Ready to level-up your engineering skills? Join a Pulumi Workshop. Register Now

AuthConfigKeycloak

Provides a Rancher v2 Auth Config KeyCloak resource. This can be used to configure and enable Auth Config KeyCloak for Rancher v2 RKE clusters and retrieve their information.

In addition to the built-in local auth, only one external auth config provider can be enabled at a time.

Example Usage

using Pulumi;
using Rancher2 = Pulumi.Rancher2;

class MyStack : Stack
{
    public MyStack()
    {
        // Create a new rancher2 Auth Config KeyCloak
        var keycloak = new Rancher2.AuthConfigKeycloak("keycloak", new Rancher2.AuthConfigKeycloakArgs
        {
            DisplayNameField = "<DISPLAY_NAME_FIELD>",
            GroupsField = "<GROUPS_FIELD>",
            IdpMetadataContent = "<IDP_METADATA_CONTENT>",
            RancherApiHost = "https://<RANCHER_API_HOST>",
            SpCert = "<SP_CERT>",
            SpKey = "<SP_KEY>",
            UidField = "<UID_FIELD>",
            UserNameField = "<USER_NAME_FIELD>",
        });
    }

}
package main

import (
    "github.com/pulumi/pulumi-rancher2/sdk/v2/go/rancher2"
    "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)

func main() {
    pulumi.Run(func(ctx *pulumi.Context) error {
        _, err := rancher2.NewAuthConfigKeycloak(ctx, "keycloak", &rancher2.AuthConfigKeycloakArgs{
            DisplayNameField:   pulumi.String("<DISPLAY_NAME_FIELD>"),
            GroupsField:        pulumi.String("<GROUPS_FIELD>"),
            IdpMetadataContent: pulumi.String("<IDP_METADATA_CONTENT>"),
            RancherApiHost:     pulumi.String("https://<RANCHER_API_HOST>"),
            SpCert:             pulumi.String("<SP_CERT>"),
            SpKey:              pulumi.String("<SP_KEY>"),
            UidField:           pulumi.String("<UID_FIELD>"),
            UserNameField:      pulumi.String("<USER_NAME_FIELD>"),
        })
        if err != nil {
            return err
        }
        return nil
    })
}
import pulumi
import pulumi_rancher2 as rancher2

# Create a new rancher2 Auth Config KeyCloak
keycloak = rancher2.AuthConfigKeycloak("keycloak",
    display_name_field="<DISPLAY_NAME_FIELD>",
    groups_field="<GROUPS_FIELD>",
    idp_metadata_content="<IDP_METADATA_CONTENT>",
    rancher_api_host="https://<RANCHER_API_HOST>",
    sp_cert="<SP_CERT>",
    sp_key="<SP_KEY>",
    uid_field="<UID_FIELD>",
    user_name_field="<USER_NAME_FIELD>")
import * as pulumi from "@pulumi/pulumi";
import * as rancher2 from "@pulumi/rancher2";

// Create a new rancher2 Auth Config KeyCloak
const keycloak = new rancher2.AuthConfigKeycloak("keycloak", {
    displayNameField: "<DISPLAY_NAME_FIELD>",
    groupsField: "<GROUPS_FIELD>",
    idpMetadataContent: "<IDP_METADATA_CONTENT>",
    rancherApiHost: "https://<RANCHER_API_HOST>",
    spCert: "<SP_CERT>",
    spKey: "<SP_KEY>",
    uidField: "<UID_FIELD>",
    userNameField: "<USER_NAME_FIELD>",
});

Create a AuthConfigKeycloak Resource

new AuthConfigKeycloak(name: string, args: AuthConfigKeycloakArgs, opts?: CustomResourceOptions);
def AuthConfigKeycloak(resource_name: str, opts: Optional[ResourceOptions] = None, access_mode: Optional[str] = None, allowed_principal_ids: Optional[Sequence[str]] = None, annotations: Optional[Mapping[str, Any]] = None, display_name_field: Optional[str] = None, enabled: Optional[bool] = None, groups_field: Optional[str] = None, idp_metadata_content: Optional[str] = None, labels: Optional[Mapping[str, Any]] = None, rancher_api_host: Optional[str] = None, sp_cert: Optional[str] = None, sp_key: Optional[str] = None, uid_field: Optional[str] = None, user_name_field: Optional[str] = None)
func NewAuthConfigKeycloak(ctx *Context, name string, args AuthConfigKeycloakArgs, opts ...ResourceOption) (*AuthConfigKeycloak, error)
public AuthConfigKeycloak(string name, AuthConfigKeycloakArgs args, CustomResourceOptions? opts = null)
name string
The unique name of the resource.
args AuthConfigKeycloakArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
opts ResourceOptions
A bag of options that control this resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args AuthConfigKeycloakArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args AuthConfigKeycloakArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.

AuthConfigKeycloak Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Programming Model docs.

Inputs

The AuthConfigKeycloak resource accepts the following input properties:

DisplayNameField string

KeyCloak display name field (string)

GroupsField string

KeyCloak group field (string)

IdpMetadataContent string

KeyCloak IDP metadata content (string)

RancherApiHost string

Rancher URL. URL scheme needs to be specified, https://<RANCHER_API_HOST> (string)

SpCert string

KeyCloak SP cert (string)

SpKey string

KeyCloak SP key (string)

UidField string

KeyCloak UID field (string)

UserNameField string

KeyCloak user name field (string)

AccessMode string

Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

AllowedPrincipalIds List<string>

Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: keycloak_user://<USER_ID> keycloak_group://<GROUP_ID> (list)

Annotations Dictionary<string, object>

Annotations of the resource (map)

Enabled bool

Enable auth config provider. Default true (bool)

Labels Dictionary<string, object>

Labels of the resource (map)

DisplayNameField string

KeyCloak display name field (string)

GroupsField string

KeyCloak group field (string)

IdpMetadataContent string

KeyCloak IDP metadata content (string)

RancherApiHost string

Rancher URL. URL scheme needs to be specified, https://<RANCHER_API_HOST> (string)

SpCert string

KeyCloak SP cert (string)

SpKey string

KeyCloak SP key (string)

UidField string

KeyCloak UID field (string)

UserNameField string

KeyCloak user name field (string)

AccessMode string

Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

AllowedPrincipalIds []string

Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: keycloak_user://<USER_ID> keycloak_group://<GROUP_ID> (list)

Annotations map[string]interface{}

Annotations of the resource (map)

Enabled bool

Enable auth config provider. Default true (bool)

Labels map[string]interface{}

Labels of the resource (map)

displayNameField string

KeyCloak display name field (string)

groupsField string

KeyCloak group field (string)

idpMetadataContent string

KeyCloak IDP metadata content (string)

rancherApiHost string

Rancher URL. URL scheme needs to be specified, https://<RANCHER_API_HOST> (string)

spCert string

KeyCloak SP cert (string)

spKey string

KeyCloak SP key (string)

uidField string

KeyCloak UID field (string)

userNameField string

KeyCloak user name field (string)

accessMode string

Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

allowedPrincipalIds string[]

Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: keycloak_user://<USER_ID> keycloak_group://<GROUP_ID> (list)

annotations {[key: string]: any}

Annotations of the resource (map)

enabled boolean

Enable auth config provider. Default true (bool)

labels {[key: string]: any}

Labels of the resource (map)

display_name_field str

KeyCloak display name field (string)

groups_field str

KeyCloak group field (string)

idp_metadata_content str

KeyCloak IDP metadata content (string)

rancher_api_host str

Rancher URL. URL scheme needs to be specified, https://<RANCHER_API_HOST> (string)

sp_cert str

KeyCloak SP cert (string)

sp_key str

KeyCloak SP key (string)

uid_field str

KeyCloak UID field (string)

user_name_field str

KeyCloak user name field (string)

access_mode str

Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

allowed_principal_ids Sequence[str]

Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: keycloak_user://<USER_ID> keycloak_group://<GROUP_ID> (list)

annotations Mapping[str, Any]

Annotations of the resource (map)

enabled bool

Enable auth config provider. Default true (bool)

labels Mapping[str, Any]

Labels of the resource (map)

Outputs

All input properties are implicitly available as output properties. Additionally, the AuthConfigKeycloak resource produces the following output properties:

Id string
The provider-assigned unique ID for this managed resource.
Name string

(Computed) The name of the resource (string)

Type string

(Computed) The type of the resource (string)

Id string
The provider-assigned unique ID for this managed resource.
Name string

(Computed) The name of the resource (string)

Type string

(Computed) The type of the resource (string)

id string
The provider-assigned unique ID for this managed resource.
name string

(Computed) The name of the resource (string)

type string

(Computed) The type of the resource (string)

id str
The provider-assigned unique ID for this managed resource.
name str

(Computed) The name of the resource (string)

type str

(Computed) The type of the resource (string)

Look up an Existing AuthConfigKeycloak Resource

Get an existing AuthConfigKeycloak resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: AuthConfigKeycloakState, opts?: CustomResourceOptions): AuthConfigKeycloak
@staticmethod
def get(resource_name: str, id: str, opts: Optional[ResourceOptions] = None, access_mode: Optional[str] = None, allowed_principal_ids: Optional[Sequence[str]] = None, annotations: Optional[Mapping[str, Any]] = None, display_name_field: Optional[str] = None, enabled: Optional[bool] = None, groups_field: Optional[str] = None, idp_metadata_content: Optional[str] = None, labels: Optional[Mapping[str, Any]] = None, name: Optional[str] = None, rancher_api_host: Optional[str] = None, sp_cert: Optional[str] = None, sp_key: Optional[str] = None, type: Optional[str] = None, uid_field: Optional[str] = None, user_name_field: Optional[str] = None) -> AuthConfigKeycloak
func GetAuthConfigKeycloak(ctx *Context, name string, id IDInput, state *AuthConfigKeycloakState, opts ...ResourceOption) (*AuthConfigKeycloak, error)
public static AuthConfigKeycloak Get(string name, Input<string> id, AuthConfigKeycloakState? state, CustomResourceOptions? opts = null)
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.

The following state arguments are supported:

AccessMode string

Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

AllowedPrincipalIds List<string>

Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: keycloak_user://<USER_ID> keycloak_group://<GROUP_ID> (list)

Annotations Dictionary<string, object>

Annotations of the resource (map)

DisplayNameField string

KeyCloak display name field (string)

Enabled bool

Enable auth config provider. Default true (bool)

GroupsField string

KeyCloak group field (string)

IdpMetadataContent string

KeyCloak IDP metadata content (string)

Labels Dictionary<string, object>

Labels of the resource (map)

Name string

(Computed) The name of the resource (string)

RancherApiHost string

Rancher URL. URL scheme needs to be specified, https://<RANCHER_API_HOST> (string)

SpCert string

KeyCloak SP cert (string)

SpKey string

KeyCloak SP key (string)

Type string

(Computed) The type of the resource (string)

UidField string

KeyCloak UID field (string)

UserNameField string

KeyCloak user name field (string)

AccessMode string

Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

AllowedPrincipalIds []string

Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: keycloak_user://<USER_ID> keycloak_group://<GROUP_ID> (list)

Annotations map[string]interface{}

Annotations of the resource (map)

DisplayNameField string

KeyCloak display name field (string)

Enabled bool

Enable auth config provider. Default true (bool)

GroupsField string

KeyCloak group field (string)

IdpMetadataContent string

KeyCloak IDP metadata content (string)

Labels map[string]interface{}

Labels of the resource (map)

Name string

(Computed) The name of the resource (string)

RancherApiHost string

Rancher URL. URL scheme needs to be specified, https://<RANCHER_API_HOST> (string)

SpCert string

KeyCloak SP cert (string)

SpKey string

KeyCloak SP key (string)

Type string

(Computed) The type of the resource (string)

UidField string

KeyCloak UID field (string)

UserNameField string

KeyCloak user name field (string)

accessMode string

Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

allowedPrincipalIds string[]

Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: keycloak_user://<USER_ID> keycloak_group://<GROUP_ID> (list)

annotations {[key: string]: any}

Annotations of the resource (map)

displayNameField string

KeyCloak display name field (string)

enabled boolean

Enable auth config provider. Default true (bool)

groupsField string

KeyCloak group field (string)

idpMetadataContent string

KeyCloak IDP metadata content (string)

labels {[key: string]: any}

Labels of the resource (map)

name string

(Computed) The name of the resource (string)

rancherApiHost string

Rancher URL. URL scheme needs to be specified, https://<RANCHER_API_HOST> (string)

spCert string

KeyCloak SP cert (string)

spKey string

KeyCloak SP key (string)

type string

(Computed) The type of the resource (string)

uidField string

KeyCloak UID field (string)

userNameField string

KeyCloak user name field (string)

access_mode str

Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

allowed_principal_ids Sequence[str]

Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: keycloak_user://<USER_ID> keycloak_group://<GROUP_ID> (list)

annotations Mapping[str, Any]

Annotations of the resource (map)

display_name_field str

KeyCloak display name field (string)

enabled bool

Enable auth config provider. Default true (bool)

groups_field str

KeyCloak group field (string)

idp_metadata_content str

KeyCloak IDP metadata content (string)

labels Mapping[str, Any]

Labels of the resource (map)

name str

(Computed) The name of the resource (string)

rancher_api_host str

Rancher URL. URL scheme needs to be specified, https://<RANCHER_API_HOST> (string)

sp_cert str

KeyCloak SP cert (string)

sp_key str

KeyCloak SP key (string)

type str

(Computed) The type of the resource (string)

uid_field str

KeyCloak UID field (string)

user_name_field str

KeyCloak user name field (string)

Package Details

Repository
https://github.com/pulumi/pulumi-rancher2
License
Apache-2.0
Notes
This Pulumi package is based on the rancher2 Terraform Provider.