@pulumi/sumologic
Version:
A Pulumi package for creating and managing sumologic cloud resources.
304 lines (303 loc) • 12.6 kB
TypeScript
import * as pulumi from "@pulumi/pulumi";
import * as inputs from "./types/input";
import * as outputs from "./types/output";
/**
* Provides a [Sumologic SAML Configuration](https://help.sumologic.com/Manage/Security/SAML/01-Set-Up-SAML-for-Single-Sign-On).
*
* ## Example Usage
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as sumologic from "@pulumi/sumologic";
*
* const exampleSamlConfiguration = new sumologic.SamlConfiguration("exampleSamlConfiguration", {
* spInitiatedLoginPath: "",
* configurationName: "SumoLogic",
* issuer: "http://www.okta.com/abxcseyuiwelflkdjh",
* spInitiatedLoginEnabled: false,
* authnRequestUrl: "",
* x509cert1: "string",
* x509cert2: "",
* x509cert3: "",
* onDemandProvisioningEnabled: {
* firstNameAttribute: "firstName",
* lastNameAttribute: "lastName",
* onDemandProvisioningRoles: ["Administrator"],
* },
* rolesAttribute: "Administrator",
* logoutEnabled: false,
* logoutUrl: "",
* emailAttribute: "",
* debugMode: false,
* signAuthnRequest: false,
* disableRequestedAuthnContext: false,
* isRedirectBinding: false,
* });
* ```
*
* ## Attributes reference
*
* The following attributes are exported:
*
* - `id` - Unique identifier for the SAML Configuration.
* - `certificate` - Authentication Request Signing Certificate for the user.
* - `assertionConsumerUrl` - The URL on Sumo Logic where the IdP will redirect to with its authentication response.
* - `entityId` - A unique identifier that is the intended audience of the SAML assertion.
*
* ## Import
*
* SAML Configuration can be imported using the SAML configuration id, e.g.:
*
* hcl
*
* ```sh
* $ pulumi import sumologic:index/samlConfiguration:SamlConfiguration example 00000000454A5979
* ```
*
* [1]: https://help.sumologic.com/Manage/Security/SAML/01-Set-Up-SAML-for-Single-Sign-On
*/
export declare class SamlConfiguration extends pulumi.CustomResource {
/**
* Get an existing SamlConfiguration resource's state with the given name, ID, and optional extra
* properties used to qualify the lookup.
*
* @param name The _unique_ name of the resulting resource.
* @param id The _unique_ provider ID of the resource to lookup.
* @param state Any extra arguments used during the lookup.
* @param opts Optional settings to control the behavior of the CustomResource.
*/
static get(name: string, id: pulumi.Input<pulumi.ID>, state?: SamlConfigurationState, opts?: pulumi.CustomResourceOptions): SamlConfiguration;
/**
* Returns true if the given object is an instance of SamlConfiguration. This is designed to work even
* when multiple copies of the Pulumi SDK have been loaded into the same process.
*/
static isInstance(obj: any): obj is SamlConfiguration;
readonly assertionConsumerUrl: pulumi.Output<string>;
/**
* The URL that the identity provider has assigned for Sumo Logic to submit SAML authentication requests to the identity provider. Defaults to "".
*/
readonly authnRequestUrl: pulumi.Output<string | undefined>;
readonly certificate: pulumi.Output<string>;
/**
* Name of the SSO policy or another name used to describe the policy internally.
*/
readonly configurationName: pulumi.Output<string>;
/**
* True if additional details are included when a user fails to sign in. Defaults to false.
*/
readonly debugMode: pulumi.Output<boolean | undefined>;
/**
* True if Sumo Logic will include the RequestedAuthnContext element of the SAML AuthnRequests it sends to the identity provider. Defaults to false.
*/
readonly disableRequestedAuthnContext: pulumi.Output<boolean | undefined>;
/**
* The email address of the new user account. Defaults to "".
*/
readonly emailAttribute: pulumi.Output<string | undefined>;
readonly entityId: pulumi.Output<string>;
/**
* True if the SAML binding is of HTTP Redirect type. Defaults to false.
*/
readonly isRedirectBinding: pulumi.Output<boolean | undefined>;
/**
* The unique URL assigned to the organization by the SAML Identity Provider.
*/
readonly issuer: pulumi.Output<string>;
/**
* True if users are redirected to a URL after signing out of Sumo Logic. Defaults to false.
*/
readonly logoutEnabled: pulumi.Output<boolean | undefined>;
/**
* The URL that users will be redirected to after signing out of Sumo Logic. Defaults to "".
*/
readonly logoutUrl: pulumi.Output<string | undefined>;
/**
* The configuration for on-demand provisioning. See onDemandProvisioningEnabled schema for details.
*/
readonly onDemandProvisioningEnabled: pulumi.Output<outputs.SamlConfigurationOnDemandProvisioningEnabled | undefined>;
/**
* The role that Sumo Logic will assign to users when they sign in. Defaults to "".
*/
readonly rolesAttribute: pulumi.Output<string | undefined>;
/**
* True if Sumo Logic will send signed Authn requests to the identity provider. Defaults to false.
*/
readonly signAuthnRequest: pulumi.Output<boolean | undefined>;
/**
* True if Sumo Logic redirects users to your identity provider with a SAML AuthnRequest when signing in. Defaults to false.
*/
readonly spInitiatedLoginEnabled: pulumi.Output<boolean | undefined>;
/**
* The identifier used to generate a unique URL for user login. Defaults to "".
*/
readonly spInitiatedLoginPath: pulumi.Output<string | undefined>;
/**
* The certificate is used to verify the signature in SAML assertions.
*/
readonly x509cert1: pulumi.Output<string>;
/**
* The backup certificate used to verify the signature in SAML assertions when x509cert1 expires. Defaults to "".
*/
readonly x509cert2: pulumi.Output<string | undefined>;
/**
* The backup certificate used to verify the signature in SAML assertions when x509cert1 expires and x509cert2 is empty. Defaults to "".
*/
readonly x509cert3: pulumi.Output<string | undefined>;
/**
* Create a SamlConfiguration resource with the given unique name, arguments, and options.
*
* @param name The _unique_ name of the resource.
* @param args The arguments to use to populate this resource's properties.
* @param opts A bag of options that control this resource's behavior.
*/
constructor(name: string, args: SamlConfigurationArgs, opts?: pulumi.CustomResourceOptions);
}
/**
* Input properties used for looking up and filtering SamlConfiguration resources.
*/
export interface SamlConfigurationState {
assertionConsumerUrl?: pulumi.Input<string>;
/**
* The URL that the identity provider has assigned for Sumo Logic to submit SAML authentication requests to the identity provider. Defaults to "".
*/
authnRequestUrl?: pulumi.Input<string>;
certificate?: pulumi.Input<string>;
/**
* Name of the SSO policy or another name used to describe the policy internally.
*/
configurationName?: pulumi.Input<string>;
/**
* True if additional details are included when a user fails to sign in. Defaults to false.
*/
debugMode?: pulumi.Input<boolean>;
/**
* True if Sumo Logic will include the RequestedAuthnContext element of the SAML AuthnRequests it sends to the identity provider. Defaults to false.
*/
disableRequestedAuthnContext?: pulumi.Input<boolean>;
/**
* The email address of the new user account. Defaults to "".
*/
emailAttribute?: pulumi.Input<string>;
entityId?: pulumi.Input<string>;
/**
* True if the SAML binding is of HTTP Redirect type. Defaults to false.
*/
isRedirectBinding?: pulumi.Input<boolean>;
/**
* The unique URL assigned to the organization by the SAML Identity Provider.
*/
issuer?: pulumi.Input<string>;
/**
* True if users are redirected to a URL after signing out of Sumo Logic. Defaults to false.
*/
logoutEnabled?: pulumi.Input<boolean>;
/**
* The URL that users will be redirected to after signing out of Sumo Logic. Defaults to "".
*/
logoutUrl?: pulumi.Input<string>;
/**
* The configuration for on-demand provisioning. See onDemandProvisioningEnabled schema for details.
*/
onDemandProvisioningEnabled?: pulumi.Input<inputs.SamlConfigurationOnDemandProvisioningEnabled>;
/**
* The role that Sumo Logic will assign to users when they sign in. Defaults to "".
*/
rolesAttribute?: pulumi.Input<string>;
/**
* True if Sumo Logic will send signed Authn requests to the identity provider. Defaults to false.
*/
signAuthnRequest?: pulumi.Input<boolean>;
/**
* True if Sumo Logic redirects users to your identity provider with a SAML AuthnRequest when signing in. Defaults to false.
*/
spInitiatedLoginEnabled?: pulumi.Input<boolean>;
/**
* The identifier used to generate a unique URL for user login. Defaults to "".
*/
spInitiatedLoginPath?: pulumi.Input<string>;
/**
* The certificate is used to verify the signature in SAML assertions.
*/
x509cert1?: pulumi.Input<string>;
/**
* The backup certificate used to verify the signature in SAML assertions when x509cert1 expires. Defaults to "".
*/
x509cert2?: pulumi.Input<string>;
/**
* The backup certificate used to verify the signature in SAML assertions when x509cert1 expires and x509cert2 is empty. Defaults to "".
*/
x509cert3?: pulumi.Input<string>;
}
/**
* The set of arguments for constructing a SamlConfiguration resource.
*/
export interface SamlConfigurationArgs {
/**
* The URL that the identity provider has assigned for Sumo Logic to submit SAML authentication requests to the identity provider. Defaults to "".
*/
authnRequestUrl?: pulumi.Input<string>;
/**
* Name of the SSO policy or another name used to describe the policy internally.
*/
configurationName: pulumi.Input<string>;
/**
* True if additional details are included when a user fails to sign in. Defaults to false.
*/
debugMode?: pulumi.Input<boolean>;
/**
* True if Sumo Logic will include the RequestedAuthnContext element of the SAML AuthnRequests it sends to the identity provider. Defaults to false.
*/
disableRequestedAuthnContext?: pulumi.Input<boolean>;
/**
* The email address of the new user account. Defaults to "".
*/
emailAttribute?: pulumi.Input<string>;
/**
* True if the SAML binding is of HTTP Redirect type. Defaults to false.
*/
isRedirectBinding?: pulumi.Input<boolean>;
/**
* The unique URL assigned to the organization by the SAML Identity Provider.
*/
issuer: pulumi.Input<string>;
/**
* True if users are redirected to a URL after signing out of Sumo Logic. Defaults to false.
*/
logoutEnabled?: pulumi.Input<boolean>;
/**
* The URL that users will be redirected to after signing out of Sumo Logic. Defaults to "".
*/
logoutUrl?: pulumi.Input<string>;
/**
* The configuration for on-demand provisioning. See onDemandProvisioningEnabled schema for details.
*/
onDemandProvisioningEnabled?: pulumi.Input<inputs.SamlConfigurationOnDemandProvisioningEnabled>;
/**
* The role that Sumo Logic will assign to users when they sign in. Defaults to "".
*/
rolesAttribute?: pulumi.Input<string>;
/**
* True if Sumo Logic will send signed Authn requests to the identity provider. Defaults to false.
*/
signAuthnRequest?: pulumi.Input<boolean>;
/**
* True if Sumo Logic redirects users to your identity provider with a SAML AuthnRequest when signing in. Defaults to false.
*/
spInitiatedLoginEnabled?: pulumi.Input<boolean>;
/**
* The identifier used to generate a unique URL for user login. Defaults to "".
*/
spInitiatedLoginPath?: pulumi.Input<string>;
/**
* The certificate is used to verify the signature in SAML assertions.
*/
x509cert1: pulumi.Input<string>;
/**
* The backup certificate used to verify the signature in SAML assertions when x509cert1 expires. Defaults to "".
*/
x509cert2?: pulumi.Input<string>;
/**
* The backup certificate used to verify the signature in SAML assertions when x509cert1 expires and x509cert2 is empty. Defaults to "".
*/
x509cert3?: pulumi.Input<string>;
}