1. Packages
  2. HashiCorp Consul
  3. API Docs
  4. AclAuthMethod
Consul v3.11.1 published on Friday, Jan 19, 2024 by Pulumi

consul.AclAuthMethod

Explore with Pulumi AI

consul logo
Consul v3.11.1 published on Friday, Jan 19, 2024 by Pulumi

    Starting with Consul 1.5.0, the consul.AclAuthMethod resource can be used to managed Consul ACL auth methods.

    Example Usage

    Define a

    using System.Collections.Generic;
    using System.Linq;
    using System.Text.Json;
    using Pulumi;
    using Consul = Pulumi.Consul;
    
    return await Deployment.RunAsync(() => 
    {
        var minikube = new Consul.AclAuthMethod("minikube", new()
        {
            Type = "kubernetes",
            Description = "dev minikube cluster",
            ConfigJson = JsonSerializer.Serialize(new Dictionary<string, object?>
            {
                ["Host"] = "https://192.0.2.42:8443",
                ["CACert"] = @"-----BEGIN CERTIFICATE-----
    ...-----END CERTIFICATE-----
    ",
                ["ServiceAccountJWT"] = "eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9...",
            }),
        });
    
    });
    
    package main
    
    import (
    	"encoding/json"
    
    	"github.com/pulumi/pulumi-consul/sdk/v3/go/consul"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		tmpJSON0, err := json.Marshal(map[string]interface{}{
    			"Host":              "https://192.0.2.42:8443",
    			"CACert":            "-----BEGIN CERTIFICATE-----\n...-----END CERTIFICATE-----\n",
    			"ServiceAccountJWT": "eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9...",
    		})
    		if err != nil {
    			return err
    		}
    		json0 := string(tmpJSON0)
    		_, err = consul.NewAclAuthMethod(ctx, "minikube", &consul.AclAuthMethodArgs{
    			Type:        pulumi.String("kubernetes"),
    			Description: pulumi.String("dev minikube cluster"),
    			ConfigJson:  pulumi.String(json0),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.consul.AclAuthMethod;
    import com.pulumi.consul.AclAuthMethodArgs;
    import static com.pulumi.codegen.internal.Serialization.*;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var minikube = new AclAuthMethod("minikube", AclAuthMethodArgs.builder()        
                .type("kubernetes")
                .description("dev minikube cluster")
                .configJson(serializeJson(
                    jsonObject(
                        jsonProperty("Host", "https://192.0.2.42:8443"),
                        jsonProperty("CACert", """
    -----BEGIN CERTIFICATE-----
    ...-----END CERTIFICATE-----
                        """),
                        jsonProperty("ServiceAccountJWT", "eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9...")
                    )))
                .build());
    
        }
    }
    
    import pulumi
    import json
    import pulumi_consul as consul
    
    minikube = consul.AclAuthMethod("minikube",
        type="kubernetes",
        description="dev minikube cluster",
        config_json=json.dumps({
            "Host": "https://192.0.2.42:8443",
            "CACert": """-----BEGIN CERTIFICATE-----
    ...-----END CERTIFICATE-----
    """,
            "ServiceAccountJWT": "eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9...",
        }))
    
    import * as pulumi from "@pulumi/pulumi";
    import * as consul from "@pulumi/consul";
    
    const minikube = new consul.AclAuthMethod("minikube", {
        type: "kubernetes",
        description: "dev minikube cluster",
        configJson: JSON.stringify({
            Host: "https://192.0.2.42:8443",
            CACert: `-----BEGIN CERTIFICATE-----
    ...-----END CERTIFICATE-----
    `,
            ServiceAccountJWT: "eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9...",
        }),
    });
    
    resources:
      minikube:
        type: consul:AclAuthMethod
        properties:
          type: kubernetes
          description: dev minikube cluster
          configJson:
            fn::toJSON:
              Host: https://192.0.2.42:8443
              CACert: |
                -----BEGIN CERTIFICATE-----
                ...-----END CERTIFICATE-----            
              ServiceAccountJWT: eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9...
    

    auth method

    using System.Collections.Generic;
    using System.Linq;
    using System.Text.Json;
    using Pulumi;
    using Consul = Pulumi.Consul;
    
    return await Deployment.RunAsync(() => 
    {
        var oidc = new Consul.AclAuthMethod("oidc", new()
        {
            Type = "oidc",
            MaxTokenTtl = "5m",
            ConfigJson = JsonSerializer.Serialize(new Dictionary<string, object?>
            {
                ["AllowedRedirectURIs"] = new[]
                {
                    "http://localhost:8550/oidc/callback",
                    "http://localhost:8500/ui/oidc/callback",
                },
                ["BoundAudiences"] = new[]
                {
                    "V1RPi2MYptMV1RPi2MYptMV1RPi2MYpt",
                },
                ["ClaimMappings"] = new Dictionary<string, object?>
                {
                    ["http://example.com/first_name"] = "first_name",
                    ["http://example.com/last_name"] = "last_name",
                },
                ["ListClaimMappings"] = new Dictionary<string, object?>
                {
                    ["http://consul.com/groups"] = "groups",
                },
                ["OIDCClientID"] = "V1RPi2MYptMV1RPi2MYptMV1RPi2MYpt",
                ["OIDCClientSecret"] = "...(omitted)...",
                ["OIDCDiscoveryURL"] = "https://my-corp-app-name.auth0.com/",
            }),
        });
    
    });
    
    package main
    
    import (
    	"encoding/json"
    
    	"github.com/pulumi/pulumi-consul/sdk/v3/go/consul"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		tmpJSON0, err := json.Marshal(map[string]interface{}{
    			"AllowedRedirectURIs": []string{
    				"http://localhost:8550/oidc/callback",
    				"http://localhost:8500/ui/oidc/callback",
    			},
    			"BoundAudiences": []string{
    				"V1RPi2MYptMV1RPi2MYptMV1RPi2MYpt",
    			},
    			"ClaimMappings": map[string]interface{}{
    				"http://example.com/first_name": "first_name",
    				"http://example.com/last_name":  "last_name",
    			},
    			"ListClaimMappings": map[string]interface{}{
    				"http://consul.com/groups": "groups",
    			},
    			"OIDCClientID":     "V1RPi2MYptMV1RPi2MYptMV1RPi2MYpt",
    			"OIDCClientSecret": "...(omitted)...",
    			"OIDCDiscoveryURL": "https://my-corp-app-name.auth0.com/",
    		})
    		if err != nil {
    			return err
    		}
    		json0 := string(tmpJSON0)
    		_, err = consul.NewAclAuthMethod(ctx, "oidc", &consul.AclAuthMethodArgs{
    			Type:        pulumi.String("oidc"),
    			MaxTokenTtl: pulumi.String("5m"),
    			ConfigJson:  pulumi.String(json0),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.consul.AclAuthMethod;
    import com.pulumi.consul.AclAuthMethodArgs;
    import static com.pulumi.codegen.internal.Serialization.*;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var oidc = new AclAuthMethod("oidc", AclAuthMethodArgs.builder()        
                .type("oidc")
                .maxTokenTtl("5m")
                .configJson(serializeJson(
                    jsonObject(
                        jsonProperty("AllowedRedirectURIs", jsonArray(
                            "http://localhost:8550/oidc/callback", 
                            "http://localhost:8500/ui/oidc/callback"
                        )),
                        jsonProperty("BoundAudiences", jsonArray("V1RPi2MYptMV1RPi2MYptMV1RPi2MYpt")),
                        jsonProperty("ClaimMappings", jsonObject(
                            jsonProperty("http://example.com/first_name", "first_name"),
                            jsonProperty("http://example.com/last_name", "last_name")
                        )),
                        jsonProperty("ListClaimMappings", jsonObject(
                            jsonProperty("http://consul.com/groups", "groups")
                        )),
                        jsonProperty("OIDCClientID", "V1RPi2MYptMV1RPi2MYptMV1RPi2MYpt"),
                        jsonProperty("OIDCClientSecret", "...(omitted)..."),
                        jsonProperty("OIDCDiscoveryURL", "https://my-corp-app-name.auth0.com/")
                    )))
                .build());
    
        }
    }
    
    import pulumi
    import json
    import pulumi_consul as consul
    
    oidc = consul.AclAuthMethod("oidc",
        type="oidc",
        max_token_ttl="5m",
        config_json=json.dumps({
            "AllowedRedirectURIs": [
                "http://localhost:8550/oidc/callback",
                "http://localhost:8500/ui/oidc/callback",
            ],
            "BoundAudiences": ["V1RPi2MYptMV1RPi2MYptMV1RPi2MYpt"],
            "ClaimMappings": {
                "http://example.com/first_name": "first_name",
                "http://example.com/last_name": "last_name",
            },
            "ListClaimMappings": {
                "http://consul.com/groups": "groups",
            },
            "OIDCClientID": "V1RPi2MYptMV1RPi2MYptMV1RPi2MYpt",
            "OIDCClientSecret": "...(omitted)...",
            "OIDCDiscoveryURL": "https://my-corp-app-name.auth0.com/",
        }))
    
    import * as pulumi from "@pulumi/pulumi";
    import * as consul from "@pulumi/consul";
    
    const oidc = new consul.AclAuthMethod("oidc", {
        type: "oidc",
        maxTokenTtl: "5m",
        configJson: JSON.stringify({
            AllowedRedirectURIs: [
                "http://localhost:8550/oidc/callback",
                "http://localhost:8500/ui/oidc/callback",
            ],
            BoundAudiences: ["V1RPi2MYptMV1RPi2MYptMV1RPi2MYpt"],
            ClaimMappings: {
                "http://example.com/first_name": "first_name",
                "http://example.com/last_name": "last_name",
            },
            ListClaimMappings: {
                "http://consul.com/groups": "groups",
            },
            OIDCClientID: "V1RPi2MYptMV1RPi2MYptMV1RPi2MYpt",
            OIDCClientSecret: "...(omitted)...",
            OIDCDiscoveryURL: "https://my-corp-app-name.auth0.com/",
        }),
    });
    
    resources:
      oidc:
        type: consul:AclAuthMethod
        properties:
          type: oidc
          maxTokenTtl: 5m
          configJson:
            fn::toJSON:
              AllowedRedirectURIs:
                - http://localhost:8550/oidc/callback
                - http://localhost:8500/ui/oidc/callback
              BoundAudiences:
                - V1RPi2MYptMV1RPi2MYptMV1RPi2MYpt
              ClaimMappings:
                http://example.com/first_name: first_name
                http://example.com/last_name: last_name
              ListClaimMappings:
                http://consul.com/groups: groups
              OIDCClientID: V1RPi2MYptMV1RPi2MYptMV1RPi2MYpt
              OIDCClientSecret: '...(omitted)...'
              OIDCDiscoveryURL: https://my-corp-app-name.auth0.com/
    

    Create AclAuthMethod Resource

    new AclAuthMethod(name: string, args: AclAuthMethodArgs, opts?: CustomResourceOptions);
    @overload
    def AclAuthMethod(resource_name: str,
                      opts: Optional[ResourceOptions] = None,
                      config: Optional[Mapping[str, str]] = None,
                      config_json: Optional[str] = None,
                      description: Optional[str] = None,
                      display_name: Optional[str] = None,
                      max_token_ttl: Optional[str] = None,
                      name: Optional[str] = None,
                      namespace: Optional[str] = None,
                      namespace_rules: Optional[Sequence[AclAuthMethodNamespaceRuleArgs]] = None,
                      partition: Optional[str] = None,
                      token_locality: Optional[str] = None,
                      type: Optional[str] = None)
    @overload
    def AclAuthMethod(resource_name: str,
                      args: AclAuthMethodArgs,
                      opts: Optional[ResourceOptions] = None)
    func NewAclAuthMethod(ctx *Context, name string, args AclAuthMethodArgs, opts ...ResourceOption) (*AclAuthMethod, error)
    public AclAuthMethod(string name, AclAuthMethodArgs args, CustomResourceOptions? opts = null)
    public AclAuthMethod(String name, AclAuthMethodArgs args)
    public AclAuthMethod(String name, AclAuthMethodArgs args, CustomResourceOptions options)
    
    type: consul:AclAuthMethod
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    
    name string
    The unique name of the resource.
    args AclAuthMethodArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args AclAuthMethodArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args AclAuthMethodArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args AclAuthMethodArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args AclAuthMethodArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    AclAuthMethod Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The AclAuthMethod resource accepts the following input properties:

    Type string
    The type of the ACL auth method.
    Config Dictionary<string, string>
    The raw configuration for this ACL auth method.

    Deprecated:The config attribute is deprecated, please use config_json instead.

    ConfigJson string
    The raw configuration for this ACL auth method.
    Description string
    A free form human readable description of the auth method.
    DisplayName string
    An optional name to use instead of the name attribute when displaying information about this auth method.
    MaxTokenTtl string
    The maximum life of any token created by this auth method. This attribute is required and must be set to a nonzero for the OIDC auth method.
    Name string
    The name of the ACL auth method.
    Namespace string
    The namespace in which to create the auth method.
    NamespaceRules List<AclAuthMethodNamespaceRule>
    A set of rules that control which namespace tokens created via this auth method will be created within.
    Partition string
    The partition the ACL auth method is associated with.
    TokenLocality string
    The kind of token that this auth method produces. This can be either 'local' or 'global'.
    Type string
    The type of the ACL auth method.
    Config map[string]string
    The raw configuration for this ACL auth method.

    Deprecated:The config attribute is deprecated, please use config_json instead.

    ConfigJson string
    The raw configuration for this ACL auth method.
    Description string
    A free form human readable description of the auth method.
    DisplayName string
    An optional name to use instead of the name attribute when displaying information about this auth method.
    MaxTokenTtl string
    The maximum life of any token created by this auth method. This attribute is required and must be set to a nonzero for the OIDC auth method.
    Name string
    The name of the ACL auth method.
    Namespace string
    The namespace in which to create the auth method.
    NamespaceRules []AclAuthMethodNamespaceRuleArgs
    A set of rules that control which namespace tokens created via this auth method will be created within.
    Partition string
    The partition the ACL auth method is associated with.
    TokenLocality string
    The kind of token that this auth method produces. This can be either 'local' or 'global'.
    type String
    The type of the ACL auth method.
    config Map<String,String>
    The raw configuration for this ACL auth method.

    Deprecated:The config attribute is deprecated, please use config_json instead.

    configJson String
    The raw configuration for this ACL auth method.
    description String
    A free form human readable description of the auth method.
    displayName String
    An optional name to use instead of the name attribute when displaying information about this auth method.
    maxTokenTtl String
    The maximum life of any token created by this auth method. This attribute is required and must be set to a nonzero for the OIDC auth method.
    name String
    The name of the ACL auth method.
    namespace String
    The namespace in which to create the auth method.
    namespaceRules List<AclAuthMethodNamespaceRule>
    A set of rules that control which namespace tokens created via this auth method will be created within.
    partition String
    The partition the ACL auth method is associated with.
    tokenLocality String
    The kind of token that this auth method produces. This can be either 'local' or 'global'.
    type string
    The type of the ACL auth method.
    config {[key: string]: string}
    The raw configuration for this ACL auth method.

    Deprecated:The config attribute is deprecated, please use config_json instead.

    configJson string
    The raw configuration for this ACL auth method.
    description string
    A free form human readable description of the auth method.
    displayName string
    An optional name to use instead of the name attribute when displaying information about this auth method.
    maxTokenTtl string
    The maximum life of any token created by this auth method. This attribute is required and must be set to a nonzero for the OIDC auth method.
    name string
    The name of the ACL auth method.
    namespace string
    The namespace in which to create the auth method.
    namespaceRules AclAuthMethodNamespaceRule[]
    A set of rules that control which namespace tokens created via this auth method will be created within.
    partition string
    The partition the ACL auth method is associated with.
    tokenLocality string
    The kind of token that this auth method produces. This can be either 'local' or 'global'.
    type str
    The type of the ACL auth method.
    config Mapping[str, str]
    The raw configuration for this ACL auth method.

    Deprecated:The config attribute is deprecated, please use config_json instead.

    config_json str
    The raw configuration for this ACL auth method.
    description str
    A free form human readable description of the auth method.
    display_name str
    An optional name to use instead of the name attribute when displaying information about this auth method.
    max_token_ttl str
    The maximum life of any token created by this auth method. This attribute is required and must be set to a nonzero for the OIDC auth method.
    name str
    The name of the ACL auth method.
    namespace str
    The namespace in which to create the auth method.
    namespace_rules Sequence[AclAuthMethodNamespaceRuleArgs]
    A set of rules that control which namespace tokens created via this auth method will be created within.
    partition str
    The partition the ACL auth method is associated with.
    token_locality str
    The kind of token that this auth method produces. This can be either 'local' or 'global'.
    type String
    The type of the ACL auth method.
    config Map<String>
    The raw configuration for this ACL auth method.

    Deprecated:The config attribute is deprecated, please use config_json instead.

    configJson String
    The raw configuration for this ACL auth method.
    description String
    A free form human readable description of the auth method.
    displayName String
    An optional name to use instead of the name attribute when displaying information about this auth method.
    maxTokenTtl String
    The maximum life of any token created by this auth method. This attribute is required and must be set to a nonzero for the OIDC auth method.
    name String
    The name of the ACL auth method.
    namespace String
    The namespace in which to create the auth method.
    namespaceRules List<Property Map>
    A set of rules that control which namespace tokens created via this auth method will be created within.
    partition String
    The partition the ACL auth method is associated with.
    tokenLocality String
    The kind of token that this auth method produces. This can be either 'local' or 'global'.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the AclAuthMethod resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    Id string
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.
    id string
    The provider-assigned unique ID for this managed resource.
    id str
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.

    Look up Existing AclAuthMethod Resource

    Get an existing AclAuthMethod resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: AclAuthMethodState, opts?: CustomResourceOptions): AclAuthMethod
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            config: Optional[Mapping[str, str]] = None,
            config_json: Optional[str] = None,
            description: Optional[str] = None,
            display_name: Optional[str] = None,
            max_token_ttl: Optional[str] = None,
            name: Optional[str] = None,
            namespace: Optional[str] = None,
            namespace_rules: Optional[Sequence[AclAuthMethodNamespaceRuleArgs]] = None,
            partition: Optional[str] = None,
            token_locality: Optional[str] = None,
            type: Optional[str] = None) -> AclAuthMethod
    func GetAclAuthMethod(ctx *Context, name string, id IDInput, state *AclAuthMethodState, opts ...ResourceOption) (*AclAuthMethod, error)
    public static AclAuthMethod Get(string name, Input<string> id, AclAuthMethodState? state, CustomResourceOptions? opts = null)
    public static AclAuthMethod get(String name, Output<String> id, AclAuthMethodState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    Config Dictionary<string, string>
    The raw configuration for this ACL auth method.

    Deprecated:The config attribute is deprecated, please use config_json instead.

    ConfigJson string
    The raw configuration for this ACL auth method.
    Description string
    A free form human readable description of the auth method.
    DisplayName string
    An optional name to use instead of the name attribute when displaying information about this auth method.
    MaxTokenTtl string
    The maximum life of any token created by this auth method. This attribute is required and must be set to a nonzero for the OIDC auth method.
    Name string
    The name of the ACL auth method.
    Namespace string
    The namespace in which to create the auth method.
    NamespaceRules List<AclAuthMethodNamespaceRule>
    A set of rules that control which namespace tokens created via this auth method will be created within.
    Partition string
    The partition the ACL auth method is associated with.
    TokenLocality string
    The kind of token that this auth method produces. This can be either 'local' or 'global'.
    Type string
    The type of the ACL auth method.
    Config map[string]string
    The raw configuration for this ACL auth method.

    Deprecated:The config attribute is deprecated, please use config_json instead.

    ConfigJson string
    The raw configuration for this ACL auth method.
    Description string
    A free form human readable description of the auth method.
    DisplayName string
    An optional name to use instead of the name attribute when displaying information about this auth method.
    MaxTokenTtl string
    The maximum life of any token created by this auth method. This attribute is required and must be set to a nonzero for the OIDC auth method.
    Name string
    The name of the ACL auth method.
    Namespace string
    The namespace in which to create the auth method.
    NamespaceRules []AclAuthMethodNamespaceRuleArgs
    A set of rules that control which namespace tokens created via this auth method will be created within.
    Partition string
    The partition the ACL auth method is associated with.
    TokenLocality string
    The kind of token that this auth method produces. This can be either 'local' or 'global'.
    Type string
    The type of the ACL auth method.
    config Map<String,String>
    The raw configuration for this ACL auth method.

    Deprecated:The config attribute is deprecated, please use config_json instead.

    configJson String
    The raw configuration for this ACL auth method.
    description String
    A free form human readable description of the auth method.
    displayName String
    An optional name to use instead of the name attribute when displaying information about this auth method.
    maxTokenTtl String
    The maximum life of any token created by this auth method. This attribute is required and must be set to a nonzero for the OIDC auth method.
    name String
    The name of the ACL auth method.
    namespace String
    The namespace in which to create the auth method.
    namespaceRules List<AclAuthMethodNamespaceRule>
    A set of rules that control which namespace tokens created via this auth method will be created within.
    partition String
    The partition the ACL auth method is associated with.
    tokenLocality String
    The kind of token that this auth method produces. This can be either 'local' or 'global'.
    type String
    The type of the ACL auth method.
    config {[key: string]: string}
    The raw configuration for this ACL auth method.

    Deprecated:The config attribute is deprecated, please use config_json instead.

    configJson string
    The raw configuration for this ACL auth method.
    description string
    A free form human readable description of the auth method.
    displayName string
    An optional name to use instead of the name attribute when displaying information about this auth method.
    maxTokenTtl string
    The maximum life of any token created by this auth method. This attribute is required and must be set to a nonzero for the OIDC auth method.
    name string
    The name of the ACL auth method.
    namespace string
    The namespace in which to create the auth method.
    namespaceRules AclAuthMethodNamespaceRule[]
    A set of rules that control which namespace tokens created via this auth method will be created within.
    partition string
    The partition the ACL auth method is associated with.
    tokenLocality string
    The kind of token that this auth method produces. This can be either 'local' or 'global'.
    type string
    The type of the ACL auth method.
    config Mapping[str, str]
    The raw configuration for this ACL auth method.

    Deprecated:The config attribute is deprecated, please use config_json instead.

    config_json str
    The raw configuration for this ACL auth method.
    description str
    A free form human readable description of the auth method.
    display_name str
    An optional name to use instead of the name attribute when displaying information about this auth method.
    max_token_ttl str
    The maximum life of any token created by this auth method. This attribute is required and must be set to a nonzero for the OIDC auth method.
    name str
    The name of the ACL auth method.
    namespace str
    The namespace in which to create the auth method.
    namespace_rules Sequence[AclAuthMethodNamespaceRuleArgs]
    A set of rules that control which namespace tokens created via this auth method will be created within.
    partition str
    The partition the ACL auth method is associated with.
    token_locality str
    The kind of token that this auth method produces. This can be either 'local' or 'global'.
    type str
    The type of the ACL auth method.
    config Map<String>
    The raw configuration for this ACL auth method.

    Deprecated:The config attribute is deprecated, please use config_json instead.

    configJson String
    The raw configuration for this ACL auth method.
    description String
    A free form human readable description of the auth method.
    displayName String
    An optional name to use instead of the name attribute when displaying information about this auth method.
    maxTokenTtl String
    The maximum life of any token created by this auth method. This attribute is required and must be set to a nonzero for the OIDC auth method.
    name String
    The name of the ACL auth method.
    namespace String
    The namespace in which to create the auth method.
    namespaceRules List<Property Map>
    A set of rules that control which namespace tokens created via this auth method will be created within.
    partition String
    The partition the ACL auth method is associated with.
    tokenLocality String
    The kind of token that this auth method produces. This can be either 'local' or 'global'.
    type String
    The type of the ACL auth method.

    Supporting Types

    AclAuthMethodNamespaceRule, AclAuthMethodNamespaceRuleArgs

    BindNamespace string
    If the namespace rule's selector matches then this is used to control the namespace where the token is created.
    Selector string
    Specifies the expression used to match this namespace rule against valid identities returned from an auth method validation.
    BindNamespace string
    If the namespace rule's selector matches then this is used to control the namespace where the token is created.
    Selector string
    Specifies the expression used to match this namespace rule against valid identities returned from an auth method validation.
    bindNamespace String
    If the namespace rule's selector matches then this is used to control the namespace where the token is created.
    selector String
    Specifies the expression used to match this namespace rule against valid identities returned from an auth method validation.
    bindNamespace string
    If the namespace rule's selector matches then this is used to control the namespace where the token is created.
    selector string
    Specifies the expression used to match this namespace rule against valid identities returned from an auth method validation.
    bind_namespace str
    If the namespace rule's selector matches then this is used to control the namespace where the token is created.
    selector str
    Specifies the expression used to match this namespace rule against valid identities returned from an auth method validation.
    bindNamespace String
    If the namespace rule's selector matches then this is used to control the namespace where the token is created.
    selector String
    Specifies the expression used to match this namespace rule against valid identities returned from an auth method validation.

    Package Details

    Repository
    HashiCorp Consul pulumi/pulumi-consul
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the consul Terraform Provider.
    consul logo
    Consul v3.11.1 published on Friday, Jan 19, 2024 by Pulumi