UNPKG

pulumi-infisical

Version:

A Pulumi provider for managing Infisical secrets management platform, dynamically bridged from the Terraform Infisical provider with support for projects, secrets, identity management, integrations, and access controls.

201 lines 10.2 kB
import * as pulumi from "@pulumi/pulumi"; import * as inputs from "./types/input"; import * as outputs from "./types/output"; export declare class IdentityJwtAuth extends pulumi.CustomResource { /** * Get an existing IdentityJwtAuth resource's state with the given name, ID, and optional extra * properties used to qualify the lookup. * * @param name The _unique_ name of the resulting resource. * @param id The _unique_ provider ID of the resource to lookup. * @param state Any extra arguments used during the lookup. * @param opts Optional settings to control the behavior of the CustomResource. */ static get(name: string, id: pulumi.Input<pulumi.ID>, state?: IdentityJwtAuthState, opts?: pulumi.CustomResourceOptions): IdentityJwtAuth; /** * Returns true if the given object is an instance of IdentityJwtAuth. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj: any): obj is IdentityJwtAuth; /** * The maximum lifetime for an access token in seconds. This value will be referenced at renewal time. Default: 2592000 */ readonly accessTokenMaxTtl: pulumi.Output<number>; /** * The maximum number of times that an access token can be used; a value of 0 implies infinite number of uses. Default: 0 */ readonly accessTokenNumUsesLimit: pulumi.Output<number>; /** * A list of IPs or CIDR ranges that access tokens can be used from. You can use 0.0.0.0/0, to allow usage from any network address. */ readonly accessTokenTrustedIps: pulumi.Output<outputs.IdentityJwtAuthAccessTokenTrustedIp[]>; /** * The lifetime for an access token in seconds. This value will be referenced at renewal time. Default: 2592000 */ readonly accessTokenTtl: pulumi.Output<number>; /** * The list of intended recipients. */ readonly boundAudiences: pulumi.Output<string[]>; /** * The attributes that should be present in the JWT for it to be valid. */ readonly boundClaims: pulumi.Output<{ [key: string]: string; }>; /** * The unique identifier of the identity provider issuing the JWTs. */ readonly boundIssuer: pulumi.Output<string>; /** * The expected principal that is the subject of the JWT. */ readonly boundSubject: pulumi.Output<string>; /** * The configuration type of the JWT auth. Must be 'jwks' or 'static'. */ readonly configurationType: pulumi.Output<string>; /** * The ID of the identity to attach the configuration onto. */ readonly identityId: pulumi.Output<string>; /** * The PEM-encoded CA certificate for validating the TLS connection to the JWKS URL. */ readonly jwksCaCert: pulumi.Output<string>; /** * The URL used to retrieve the JSON Web Key Set (JWKS) for verifying JWTs. Required when<span pulumi-lang-nodejs=" configurationType " pulumi-lang-dotnet=" ConfigurationType " pulumi-lang-go=" configurationType " pulumi-lang-python=" configuration_type " pulumi-lang-yaml=" configurationType " pulumi-lang-java=" configurationType " pulumi-lang-hcl=" configuration_type "> configurationType </span>is 'jwks'. */ readonly jwksUrl: pulumi.Output<string>; /** * A list of PEM-encoded public keys used to verify JWTs. Required when<span pulumi-lang-nodejs=" configurationType " pulumi-lang-dotnet=" ConfigurationType " pulumi-lang-go=" configurationType " pulumi-lang-python=" configuration_type " pulumi-lang-yaml=" configurationType " pulumi-lang-java=" configurationType " pulumi-lang-hcl=" configuration_type "> configurationType </span>is 'static'. */ readonly publicKeys: pulumi.Output<string[]>; /** * Create a IdentityJwtAuth resource with the given unique name, arguments, and options. * * @param name The _unique_ name of the resource. * @param args The arguments to use to populate this resource's properties. * @param opts A bag of options that control this resource's behavior. */ constructor(name: string, args: IdentityJwtAuthArgs, opts?: pulumi.CustomResourceOptions); } /** * Input properties used for looking up and filtering IdentityJwtAuth resources. */ export interface IdentityJwtAuthState { /** * The maximum lifetime for an access token in seconds. This value will be referenced at renewal time. Default: 2592000 */ accessTokenMaxTtl?: pulumi.Input<number | undefined>; /** * The maximum number of times that an access token can be used; a value of 0 implies infinite number of uses. Default: 0 */ accessTokenNumUsesLimit?: pulumi.Input<number | undefined>; /** * A list of IPs or CIDR ranges that access tokens can be used from. You can use 0.0.0.0/0, to allow usage from any network address. */ accessTokenTrustedIps?: pulumi.Input<pulumi.Input<inputs.IdentityJwtAuthAccessTokenTrustedIp>[] | undefined>; /** * The lifetime for an access token in seconds. This value will be referenced at renewal time. Default: 2592000 */ accessTokenTtl?: pulumi.Input<number | undefined>; /** * The list of intended recipients. */ boundAudiences?: pulumi.Input<pulumi.Input<string>[] | undefined>; /** * The attributes that should be present in the JWT for it to be valid. */ boundClaims?: pulumi.Input<{ [key: string]: pulumi.Input<string>; } | undefined>; /** * The unique identifier of the identity provider issuing the JWTs. */ boundIssuer?: pulumi.Input<string | undefined>; /** * The expected principal that is the subject of the JWT. */ boundSubject?: pulumi.Input<string | undefined>; /** * The configuration type of the JWT auth. Must be 'jwks' or 'static'. */ configurationType?: pulumi.Input<string | undefined>; /** * The ID of the identity to attach the configuration onto. */ identityId?: pulumi.Input<string | undefined>; /** * The PEM-encoded CA certificate for validating the TLS connection to the JWKS URL. */ jwksCaCert?: pulumi.Input<string | undefined>; /** * The URL used to retrieve the JSON Web Key Set (JWKS) for verifying JWTs. Required when<span pulumi-lang-nodejs=" configurationType " pulumi-lang-dotnet=" ConfigurationType " pulumi-lang-go=" configurationType " pulumi-lang-python=" configuration_type " pulumi-lang-yaml=" configurationType " pulumi-lang-java=" configurationType " pulumi-lang-hcl=" configuration_type "> configurationType </span>is 'jwks'. */ jwksUrl?: pulumi.Input<string | undefined>; /** * A list of PEM-encoded public keys used to verify JWTs. Required when<span pulumi-lang-nodejs=" configurationType " pulumi-lang-dotnet=" ConfigurationType " pulumi-lang-go=" configurationType " pulumi-lang-python=" configuration_type " pulumi-lang-yaml=" configurationType " pulumi-lang-java=" configurationType " pulumi-lang-hcl=" configuration_type "> configurationType </span>is 'static'. */ publicKeys?: pulumi.Input<pulumi.Input<string>[] | undefined>; } /** * The set of arguments for constructing a IdentityJwtAuth resource. */ export interface IdentityJwtAuthArgs { /** * The maximum lifetime for an access token in seconds. This value will be referenced at renewal time. Default: 2592000 */ accessTokenMaxTtl?: pulumi.Input<number | undefined>; /** * The maximum number of times that an access token can be used; a value of 0 implies infinite number of uses. Default: 0 */ accessTokenNumUsesLimit?: pulumi.Input<number | undefined>; /** * A list of IPs or CIDR ranges that access tokens can be used from. You can use 0.0.0.0/0, to allow usage from any network address. */ accessTokenTrustedIps?: pulumi.Input<pulumi.Input<inputs.IdentityJwtAuthAccessTokenTrustedIp>[] | undefined>; /** * The lifetime for an access token in seconds. This value will be referenced at renewal time. Default: 2592000 */ accessTokenTtl?: pulumi.Input<number | undefined>; /** * The list of intended recipients. */ boundAudiences?: pulumi.Input<pulumi.Input<string>[] | undefined>; /** * The attributes that should be present in the JWT for it to be valid. */ boundClaims?: pulumi.Input<{ [key: string]: pulumi.Input<string>; } | undefined>; /** * The unique identifier of the identity provider issuing the JWTs. */ boundIssuer?: pulumi.Input<string | undefined>; /** * The expected principal that is the subject of the JWT. */ boundSubject?: pulumi.Input<string | undefined>; /** * The configuration type of the JWT auth. Must be 'jwks' or 'static'. */ configurationType: pulumi.Input<string>; /** * The ID of the identity to attach the configuration onto. */ identityId: pulumi.Input<string>; /** * The PEM-encoded CA certificate for validating the TLS connection to the JWKS URL. */ jwksCaCert?: pulumi.Input<string | undefined>; /** * The URL used to retrieve the JSON Web Key Set (JWKS) for verifying JWTs. Required when<span pulumi-lang-nodejs=" configurationType " pulumi-lang-dotnet=" ConfigurationType " pulumi-lang-go=" configurationType " pulumi-lang-python=" configuration_type " pulumi-lang-yaml=" configurationType " pulumi-lang-java=" configurationType " pulumi-lang-hcl=" configuration_type "> configurationType </span>is 'jwks'. */ jwksUrl?: pulumi.Input<string | undefined>; /** * A list of PEM-encoded public keys used to verify JWTs. Required when<span pulumi-lang-nodejs=" configurationType " pulumi-lang-dotnet=" ConfigurationType " pulumi-lang-go=" configurationType " pulumi-lang-python=" configuration_type " pulumi-lang-yaml=" configurationType " pulumi-lang-java=" configurationType " pulumi-lang-hcl=" configuration_type "> configurationType </span>is 'static'. */ publicKeys?: pulumi.Input<pulumi.Input<string>[] | undefined>; } //# sourceMappingURL=identityJwtAuth.d.ts.map