Ready to level-up your engineering skills? Join a Pulumi Workshop. Register Now

ActiveDirectory

Provides a Rancher v2 Auth Config ActiveDirectory resource. This can be used to configure and enable Auth Config ActiveDirectory for Rancher v2 RKE clusters and retrieve their information.

In addition to the built-in local auth, only one external auth config provider can be enabled at a time.

Create a ActiveDirectory Resource

new ActiveDirectory(name: string, args: ActiveDirectoryArgs, opts?: CustomResourceOptions);
def ActiveDirectory(resource_name: str, opts: Optional[ResourceOptions] = None, access_mode: Optional[str] = None, allowed_principal_ids: Optional[Sequence[str]] = None, annotations: Optional[Mapping[str, Any]] = None, certificate: Optional[str] = None, connection_timeout: Optional[int] = None, default_login_domain: Optional[str] = None, enabled: Optional[bool] = None, group_dn_attribute: Optional[str] = None, group_member_mapping_attribute: Optional[str] = None, group_member_user_attribute: Optional[str] = None, group_name_attribute: Optional[str] = None, group_object_class: Optional[str] = None, group_search_attribute: Optional[str] = None, group_search_base: Optional[str] = None, group_search_filter: Optional[str] = None, labels: Optional[Mapping[str, Any]] = None, nested_group_membership_enabled: Optional[bool] = None, port: Optional[int] = None, servers: Optional[Sequence[str]] = None, service_account_password: Optional[str] = None, service_account_username: Optional[str] = None, test_password: Optional[str] = None, test_username: Optional[str] = None, tls: Optional[bool] = None, user_disabled_bit_mask: Optional[int] = None, user_enabled_attribute: Optional[str] = None, user_login_attribute: Optional[str] = None, user_name_attribute: Optional[str] = None, user_object_class: Optional[str] = None, user_search_attribute: Optional[str] = None, user_search_base: Optional[str] = None, user_search_filter: Optional[str] = None)
func NewActiveDirectory(ctx *Context, name string, args ActiveDirectoryArgs, opts ...ResourceOption) (*ActiveDirectory, error)
public ActiveDirectory(string name, ActiveDirectoryArgs args, CustomResourceOptions? opts = null)
name string
The unique name of the resource.
args ActiveDirectoryArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
opts ResourceOptions
A bag of options that control this resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args ActiveDirectoryArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args ActiveDirectoryArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.

ActiveDirectory Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Programming Model docs.

Inputs

The ActiveDirectory resource accepts the following input properties:

Servers List<string>

ActiveDirectory servers list (list)

ServiceAccountPassword string

Service account password for access ActiveDirectory service (string)

ServiceAccountUsername string

Service account DN for access ActiveDirectory service (string)

TestPassword string

Password for test access to ActiveDirectory service (string)

TestUsername string

Username for test access to ActiveDirectory service (string)

UserSearchBase string

User search base DN (string)

AccessMode string

Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

AllowedPrincipalIds List<string>

Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: activedirectory_user://<DN> activedirectory_group://<DN> (list)

Annotations Dictionary<string, object>

Annotations of the resource (map)

Certificate string

CA certificate for TLS if selfsigned (string)

ConnectionTimeout int

ActiveDirectory connection timeout. Default 5000 (int)

DefaultLoginDomain string

ActiveDirectory defult login domain (string)

Enabled bool

Enable auth config provider. Default true (bool)

GroupDnAttribute string

Group DN attribute. Default distinguishedName (string)

GroupMemberMappingAttribute string

Group member mapping attribute. Default member (string)

GroupMemberUserAttribute string

Group member user attribute. Default distinguishedName (string)

GroupNameAttribute string

Group name attribute. Default name (string)

GroupObjectClass string

Group object class. Default group (string)

GroupSearchAttribute string

Group search attribute. Default sAMAccountName (string)

GroupSearchBase string

Group search base (string)

GroupSearchFilter string

Group search filter (string)

Labels Dictionary<string, object>

Labels of the resource (map)

NestedGroupMembershipEnabled bool

Nested group membership enable. Default false (bool)

Port int

ActiveDirectory port. Default 389 (int)

Tls bool

Enable TLS connection (bool)

UserDisabledBitMask int

User disabled bit mask. Default 2 (int)

UserEnabledAttribute string

User enable attribute (string)

UserLoginAttribute string

User login attribute. Default sAMAccountName (string)

UserNameAttribute string

User name attribute. Default name (string)

UserObjectClass string

User object class. Default person (string)

UserSearchAttribute string

User search attribute. Default sAMAccountName|sn|givenName (string)

UserSearchFilter string

User search filter (string)

Servers []string

ActiveDirectory servers list (list)

ServiceAccountPassword string

Service account password for access ActiveDirectory service (string)

ServiceAccountUsername string

Service account DN for access ActiveDirectory service (string)

TestPassword string

Password for test access to ActiveDirectory service (string)

TestUsername string

Username for test access to ActiveDirectory service (string)

UserSearchBase string

User search base DN (string)

AccessMode string

Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

AllowedPrincipalIds []string

Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: activedirectory_user://<DN> activedirectory_group://<DN> (list)

Annotations map[string]interface{}

Annotations of the resource (map)

Certificate string

CA certificate for TLS if selfsigned (string)

ConnectionTimeout int

ActiveDirectory connection timeout. Default 5000 (int)

DefaultLoginDomain string

ActiveDirectory defult login domain (string)

Enabled bool

Enable auth config provider. Default true (bool)

GroupDnAttribute string

Group DN attribute. Default distinguishedName (string)

GroupMemberMappingAttribute string

Group member mapping attribute. Default member (string)

GroupMemberUserAttribute string

Group member user attribute. Default distinguishedName (string)

GroupNameAttribute string

Group name attribute. Default name (string)

GroupObjectClass string

Group object class. Default group (string)

GroupSearchAttribute string

Group search attribute. Default sAMAccountName (string)

GroupSearchBase string

Group search base (string)

GroupSearchFilter string

Group search filter (string)

Labels map[string]interface{}

Labels of the resource (map)

NestedGroupMembershipEnabled bool

Nested group membership enable. Default false (bool)

Port int

ActiveDirectory port. Default 389 (int)

Tls bool

Enable TLS connection (bool)

UserDisabledBitMask int

User disabled bit mask. Default 2 (int)

UserEnabledAttribute string

User enable attribute (string)

UserLoginAttribute string

User login attribute. Default sAMAccountName (string)

UserNameAttribute string

User name attribute. Default name (string)

UserObjectClass string

User object class. Default person (string)

UserSearchAttribute string

User search attribute. Default sAMAccountName|sn|givenName (string)

UserSearchFilter string

User search filter (string)

servers string[]

ActiveDirectory servers list (list)

serviceAccountPassword string

Service account password for access ActiveDirectory service (string)

serviceAccountUsername string

Service account DN for access ActiveDirectory service (string)

testPassword string

Password for test access to ActiveDirectory service (string)

testUsername string

Username for test access to ActiveDirectory service (string)

userSearchBase string

User search base DN (string)

accessMode string

Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

allowedPrincipalIds string[]

Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: activedirectory_user://<DN> activedirectory_group://<DN> (list)

annotations {[key: string]: any}

Annotations of the resource (map)

certificate string

CA certificate for TLS if selfsigned (string)

connectionTimeout number

ActiveDirectory connection timeout. Default 5000 (int)

defaultLoginDomain string

ActiveDirectory defult login domain (string)

enabled boolean

Enable auth config provider. Default true (bool)

groupDnAttribute string

Group DN attribute. Default distinguishedName (string)

groupMemberMappingAttribute string

Group member mapping attribute. Default member (string)

groupMemberUserAttribute string

Group member user attribute. Default distinguishedName (string)

groupNameAttribute string

Group name attribute. Default name (string)

groupObjectClass string

Group object class. Default group (string)

groupSearchAttribute string

Group search attribute. Default sAMAccountName (string)

groupSearchBase string

Group search base (string)

groupSearchFilter string

Group search filter (string)

labels {[key: string]: any}

Labels of the resource (map)

nestedGroupMembershipEnabled boolean

Nested group membership enable. Default false (bool)

port number

ActiveDirectory port. Default 389 (int)

tls boolean

Enable TLS connection (bool)

userDisabledBitMask number

User disabled bit mask. Default 2 (int)

userEnabledAttribute string

User enable attribute (string)

userLoginAttribute string

User login attribute. Default sAMAccountName (string)

userNameAttribute string

User name attribute. Default name (string)

userObjectClass string

User object class. Default person (string)

userSearchAttribute string

User search attribute. Default sAMAccountName|sn|givenName (string)

userSearchFilter string

User search filter (string)

servers Sequence[str]

ActiveDirectory servers list (list)

service_account_password str

Service account password for access ActiveDirectory service (string)

service_account_username str

Service account DN for access ActiveDirectory service (string)

test_password str

Password for test access to ActiveDirectory service (string)

test_username str

Username for test access to ActiveDirectory service (string)

user_search_base str

User search base DN (string)

access_mode str

Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

allowed_principal_ids Sequence[str]

Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: activedirectory_user://<DN> activedirectory_group://<DN> (list)

annotations Mapping[str, Any]

Annotations of the resource (map)

certificate str

CA certificate for TLS if selfsigned (string)

connection_timeout int

ActiveDirectory connection timeout. Default 5000 (int)

default_login_domain str

ActiveDirectory defult login domain (string)

enabled bool

Enable auth config provider. Default true (bool)

group_dn_attribute str

Group DN attribute. Default distinguishedName (string)

group_member_mapping_attribute str

Group member mapping attribute. Default member (string)

group_member_user_attribute str

Group member user attribute. Default distinguishedName (string)

group_name_attribute str

Group name attribute. Default name (string)

group_object_class str

Group object class. Default group (string)

group_search_attribute str

Group search attribute. Default sAMAccountName (string)

group_search_base str

Group search base (string)

group_search_filter str

Group search filter (string)

labels Mapping[str, Any]

Labels of the resource (map)

nested_group_membership_enabled bool

Nested group membership enable. Default false (bool)

port int

ActiveDirectory port. Default 389 (int)

tls bool

Enable TLS connection (bool)

user_disabled_bit_mask int

User disabled bit mask. Default 2 (int)

user_enabled_attribute str

User enable attribute (string)

user_login_attribute str

User login attribute. Default sAMAccountName (string)

user_name_attribute str

User name attribute. Default name (string)

user_object_class str

User object class. Default person (string)

user_search_attribute str

User search attribute. Default sAMAccountName|sn|givenName (string)

user_search_filter str

User search filter (string)

Outputs

All input properties are implicitly available as output properties. Additionally, the ActiveDirectory resource produces the following output properties:

Id string
The provider-assigned unique ID for this managed resource.
Name string

(Computed) The name of the resource (string)

Type string

(Computed) The type of the resource (string)

Id string
The provider-assigned unique ID for this managed resource.
Name string

(Computed) The name of the resource (string)

Type string

(Computed) The type of the resource (string)

id string
The provider-assigned unique ID for this managed resource.
name string

(Computed) The name of the resource (string)

type string

(Computed) The type of the resource (string)

id str
The provider-assigned unique ID for this managed resource.
name str

(Computed) The name of the resource (string)

type str

(Computed) The type of the resource (string)

Look up an Existing ActiveDirectory Resource

Get an existing ActiveDirectory resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: ActiveDirectoryState, opts?: CustomResourceOptions): ActiveDirectory
@staticmethod
def get(resource_name: str, id: str, opts: Optional[ResourceOptions] = None, access_mode: Optional[str] = None, allowed_principal_ids: Optional[Sequence[str]] = None, annotations: Optional[Mapping[str, Any]] = None, certificate: Optional[str] = None, connection_timeout: Optional[int] = None, default_login_domain: Optional[str] = None, enabled: Optional[bool] = None, group_dn_attribute: Optional[str] = None, group_member_mapping_attribute: Optional[str] = None, group_member_user_attribute: Optional[str] = None, group_name_attribute: Optional[str] = None, group_object_class: Optional[str] = None, group_search_attribute: Optional[str] = None, group_search_base: Optional[str] = None, group_search_filter: Optional[str] = None, labels: Optional[Mapping[str, Any]] = None, name: Optional[str] = None, nested_group_membership_enabled: Optional[bool] = None, port: Optional[int] = None, servers: Optional[Sequence[str]] = None, service_account_password: Optional[str] = None, service_account_username: Optional[str] = None, test_password: Optional[str] = None, test_username: Optional[str] = None, tls: Optional[bool] = None, type: Optional[str] = None, user_disabled_bit_mask: Optional[int] = None, user_enabled_attribute: Optional[str] = None, user_login_attribute: Optional[str] = None, user_name_attribute: Optional[str] = None, user_object_class: Optional[str] = None, user_search_attribute: Optional[str] = None, user_search_base: Optional[str] = None, user_search_filter: Optional[str] = None) -> ActiveDirectory
func GetActiveDirectory(ctx *Context, name string, id IDInput, state *ActiveDirectoryState, opts ...ResourceOption) (*ActiveDirectory, error)
public static ActiveDirectory Get(string name, Input<string> id, ActiveDirectoryState? state, CustomResourceOptions? opts = null)
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.

The following state arguments are supported:

AccessMode string

Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

AllowedPrincipalIds List<string>

Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: activedirectory_user://<DN> activedirectory_group://<DN> (list)

Annotations Dictionary<string, object>

Annotations of the resource (map)

Certificate string

CA certificate for TLS if selfsigned (string)

ConnectionTimeout int

ActiveDirectory connection timeout. Default 5000 (int)

DefaultLoginDomain string

ActiveDirectory defult login domain (string)

Enabled bool

Enable auth config provider. Default true (bool)

GroupDnAttribute string

Group DN attribute. Default distinguishedName (string)

GroupMemberMappingAttribute string

Group member mapping attribute. Default member (string)

GroupMemberUserAttribute string

Group member user attribute. Default distinguishedName (string)

GroupNameAttribute string

Group name attribute. Default name (string)

GroupObjectClass string

Group object class. Default group (string)

GroupSearchAttribute string

Group search attribute. Default sAMAccountName (string)

GroupSearchBase string

Group search base (string)

GroupSearchFilter string

Group search filter (string)

Labels Dictionary<string, object>

Labels of the resource (map)

Name string

(Computed) The name of the resource (string)

NestedGroupMembershipEnabled bool

Nested group membership enable. Default false (bool)

Port int

ActiveDirectory port. Default 389 (int)

Servers List<string>

ActiveDirectory servers list (list)

ServiceAccountPassword string

Service account password for access ActiveDirectory service (string)

ServiceAccountUsername string

Service account DN for access ActiveDirectory service (string)

TestPassword string

Password for test access to ActiveDirectory service (string)

TestUsername string

Username for test access to ActiveDirectory service (string)

Tls bool

Enable TLS connection (bool)

Type string

(Computed) The type of the resource (string)

UserDisabledBitMask int

User disabled bit mask. Default 2 (int)

UserEnabledAttribute string

User enable attribute (string)

UserLoginAttribute string

User login attribute. Default sAMAccountName (string)

UserNameAttribute string

User name attribute. Default name (string)

UserObjectClass string

User object class. Default person (string)

UserSearchAttribute string

User search attribute. Default sAMAccountName|sn|givenName (string)

UserSearchBase string

User search base DN (string)

UserSearchFilter string

User search filter (string)

AccessMode string

Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

AllowedPrincipalIds []string

Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: activedirectory_user://<DN> activedirectory_group://<DN> (list)

Annotations map[string]interface{}

Annotations of the resource (map)

Certificate string

CA certificate for TLS if selfsigned (string)

ConnectionTimeout int

ActiveDirectory connection timeout. Default 5000 (int)

DefaultLoginDomain string

ActiveDirectory defult login domain (string)

Enabled bool

Enable auth config provider. Default true (bool)

GroupDnAttribute string

Group DN attribute. Default distinguishedName (string)

GroupMemberMappingAttribute string

Group member mapping attribute. Default member (string)

GroupMemberUserAttribute string

Group member user attribute. Default distinguishedName (string)

GroupNameAttribute string

Group name attribute. Default name (string)

GroupObjectClass string

Group object class. Default group (string)

GroupSearchAttribute string

Group search attribute. Default sAMAccountName (string)

GroupSearchBase string

Group search base (string)

GroupSearchFilter string

Group search filter (string)

Labels map[string]interface{}

Labels of the resource (map)

Name string

(Computed) The name of the resource (string)

NestedGroupMembershipEnabled bool

Nested group membership enable. Default false (bool)

Port int

ActiveDirectory port. Default 389 (int)

Servers []string

ActiveDirectory servers list (list)

ServiceAccountPassword string

Service account password for access ActiveDirectory service (string)

ServiceAccountUsername string

Service account DN for access ActiveDirectory service (string)

TestPassword string

Password for test access to ActiveDirectory service (string)

TestUsername string

Username for test access to ActiveDirectory service (string)

Tls bool

Enable TLS connection (bool)

Type string

(Computed) The type of the resource (string)

UserDisabledBitMask int

User disabled bit mask. Default 2 (int)

UserEnabledAttribute string

User enable attribute (string)

UserLoginAttribute string

User login attribute. Default sAMAccountName (string)

UserNameAttribute string

User name attribute. Default name (string)

UserObjectClass string

User object class. Default person (string)

UserSearchAttribute string

User search attribute. Default sAMAccountName|sn|givenName (string)

UserSearchBase string

User search base DN (string)

UserSearchFilter string

User search filter (string)

accessMode string

Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

allowedPrincipalIds string[]

Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: activedirectory_user://<DN> activedirectory_group://<DN> (list)

annotations {[key: string]: any}

Annotations of the resource (map)

certificate string

CA certificate for TLS if selfsigned (string)

connectionTimeout number

ActiveDirectory connection timeout. Default 5000 (int)

defaultLoginDomain string

ActiveDirectory defult login domain (string)

enabled boolean

Enable auth config provider. Default true (bool)

groupDnAttribute string

Group DN attribute. Default distinguishedName (string)

groupMemberMappingAttribute string

Group member mapping attribute. Default member (string)

groupMemberUserAttribute string

Group member user attribute. Default distinguishedName (string)

groupNameAttribute string

Group name attribute. Default name (string)

groupObjectClass string

Group object class. Default group (string)

groupSearchAttribute string

Group search attribute. Default sAMAccountName (string)

groupSearchBase string

Group search base (string)

groupSearchFilter string

Group search filter (string)

labels {[key: string]: any}

Labels of the resource (map)

name string

(Computed) The name of the resource (string)

nestedGroupMembershipEnabled boolean

Nested group membership enable. Default false (bool)

port number

ActiveDirectory port. Default 389 (int)

servers string[]

ActiveDirectory servers list (list)

serviceAccountPassword string

Service account password for access ActiveDirectory service (string)

serviceAccountUsername string

Service account DN for access ActiveDirectory service (string)

testPassword string

Password for test access to ActiveDirectory service (string)

testUsername string

Username for test access to ActiveDirectory service (string)

tls boolean

Enable TLS connection (bool)

type string

(Computed) The type of the resource (string)

userDisabledBitMask number

User disabled bit mask. Default 2 (int)

userEnabledAttribute string

User enable attribute (string)

userLoginAttribute string

User login attribute. Default sAMAccountName (string)

userNameAttribute string

User name attribute. Default name (string)

userObjectClass string

User object class. Default person (string)

userSearchAttribute string

User search attribute. Default sAMAccountName|sn|givenName (string)

userSearchBase string

User search base DN (string)

userSearchFilter string

User search filter (string)

access_mode str

Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

allowed_principal_ids Sequence[str]

Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: activedirectory_user://<DN> activedirectory_group://<DN> (list)

annotations Mapping[str, Any]

Annotations of the resource (map)

certificate str

CA certificate for TLS if selfsigned (string)

connection_timeout int

ActiveDirectory connection timeout. Default 5000 (int)

default_login_domain str

ActiveDirectory defult login domain (string)

enabled bool

Enable auth config provider. Default true (bool)

group_dn_attribute str

Group DN attribute. Default distinguishedName (string)

group_member_mapping_attribute str

Group member mapping attribute. Default member (string)

group_member_user_attribute str

Group member user attribute. Default distinguishedName (string)

group_name_attribute str

Group name attribute. Default name (string)

group_object_class str

Group object class. Default group (string)

group_search_attribute str

Group search attribute. Default sAMAccountName (string)

group_search_base str

Group search base (string)

group_search_filter str

Group search filter (string)

labels Mapping[str, Any]

Labels of the resource (map)

name str

(Computed) The name of the resource (string)

nested_group_membership_enabled bool

Nested group membership enable. Default false (bool)

port int

ActiveDirectory port. Default 389 (int)

servers Sequence[str]

ActiveDirectory servers list (list)

service_account_password str

Service account password for access ActiveDirectory service (string)

service_account_username str

Service account DN for access ActiveDirectory service (string)

test_password str

Password for test access to ActiveDirectory service (string)

test_username str

Username for test access to ActiveDirectory service (string)

tls bool

Enable TLS connection (bool)

type str

(Computed) The type of the resource (string)

user_disabled_bit_mask int

User disabled bit mask. Default 2 (int)

user_enabled_attribute str

User enable attribute (string)

user_login_attribute str

User login attribute. Default sAMAccountName (string)

user_name_attribute str

User name attribute. Default name (string)

user_object_class str

User object class. Default person (string)

user_search_attribute str

User search attribute. Default sAMAccountName|sn|givenName (string)

user_search_base str

User search base DN (string)

user_search_filter str

User search filter (string)

Package Details

Repository
https://github.com/pulumi/pulumi-rancher2
License
Apache-2.0
Notes
This Pulumi package is based on the rancher2 Terraform Provider.