pulumi-fusionauth
Version:
A Pulumi package for managing FusionAuth instances.
560 lines • 22.7 kB
JavaScript
"use strict";
// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
Object.defineProperty(exports, "__esModule", { value: true });
exports.FusionAuthTenant = void 0;
const pulumi = require("@pulumi/pulumi");
const utilities = require("./utilities");
/**
* ## # Tenant Resource
*
* A FusionAuth Tenant is a named object that represents a discrete namespace for Users, Applications and Groups. A user is unique by email address or username within a tenant.
*
* Tenants may be useful to support a multi-tenant application where you wish to use a single instance of FusionAuth but require the ability to have duplicate users across the tenants in your own application. In this scenario a user may exist multiple times with the same email address and different passwords across tenants.
*
* Tenants may also be useful in a test or staging environment to allow multiple users to call APIs and create and modify users without possibility of collision.
*
* [Tenants API](https://fusionauth.io/docs/v1/tech/apis/tenants)
*
* ## Example Usage
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as fusionauth from "pulumi-fusionauth";
*
* const example = new fusionauth.FusionAuthTenant("example", {
* connectorPolicies: [{
* connectorId: "b57b3d0f-f7a4-4831-a838-549717362ea8",
* domains: ["*"],
* migrate: false,
* }],
* emailConfiguration: {
* forgotPasswordEmailTemplateId: fusionauth_email.ForgotPassword_Example.id,
* host: "smtp.sendgrid.net",
* password: "password",
* passwordlessEmailTemplateId: fusionauth_email.PasswordlessLogin_Example.id,
* port: 587,
* security: "TLS",
* setPasswordEmailTemplateId: fusionauth_email.SetupPassword_Example.id,
* username: "username",
* verifyEmail: true,
* verifyEmailWhenChanged: true,
* additionalHeaders: {
* HeaderName1: "HeaderValue1",
* HeaderName2: "HeaderValue2",
* },
* },
* eventConfigurations: [
* {
* enabled: false,
* event: "jwt.public-key.update",
* transactionType: "None",
* },
* {
* enabled: false,
* event: "jwt.refresh-token.revoke",
* transactionType: "None",
* },
* {
* enabled: false,
* event: "jwt.refresh",
* transactionType: "None",
* },
* {
* enabled: false,
* event: "group.create",
* transactionType: "None",
* },
* {
* enabled: false,
* event: "group.create.complete",
* transactionType: "None",
* },
* {
* enabled: false,
* event: "group.delete",
* transactionType: "None",
* },
* {
* enabled: false,
* event: "group.delete.complete",
* transactionType: "None",
* },
* {
* enabled: false,
* event: "group.member.add",
* transactionType: "None",
* },
* {
* enabled: false,
* event: "group.member.add.complete",
* transactionType: "None",
* },
* {
* enabled: false,
* event: "group.member.remove",
* transactionType: "None",
* },
* {
* enabled: false,
* event: "group.member.remove.complete",
* transactionType: "None",
* },
* {
* enabled: false,
* event: "group.member.update",
* transactionType: "None",
* },
* {
* enabled: false,
* event: "group.member.update.complete",
* transactionType: "None",
* },
* {
* enabled: false,
* event: "group.update",
* transactionType: "None",
* },
* {
* enabled: false,
* event: "group.update.complete",
* transactionType: "None",
* },
* {
* enabled: false,
* event: "user.action",
* transactionType: "None",
* },
* {
* event: "user.bulk.create",
* enabled: false,
* transactionType: "None",
* },
* {
* enabled: false,
* event: "user.create",
* transactionType: "None",
* },
* {
* enabled: false,
* event: "user.create.complete",
* transactionType: "None",
* },
* {
* enabled: false,
* event: "user.deactivate",
* transactionType: "None",
* },
* {
* enabled: false,
* event: "user.delete",
* transactionType: "None",
* },
* {
* enabled: false,
* event: "user.delete.complete",
* transactionType: "None",
* },
* {
* enabled: false,
* event: "user.email.update",
* transactionType: "None",
* },
* {
* enabled: false,
* event: "user.email.verified",
* transactionType: "None",
* },
* {
* enabled: false,
* event: "user.identity-provider.link",
* transactionType: "None",
* },
* {
* enabled: false,
* event: "user.identity-provider.unlink",
* transactionType: "None",
* },
* {
* enabled: false,
* event: "user.loginId.duplicate.create",
* transactionType: "None",
* },
* {
* enabled: false,
* event: "user.loginId.duplicate.update",
* transactionType: "None",
* },
* {
* enabled: false,
* event: "user.login.failed",
* transactionType: "None",
* },
* {
* enabled: false,
* event: "user.login.new-device",
* transactionType: "None",
* },
* {
* enabled: false,
* event: "user.login.success",
* transactionType: "None",
* },
* {
* enabled: false,
* event: "user.login.suspicious",
* transactionType: "None",
* },
* {
* enabled: false,
* event: "user.password.breach",
* transactionType: "None",
* },
* {
* enabled: false,
* event: "user.password.reset.send",
* transactionType: "None",
* },
* {
* enabled: false,
* event: "user.password.reset.start",
* transactionType: "None",
* },
* {
* enabled: false,
* event: "user.password.reset.success",
* transactionType: "None",
* },
* {
* enabled: false,
* event: "user.password.update",
* transactionType: "None",
* },
* {
* enabled: false,
* event: "user.reactivate",
* transactionType: "None",
* },
* {
* enabled: false,
* event: "user.registration.create",
* transactionType: "None",
* },
* {
* enabled: false,
* event: "user.registration.create.complete",
* transactionType: "None",
* },
* {
* enabled: false,
* event: "user.registration.delete",
* transactionType: "None",
* },
* {
* enabled: false,
* event: "user.registration.delete.complete",
* transactionType: "None",
* },
* {
* enabled: false,
* event: "user.registration.update",
* transactionType: "None",
* },
* {
* enabled: false,
* event: "user.registration.update.complete",
* transactionType: "None",
* },
* {
* enabled: false,
* event: "user.registration.verified",
* transactionType: "None",
* },
* {
* enabled: false,
* event: "user.two-factor.method.add",
* transactionType: "None",
* },
* {
* enabled: false,
* event: "user.two-factor.method.remove",
* transactionType: "None",
* },
* {
* enabled: false,
* event: "user.update",
* transactionType: "None",
* },
* {
* enabled: false,
* event: "user.update.complete",
* transactionType: "None",
* },
* ],
* externalIdentifierConfiguration: {
* authorizationGrantIdTimeToLiveInSeconds: 30,
* changePasswordIdGenerator: {
* length: 32,
* type: "randomBytes",
* },
* changePasswordIdTimeToLiveInSeconds: 600,
* deviceCodeTimeToLiveInSeconds: 1800,
* deviceUserCodeIdGenerator: {
* length: 6,
* type: "randomAlphaNumeric",
* },
* emailVerificationIdGenerator: {
* length: 32,
* type: "randomBytes",
* },
* emailVerificationIdTimeToLiveInSeconds: 86400,
* emailVerificationOneTimeCodeGenerator: {
* length: 6,
* type: "randomAlphaNumeric",
* },
* externalAuthenticationIdTimeToLiveInSeconds: 300,
* loginIntentTimeToLiveInSeconds: 1800,
* oneTimePasswordTimeToLiveInSeconds: 60,
* passwordlessLoginGenerator: {
* length: 32,
* type: "randomBytes",
* },
* passwordlessLoginTimeToLiveInSeconds: 600,
* registrationVerificationIdGenerator: {
* length: 32,
* type: "randomBytes",
* },
* registrationVerificationIdTimeToLiveInSeconds: 86400,
* registrationVerificationOneTimeCodeGenerator: {
* length: 6,
* type: "randomAlphaNumeric",
* },
* samlV2AuthnRequestIdTtlSeconds: 300,
* setupPasswordIdGenerator: {
* length: 32,
* type: "randomBytes",
* },
* setupPasswordIdTimeToLiveInSeconds: 86400,
* twoFactorIdTimeToLiveInSeconds: 300,
* twoFactorOneTimeCodeIdGenerator: {
* length: 6,
* type: "randomDigits",
* },
* twoFactorOneTimeCodeIdTimeToLiveInSeconds: 60,
* twoFactorTrustIdTimeToLiveInSeconds: 2592000,
* },
* failedAuthenticationConfiguration: {
* actionDuration: 3,
* actionDurationUnit: "MINUTES",
* resetCountInSeconds: 60,
* tooManyAttempts: 5,
* },
* familyConfiguration: {
* allowChildRegistrations: true,
* deleteOrphanedAccounts: false,
* deleteOrphanedAccountsDays: 30,
* enabled: true,
* maximumChildAge: 12,
* minimumOwnerAge: 21,
* parentEmailRequired: false,
* },
* formConfiguration: {
* adminUserFormId: "e92751a5-25f4-4bca-ad91-66cdf67725d2",
* },
* httpSessionMaxInactiveInterval: 3600,
* issuer: "https://example.com",
* jwtConfigurations: [{
* accessTokenKeyId: fusionauth_key.accesstoken.id,
* idTokenKeyId: fusionauth_key.idtoken.id,
* refreshTokenTimeToLiveInMinutes: 43200,
* timeToLiveInSeconds: 3600,
* }],
* loginConfiguration: {
* requireAuthentication: true,
* },
* maximumPasswordAge: {
* days: 180,
* enabled: false,
* },
* minimumPasswordAge: {
* enabled: false,
* seconds: 30,
* },
* oauthConfigurations: [{
* clientCredentialsAccessTokenPopulateLambdaId: fusionauth_lambda.client_jwt_populate.id,
* }],
* passwordEncryptionConfigurations: [{
* encryptionScheme: "salted-pbkdf2-hmac-sha256",
* encryptionSchemeFactor: 24000,
* modifyEncryptionSchemeOnLogin: false,
* }],
* passwordValidationRules: {
* maxLength: 256,
* minLength: 7,
* rememberPreviousPasswords: {
* count: 1,
* enabled: false,
* },
* requiredMixedCase: false,
* requireNonAlpha: false,
* requireNumber: false,
* validateOnLogin: false,
* },
* rateLimitConfiguration: {
* failedLogin: {
* enabled: true,
* limit: 5,
* timePeriodInSeconds: 60,
* },
* forgotPassword: {
* enabled: false,
* limit: 5,
* timePeriodInSeconds: 60,
* },
* sendEmailVerification: {
* enabled: false,
* limit: 5,
* timePeriodInSeconds: 60,
* },
* sendPasswordless: {
* enabled: false,
* limit: 5,
* timePeriodInSeconds: 60,
* },
* sendRegistrationVerification: {
* enabled: false,
* limit: 5,
* timePeriodInSeconds: 60,
* },
* sendTwoFactor: {
* enabled: false,
* limit: 5,
* timePeriodInSeconds: 60,
* },
* },
* registrationConfiguration: {
* blockedDomains: ["example.com"],
* },
* captchaConfiguration: {
* enabled: true,
* captchaMethod: "GoogleRecaptchaV3",
* siteKey: "captcha_site_key",
* secretKey: "captcha_secret_key",
* threshold: 0.5,
* },
* themeId: fusionauth_theme.example_theme.id,
* userDeletePolicy: {
* unverifiedEnabled: false,
* unverifiedNumberOfDaysToRetain: 30,
* },
* });
* ```
*/
class FusionAuthTenant extends pulumi.CustomResource {
/**
* Get an existing FusionAuthTenant resource's state with the given name, ID, and optional extra
* properties used to qualify the lookup.
*
* @param name The _unique_ name of the resulting resource.
* @param id The _unique_ provider ID of the resource to lookup.
* @param state Any extra arguments used during the lookup.
* @param opts Optional settings to control the behavior of the CustomResource.
*/
static get(name, id, state, opts) {
return new FusionAuthTenant(name, state, Object.assign(Object.assign({}, opts), { id: id }));
}
/**
* Returns true if the given object is an instance of FusionAuthTenant. This is designed to work even
* when multiple copies of the Pulumi SDK have been loaded into the same process.
*/
static isInstance(obj) {
if (obj === undefined || obj === null) {
return false;
}
return obj['__pulumiType'] === FusionAuthTenant.__pulumiType;
}
constructor(name, argsOrState, opts) {
let resourceInputs = {};
opts = opts || {};
if (opts.id) {
const state = argsOrState;
resourceInputs["accessControlConfiguration"] = state ? state.accessControlConfiguration : undefined;
resourceInputs["captchaConfiguration"] = state ? state.captchaConfiguration : undefined;
resourceInputs["connectorPolicies"] = state ? state.connectorPolicies : undefined;
resourceInputs["data"] = state ? state.data : undefined;
resourceInputs["emailConfiguration"] = state ? state.emailConfiguration : undefined;
resourceInputs["eventConfigurations"] = state ? state.eventConfigurations : undefined;
resourceInputs["externalIdentifierConfiguration"] = state ? state.externalIdentifierConfiguration : undefined;
resourceInputs["failedAuthenticationConfiguration"] = state ? state.failedAuthenticationConfiguration : undefined;
resourceInputs["familyConfiguration"] = state ? state.familyConfiguration : undefined;
resourceInputs["formConfiguration"] = state ? state.formConfiguration : undefined;
resourceInputs["httpSessionMaxInactiveInterval"] = state ? state.httpSessionMaxInactiveInterval : undefined;
resourceInputs["issuer"] = state ? state.issuer : undefined;
resourceInputs["jwtConfigurations"] = state ? state.jwtConfigurations : undefined;
resourceInputs["lambdaConfiguration"] = state ? state.lambdaConfiguration : undefined;
resourceInputs["loginConfiguration"] = state ? state.loginConfiguration : undefined;
resourceInputs["logoutUrl"] = state ? state.logoutUrl : undefined;
resourceInputs["maximumPasswordAge"] = state ? state.maximumPasswordAge : undefined;
resourceInputs["minimumPasswordAge"] = state ? state.minimumPasswordAge : undefined;
resourceInputs["multiFactorConfiguration"] = state ? state.multiFactorConfiguration : undefined;
resourceInputs["name"] = state ? state.name : undefined;
resourceInputs["oauthConfigurations"] = state ? state.oauthConfigurations : undefined;
resourceInputs["passwordEncryptionConfigurations"] = state ? state.passwordEncryptionConfigurations : undefined;
resourceInputs["passwordValidationRules"] = state ? state.passwordValidationRules : undefined;
resourceInputs["rateLimitConfiguration"] = state ? state.rateLimitConfiguration : undefined;
resourceInputs["registrationConfiguration"] = state ? state.registrationConfiguration : undefined;
resourceInputs["scimServerConfiguration"] = state ? state.scimServerConfiguration : undefined;
resourceInputs["sourceTenantId"] = state ? state.sourceTenantId : undefined;
resourceInputs["ssoConfiguration"] = state ? state.ssoConfiguration : undefined;
resourceInputs["tenantId"] = state ? state.tenantId : undefined;
resourceInputs["themeId"] = state ? state.themeId : undefined;
resourceInputs["userDeletePolicy"] = state ? state.userDeletePolicy : undefined;
resourceInputs["usernameConfiguration"] = state ? state.usernameConfiguration : undefined;
resourceInputs["webauthnConfiguration"] = state ? state.webauthnConfiguration : undefined;
resourceInputs["webhookIds"] = state ? state.webhookIds : undefined;
}
else {
const args = argsOrState;
resourceInputs["accessControlConfiguration"] = args ? args.accessControlConfiguration : undefined;
resourceInputs["captchaConfiguration"] = args ? args.captchaConfiguration : undefined;
resourceInputs["connectorPolicies"] = args ? args.connectorPolicies : undefined;
resourceInputs["data"] = args ? args.data : undefined;
resourceInputs["emailConfiguration"] = args ? args.emailConfiguration : undefined;
resourceInputs["eventConfigurations"] = args ? args.eventConfigurations : undefined;
resourceInputs["externalIdentifierConfiguration"] = args ? args.externalIdentifierConfiguration : undefined;
resourceInputs["failedAuthenticationConfiguration"] = args ? args.failedAuthenticationConfiguration : undefined;
resourceInputs["familyConfiguration"] = args ? args.familyConfiguration : undefined;
resourceInputs["formConfiguration"] = args ? args.formConfiguration : undefined;
resourceInputs["httpSessionMaxInactiveInterval"] = args ? args.httpSessionMaxInactiveInterval : undefined;
resourceInputs["issuer"] = args ? args.issuer : undefined;
resourceInputs["jwtConfigurations"] = args ? args.jwtConfigurations : undefined;
resourceInputs["lambdaConfiguration"] = args ? args.lambdaConfiguration : undefined;
resourceInputs["loginConfiguration"] = args ? args.loginConfiguration : undefined;
resourceInputs["logoutUrl"] = args ? args.logoutUrl : undefined;
resourceInputs["maximumPasswordAge"] = args ? args.maximumPasswordAge : undefined;
resourceInputs["minimumPasswordAge"] = args ? args.minimumPasswordAge : undefined;
resourceInputs["multiFactorConfiguration"] = args ? args.multiFactorConfiguration : undefined;
resourceInputs["name"] = args ? args.name : undefined;
resourceInputs["oauthConfigurations"] = args ? args.oauthConfigurations : undefined;
resourceInputs["passwordEncryptionConfigurations"] = args ? args.passwordEncryptionConfigurations : undefined;
resourceInputs["passwordValidationRules"] = args ? args.passwordValidationRules : undefined;
resourceInputs["rateLimitConfiguration"] = args ? args.rateLimitConfiguration : undefined;
resourceInputs["registrationConfiguration"] = args ? args.registrationConfiguration : undefined;
resourceInputs["scimServerConfiguration"] = args ? args.scimServerConfiguration : undefined;
resourceInputs["sourceTenantId"] = args ? args.sourceTenantId : undefined;
resourceInputs["ssoConfiguration"] = args ? args.ssoConfiguration : undefined;
resourceInputs["tenantId"] = args ? args.tenantId : undefined;
resourceInputs["themeId"] = args ? args.themeId : undefined;
resourceInputs["userDeletePolicy"] = args ? args.userDeletePolicy : undefined;
resourceInputs["usernameConfiguration"] = args ? args.usernameConfiguration : undefined;
resourceInputs["webauthnConfiguration"] = args ? args.webauthnConfiguration : undefined;
resourceInputs["webhookIds"] = args ? args.webhookIds : undefined;
}
opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts);
super(FusionAuthTenant.__pulumiType, name, resourceInputs, opts);
}
}
exports.FusionAuthTenant = FusionAuthTenant;
/** @internal */
FusionAuthTenant.__pulumiType = 'fusionauth:index/fusionAuthTenant:FusionAuthTenant';
//# sourceMappingURL=fusionAuthTenant.js.map