Ready to level-up your engineering skills? Join a Pulumi Workshop. Register Now

AclAuthMethod

Starting with Consul 1.5.0, the consul.AclAuthMethod resource can be used to managed Consul ACL auth methods.

Example Usage

using System.Collections.Generic;
using System.Text.Json;
using Pulumi;
using Consul = Pulumi.Consul;

class MyStack : Stack
{
    public MyStack()
    {
        var minikube = new Consul.AclAuthMethod("minikube", new Consul.AclAuthMethodArgs
        {
            Type = "kubernetes",
            Description = "dev minikube cluster",
            ConfigJson = JsonSerializer.Serialize(new Dictionary<string, object?>
            {
                { "Host", "https://192.0.2.42:8443" },
                { "CACert", @"-----BEGIN CERTIFICATE-----
...-----END CERTIFICATE-----
" },
                { "ServiceAccountJWT", "eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9..." },
            }),
        });
    }

}
package main

import (
    "encoding/json"

    "github.com/pulumi/pulumi-consul/sdk/v2/go/consul"
    "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)

func main() {
    pulumi.Run(func(ctx *pulumi.Context) error {
        tmpJSON0, err := json.Marshal(map[string]interface{}{
            "Host":              "https://192.0.2.42:8443",
            "CACert":            "-----BEGIN CERTIFICATE-----\n...-----END CERTIFICATE-----\n",
            "ServiceAccountJWT": "eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9...",
        })
        if err != nil {
            return err
        }
        json0 := string(tmpJSON0)
        _, err := consul.NewAclAuthMethod(ctx, "minikube", &consul.AclAuthMethodArgs{
            Type:        pulumi.String("kubernetes"),
            Description: pulumi.String("dev minikube cluster"),
            ConfigJson:  pulumi.String(json0),
        })
        if err != nil {
            return err
        }
        return nil
    })
}
import pulumi
import json
import pulumi_consul as consul

minikube = consul.AclAuthMethod("minikube",
    type="kubernetes",
    description="dev minikube cluster",
    config_json=json.dumps({
        "Host": "https://192.0.2.42:8443",
        "CACert": """-----BEGIN CERTIFICATE-----
...-----END CERTIFICATE-----
""",
        "ServiceAccountJWT": "eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9...",
    }))
import * as pulumi from "@pulumi/pulumi";
import * as consul from "@pulumi/consul";

const minikube = new consul.AclAuthMethod("minikube", {
    type: "kubernetes",
    description: "dev minikube cluster",
    configJson: JSON.stringify({
        Host: "https://192.0.2.42:8443",
        CACert: `-----BEGIN CERTIFICATE-----
...-----END CERTIFICATE-----
`,
        ServiceAccountJWT: "eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9...",
    }),
});

Create a AclAuthMethod Resource

new AclAuthMethod(name: string, args: AclAuthMethodArgs, opts?: CustomResourceOptions);
def AclAuthMethod(resource_name: str, opts: Optional[ResourceOptions] = None, config: Optional[Mapping[str, str]] = None, config_json: Optional[str] = None, description: Optional[str] = None, display_name: Optional[str] = None, max_token_ttl: Optional[str] = None, name: Optional[str] = None, namespace: Optional[str] = None, namespace_rules: Optional[Sequence[AclAuthMethodNamespaceRuleArgs]] = None, token_locality: Optional[str] = None, type: Optional[str] = None)
func NewAclAuthMethod(ctx *Context, name string, args AclAuthMethodArgs, opts ...ResourceOption) (*AclAuthMethod, error)
public AclAuthMethod(string name, AclAuthMethodArgs args, CustomResourceOptions? opts = null)
name string
The unique name of the resource.
args AclAuthMethodArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
opts ResourceOptions
A bag of options that control this resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args AclAuthMethodArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args AclAuthMethodArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.

AclAuthMethod Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Programming Model docs.

Inputs

The AclAuthMethod resource accepts the following input properties:

Type string

The type of the ACL auth method.

Config Dictionary<string, string>

The raw configuration for this ACL auth method. This attribute is deprecated and will be removed in a future version. config_json should be used instead.

Deprecated: The config attribute is deprecated, please use config_json instead.

ConfigJson string

The raw configuration for this ACL auth method.

Description string

A free form human readable description of the auth method.

DisplayName string

An optional name to use instead of the name attribute when displaying information about this auth method.

MaxTokenTtl string

The maximum life of any token created by this auth method.

Name string

The name of the ACL auth method.

Namespace string

The namespace to create the policy within.

NamespaceRules List<AclAuthMethodNamespaceRuleArgs>

A set of rules that control which namespace tokens created via this auth method will be created within.

TokenLocality string

The kind of token that this auth method produces. This can be either ‘local’ or ‘global’.

Type string

The type of the ACL auth method.

Config map[string]string

The raw configuration for this ACL auth method. This attribute is deprecated and will be removed in a future version. config_json should be used instead.

Deprecated: The config attribute is deprecated, please use config_json instead.

ConfigJson string

The raw configuration for this ACL auth method.

Description string

A free form human readable description of the auth method.

DisplayName string

An optional name to use instead of the name attribute when displaying information about this auth method.

MaxTokenTtl string

The maximum life of any token created by this auth method.

Name string

The name of the ACL auth method.

Namespace string

The namespace to create the policy within.

NamespaceRules []AclAuthMethodNamespaceRule

A set of rules that control which namespace tokens created via this auth method will be created within.

TokenLocality string

The kind of token that this auth method produces. This can be either ‘local’ or ‘global’.

type string

The type of the ACL auth method.

config {[key: string]: string}

The raw configuration for this ACL auth method. This attribute is deprecated and will be removed in a future version. config_json should be used instead.

Deprecated: The config attribute is deprecated, please use config_json instead.

configJson string

The raw configuration for this ACL auth method.

description string

A free form human readable description of the auth method.

displayName string

An optional name to use instead of the name attribute when displaying information about this auth method.

maxTokenTtl string

The maximum life of any token created by this auth method.

name string

The name of the ACL auth method.

namespace string

The namespace to create the policy within.

namespaceRules AclAuthMethodNamespaceRule[]

A set of rules that control which namespace tokens created via this auth method will be created within.

tokenLocality string

The kind of token that this auth method produces. This can be either ‘local’ or ‘global’.

type str

The type of the ACL auth method.

config Mapping[str, str]

The raw configuration for this ACL auth method. This attribute is deprecated and will be removed in a future version. config_json should be used instead.

Deprecated: The config attribute is deprecated, please use config_json instead.

config_json str

The raw configuration for this ACL auth method.

description str

A free form human readable description of the auth method.

display_name str

An optional name to use instead of the name attribute when displaying information about this auth method.

max_token_ttl str

The maximum life of any token created by this auth method.

name str

The name of the ACL auth method.

namespace str

The namespace to create the policy within.

namespace_rules Sequence[AclAuthMethodNamespaceRuleArgs]

A set of rules that control which namespace tokens created via this auth method will be created within.

token_locality str

The kind of token that this auth method produces. This can be either ‘local’ or ‘global’.

Outputs

All input properties are implicitly available as output properties. Additionally, the AclAuthMethod resource produces the following output properties:

Id string
The provider-assigned unique ID for this managed resource.
Id string
The provider-assigned unique ID for this managed resource.
id string
The provider-assigned unique ID for this managed resource.
id str
The provider-assigned unique ID for this managed resource.

Look up an Existing AclAuthMethod Resource

Get an existing AclAuthMethod resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: AclAuthMethodState, opts?: CustomResourceOptions): AclAuthMethod
@staticmethod
def get(resource_name: str, id: str, opts: Optional[ResourceOptions] = None, config: Optional[Mapping[str, str]] = None, config_json: Optional[str] = None, description: Optional[str] = None, display_name: Optional[str] = None, max_token_ttl: Optional[str] = None, name: Optional[str] = None, namespace: Optional[str] = None, namespace_rules: Optional[Sequence[AclAuthMethodNamespaceRuleArgs]] = None, token_locality: Optional[str] = None, type: Optional[str] = None) -> AclAuthMethod
func GetAclAuthMethod(ctx *Context, name string, id IDInput, state *AclAuthMethodState, opts ...ResourceOption) (*AclAuthMethod, error)
public static AclAuthMethod Get(string name, Input<string> id, AclAuthMethodState? state, CustomResourceOptions? opts = null)
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.

The following state arguments are supported:

Config Dictionary<string, string>

The raw configuration for this ACL auth method. This attribute is deprecated and will be removed in a future version. config_json should be used instead.

Deprecated: The config attribute is deprecated, please use config_json instead.

ConfigJson string

The raw configuration for this ACL auth method.

Description string

A free form human readable description of the auth method.

DisplayName string

An optional name to use instead of the name attribute when displaying information about this auth method.

MaxTokenTtl string

The maximum life of any token created by this auth method.

Name string

The name of the ACL auth method.

Namespace string

The namespace to create the policy within.

NamespaceRules List<AclAuthMethodNamespaceRuleArgs>

A set of rules that control which namespace tokens created via this auth method will be created within.

TokenLocality string

The kind of token that this auth method produces. This can be either ‘local’ or ‘global’.

Type string

The type of the ACL auth method.

Config map[string]string

The raw configuration for this ACL auth method. This attribute is deprecated and will be removed in a future version. config_json should be used instead.

Deprecated: The config attribute is deprecated, please use config_json instead.

ConfigJson string

The raw configuration for this ACL auth method.

Description string

A free form human readable description of the auth method.

DisplayName string

An optional name to use instead of the name attribute when displaying information about this auth method.

MaxTokenTtl string

The maximum life of any token created by this auth method.

Name string

The name of the ACL auth method.

Namespace string

The namespace to create the policy within.

NamespaceRules []AclAuthMethodNamespaceRule

A set of rules that control which namespace tokens created via this auth method will be created within.

TokenLocality string

The kind of token that this auth method produces. This can be either ‘local’ or ‘global’.

Type string

The type of the ACL auth method.

config {[key: string]: string}

The raw configuration for this ACL auth method. This attribute is deprecated and will be removed in a future version. config_json should be used instead.

Deprecated: The config attribute is deprecated, please use config_json instead.

configJson string

The raw configuration for this ACL auth method.

description string

A free form human readable description of the auth method.

displayName string

An optional name to use instead of the name attribute when displaying information about this auth method.

maxTokenTtl string

The maximum life of any token created by this auth method.

name string

The name of the ACL auth method.

namespace string

The namespace to create the policy within.

namespaceRules AclAuthMethodNamespaceRule[]

A set of rules that control which namespace tokens created via this auth method will be created within.

tokenLocality string

The kind of token that this auth method produces. This can be either ‘local’ or ‘global’.

type string

The type of the ACL auth method.

config Mapping[str, str]

The raw configuration for this ACL auth method. This attribute is deprecated and will be removed in a future version. config_json should be used instead.

Deprecated: The config attribute is deprecated, please use config_json instead.

config_json str

The raw configuration for this ACL auth method.

description str

A free form human readable description of the auth method.

display_name str

An optional name to use instead of the name attribute when displaying information about this auth method.

max_token_ttl str

The maximum life of any token created by this auth method.

name str

The name of the ACL auth method.

namespace str

The namespace to create the policy within.

namespace_rules Sequence[AclAuthMethodNamespaceRuleArgs]

A set of rules that control which namespace tokens created via this auth method will be created within.

token_locality str

The kind of token that this auth method produces. This can be either ‘local’ or ‘global’.

type str

The type of the ACL auth method.

Supporting Types

AclAuthMethodNamespaceRule

BindNamespace string

If the namespace rule’s selector matches then this is used to control the namespace where the token is created.

Selector string

Specifies the expression used to match this namespace rule against valid identities returned from an auth method validation. Defaults to "".

BindNamespace string

If the namespace rule’s selector matches then this is used to control the namespace where the token is created.

Selector string

Specifies the expression used to match this namespace rule against valid identities returned from an auth method validation. Defaults to "".

bindNamespace string

If the namespace rule’s selector matches then this is used to control the namespace where the token is created.

selector string

Specifies the expression used to match this namespace rule against valid identities returned from an auth method validation. Defaults to "".

bind_namespace str

If the namespace rule’s selector matches then this is used to control the namespace where the token is created.

selector str

Specifies the expression used to match this namespace rule against valid identities returned from an auth method validation. Defaults to "".

Package Details

Repository
https://github.com/pulumi/pulumi-consul
License
Apache-2.0
Notes
This Pulumi package is based on the consul Terraform Provider.