in SAML assertions. */ x509cert1?: pulumi.Input<string>; /** * The backup certificate used to verify the signature in SAML assertions when x509cert1 expires. Defaults to "". */ x509cert2?: pulumi.Input<string>; /** * The backup certificate used to verify the signature in SAML assertions when x509cert1 expires and x509cert2 is empty. Defaults to "". */ x509cert3?: pulumi.Input<string>; } /** * The set of arguments for constructing a SamlConfiguration resource. */ export interface SamlConfigurationArgs { /** * The URL that the identity provider has assigned for Sumo Logic to submit SAML authentication requests to the identity provider. Defaults to "". */ authnRequestUrl?: pulumi.Input<string>; /** * Name of the SSO policy or another name used to describe the policy internally. */ configurationName: pulumi.Input<string>; /** * True if additional details are included when a user fails to sign in. Defaults to false. */ debugMode?: pulumi.Input<boolean>; /** * True if Sumo Logic will include the RequestedAuthnContext element of the SAML AuthnRequests it sends to the identity provider. Defaults to false. */ disableRequestedAuthnContext?: pulumi.Input<boolean>; /** * The email address of the new user account. Defaults to "". */ emailAttribute?: pulumi.Input<string>; /** * True if the SAML binding is of HTTP Redirect type. Defaults to false. */ isRedirectBinding?: pulumi.Input<boolean>; /** * The unique URL assigned to the organization by the SAML Identity Provider. */ issuer: pulumi.Input<string>; /** * True if users are redirected to a URL after signing out of Sumo Logic. Defaults to false. */ logoutEnabled?: pulumi.Input<boolean>; /** * The URL that users will be redirected to after signing out of Sumo Logic. Defaults to "". */ logoutUrl?: pulumi.Input<string>; /** * The configuration for on-demand provisioning. See onDemandProvisioningEnabled schema for details. */ onDemandProvisioningEnabled?: pulumi.Input<inputs.SamlConfigurationOnDemandProvisioningEnabled>; /** * The role that Sumo Logic will assign to users when they sign in. Defaults to "". */ rolesAttribute?: pulumi.Input<string>; /** * True if Sumo Logic will send signed Authn requests to the identity provider. Defaults to false. */ signAuthnRequest?: pulumi.Input<boolean>; /** * True if Sumo Logic redirects users to your identity provider with a SAML AuthnRequest when signing in. Defaults to false. */ spInitiatedLoginEnabled?: pulumi.Input<boolean>; /** * The identifier used to generate a unique URL for user login. Defaults to "". */ spInitiatedLoginPath?: pulumi.Input<string>; /** * The certificate is used to verify the signature in SAML assertions. */ x509cert1: pulumi.Input<string>; /** * The backup certificate used to verify the signature in SAML assertions when x509cert1 expires. Defaults to "". */ x509cert2?: pulumi.Input<string>; /** * The backup certificate used to verify the signature in SAML assertions when x509cert1 expires and x509cert2 is empty. Defaults to "". */ x509cert3?: pulumi.Input<string>; }