UNPKG

pulumi-fusionauth

Version:

A Pulumi package for managing FusionAuth instances.

github.com/theogravity/pulumi-fusionauth

theogravity/pulumi-fusionauth

151 lines (150 loc) 7.76 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
import * as pulumi from "@pulumi/pulumi"; import * as inputs from "./types/input"; import * as outputs from "./types/output"; /** * ## # API Key * * The FusionAuth APIs are primarily secured using API keys. This API can only be accessed using an API key that is set as a keyManager. In order to retrieve, update or delete an API key, an API key with equal or greater permissions must be used. A "tenant-scoped" API key can retrieve, create, update or delete an API key for the same tenant. This page describes APIs that are used to manage API keys. * * [API Key](https://fusionauth.io/docs/v1/tech/apis/api-keys/) * * ## Example Usage * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as fusionauth from "pulumi-fusionauth"; * * const example = new fusionauth.FusionAuthApiKey("example", { * description: "my super secret key", * key: "super-secret-key", * permissionsEndpoints: [{ * "delete": true, * endpoint: "/api/application", * get: true, * patch: true, * post: true, * put: true, * }], * tenantId: "94f751c5-4883-4684-a817-6b106778edec", * }); * ``` */ export declare class FusionAuthApiKey extends pulumi.CustomResource { /** * Get an existing FusionAuthApiKey resource's state with the given name, ID, and optional extra * properties used to qualify the lookup. * * @param name The _unique_ name of the resulting resource. * @param id The _unique_ provider ID of the resource to lookup. * @param state Any extra arguments used during the lookup. * @param opts Optional settings to control the behavior of the CustomResource. */ static get(name: string, id: pulumi.Input<pulumi.ID>, state?: FusionAuthApiKeyState, opts?: pulumi.CustomResourceOptions): FusionAuthApiKey; /** * Returns true if the given object is an instance of FusionAuthApiKey. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj: any): obj is FusionAuthApiKey; /** * Description of the key. */ readonly description: pulumi.Output<string | undefined>; /** * The expiration instant of this API key. Using an expired API key for API Authentication will result in a 401 response code. */ readonly expirationInstant: pulumi.Output<number | undefined>; /** * The Id of the IP Access Control List limiting access to this API key. */ readonly ipAccessControlListId: pulumi.Output<string | undefined>; /** * API key string. When you create an API key the key is defaulted to a secure random value but the API key is simply a string, so you may call it super-secret-key if you’d like. However a long and random value makes a good API key in that it is unique and difficult to guess. */ readonly key: pulumi.Output<string>; /** * The Id to use for the new Form. If not specified a secure random UUID will be generated. */ readonly keyId: pulumi.Output<string | undefined>; /** * Endpoint permissions for this key. Each key of the object is an endpoint, with the value being an array of the HTTP methods which can be used against the endpoint. An Empty permissionsEndpoints object mean that this is a super key that authorizes this key for all the endpoints. */ readonly permissionsEndpoints: pulumi.Output<outputs.FusionAuthApiKeyPermissionsEndpoint[] | undefined>; /** * The unique Id of the Tenant. This value is required if the key is meant to be tenant scoped. Tenant scoped keys can only be used to access users and other tenant scoped objects for the specified tenant. This value is read-only once the key is created. */ readonly tenantId: pulumi.Output<string | undefined>; /** * Create a FusionAuthApiKey resource with the given unique name, arguments, and options. * * @param name The _unique_ name of the resource. * @param args The arguments to use to populate this resource's properties. * @param opts A bag of options that control this resource's behavior. */ constructor(name: string, args?: FusionAuthApiKeyArgs, opts?: pulumi.CustomResourceOptions); } /** * Input properties used for looking up and filtering FusionAuthApiKey resources. */ export interface FusionAuthApiKeyState { /** * Description of the key. */ description?: pulumi.Input<string>; /** * The expiration instant of this API key. Using an expired API key for API Authentication will result in a 401 response code. */ expirationInstant?: pulumi.Input<number>; /** * The Id of the IP Access Control List limiting access to this API key. */ ipAccessControlListId?: pulumi.Input<string>; /** * API key string. When you create an API key the key is defaulted to a secure random value but the API key is simply a string, so you may call it super-secret-key if you’d like. However a long and random value makes a good API key in that it is unique and difficult to guess. */ key?: pulumi.Input<string>; /** * The Id to use for the new Form. If not specified a secure random UUID will be generated. */ keyId?: pulumi.Input<string>; /** * Endpoint permissions for this key. Each key of the object is an endpoint, with the value being an array of the HTTP methods which can be used against the endpoint. An Empty permissionsEndpoints object mean that this is a super key that authorizes this key for all the endpoints. */ permissionsEndpoints?: pulumi.Input<pulumi.Input<inputs.FusionAuthApiKeyPermissionsEndpoint>[]>; /** * The unique Id of the Tenant. This value is required if the key is meant to be tenant scoped. Tenant scoped keys can only be used to access users and other tenant scoped objects for the specified tenant. This value is read-only once the key is created. */ tenantId?: pulumi.Input<string>; } /** * The set of arguments for constructing a FusionAuthApiKey resource. */ export interface FusionAuthApiKeyArgs { /** * Description of the key. */ description?: pulumi.Input<string>; /** * The expiration instant of this API key. Using an expired API key for API Authentication will result in a 401 response code. */ expirationInstant?: pulumi.Input<number>; /** * The Id of the IP Access Control List limiting access to this API key. */ ipAccessControlListId?: pulumi.Input<string>; /** * API key string. When you create an API key the key is defaulted to a secure random value but the API key is simply a string, so you may call it super-secret-key if you’d like. However a long and random value makes a good API key in that it is unique and difficult to guess. */ key?: pulumi.Input<string>; /** * The Id to use for the new Form. If not specified a secure random UUID will be generated. */ keyId?: pulumi.Input<string>; /** * Endpoint permissions for this key. Each key of the object is an endpoint, with the value being an array of the HTTP methods which can be used against the endpoint. An Empty permissionsEndpoints object mean that this is a super key that authorizes this key for all the endpoints. */ permissionsEndpoints?: pulumi.Input<pulumi.Input<inputs.FusionAuthApiKeyPermissionsEndpoint>[]>; /** * The unique Id of the Tenant. This value is required if the key is meant to be tenant scoped. Tenant scoped keys can only be used to access users and other tenant scoped objects for the specified tenant. This value is read-only once the key is created. */ tenantId?: pulumi.Input<string>; }