Ready to level-up your engineering skills? Join a Pulumi Workshop. Register Now

AuthConfigOpenLdap

Provides a Rancher v2 Auth Config OpenLdap resource. This can be used to configure and enable Auth Config OpenLdap for Rancher v2 RKE clusters and retrieve their information.

In addition to the built-in local auth, only one external auth config provider can be enabled at a time.

Create a AuthConfigOpenLdap Resource

new AuthConfigOpenLdap(name: string, args: AuthConfigOpenLdapArgs, opts?: CustomResourceOptions);
def AuthConfigOpenLdap(resource_name: str, opts: Optional[ResourceOptions] = None, access_mode: Optional[str] = None, allowed_principal_ids: Optional[Sequence[str]] = None, annotations: Optional[Mapping[str, Any]] = None, certificate: Optional[str] = None, connection_timeout: Optional[int] = None, enabled: Optional[bool] = None, group_dn_attribute: Optional[str] = None, group_member_mapping_attribute: Optional[str] = None, group_member_user_attribute: Optional[str] = None, group_name_attribute: Optional[str] = None, group_object_class: Optional[str] = None, group_search_attribute: Optional[str] = None, group_search_base: Optional[str] = None, labels: Optional[Mapping[str, Any]] = None, nested_group_membership_enabled: Optional[bool] = None, port: Optional[int] = None, servers: Optional[Sequence[str]] = None, service_account_distinguished_name: Optional[str] = None, service_account_password: Optional[str] = None, test_password: Optional[str] = None, test_username: Optional[str] = None, tls: Optional[bool] = None, user_disabled_bit_mask: Optional[int] = None, user_enabled_attribute: Optional[str] = None, user_login_attribute: Optional[str] = None, user_member_attribute: Optional[str] = None, user_name_attribute: Optional[str] = None, user_object_class: Optional[str] = None, user_search_attribute: Optional[str] = None, user_search_base: Optional[str] = None)
func NewAuthConfigOpenLdap(ctx *Context, name string, args AuthConfigOpenLdapArgs, opts ...ResourceOption) (*AuthConfigOpenLdap, error)
public AuthConfigOpenLdap(string name, AuthConfigOpenLdapArgs args, CustomResourceOptions? opts = null)
name string
The unique name of the resource.
args AuthConfigOpenLdapArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
opts ResourceOptions
A bag of options that control this resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args AuthConfigOpenLdapArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args AuthConfigOpenLdapArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.

AuthConfigOpenLdap Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Programming Model docs.

Inputs

The AuthConfigOpenLdap resource accepts the following input properties:

Servers List<string>

OpenLdap servers list (list)

ServiceAccountDistinguishedName string

Service account DN for access OpenLdap service (string)

ServiceAccountPassword string

Service account password for access OpenLdap service (string)

TestPassword string

Password for test access to OpenLdap service (string)

TestUsername string

Username for test access to OpenLdap service (string)

UserSearchBase string

User search base DN (string)

AccessMode string

Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

AllowedPrincipalIds List<string>

Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: openldap_user://<DN> openldap_group://<DN> (list)

Annotations Dictionary<string, object>

Annotations of the resource (map)

Certificate string

Base64 encoded CA certificate for TLS if self-signed. Use filebase64() for encoding file (string)

ConnectionTimeout int

OpenLdap connection timeout. Default 5000 (int)

Enabled bool

Enable auth config provider. Default true (bool)

GroupDnAttribute string

Group DN attribute. Default entryDN (string)

GroupMemberMappingAttribute string

Group member mapping attribute. Default member (string)

GroupMemberUserAttribute string

Group member user attribute. Default entryDN (string)

GroupNameAttribute string

Group name attribute. Default cn (string)

GroupObjectClass string

Group object class. Default groupOfNames (string)

GroupSearchAttribute string

Group search attribute. Default cn (string)

GroupSearchBase string

Group search base (string)

Labels Dictionary<string, object>

Labels of the resource (map)

NestedGroupMembershipEnabled bool

Nested group membership enable. Default false (bool)

Port int

OpenLdap port. Default 389 (int)

Tls bool

Enable TLS connection (bool)

UserDisabledBitMask int

User disabled bit mask (int)

UserEnabledAttribute string

User enable attribute (string)

UserLoginAttribute string

User login attribute. Default uid (string)

UserMemberAttribute string

User member attribute. Default memberOf (string)

UserNameAttribute string

User name attribute. Default givenName (string)

UserObjectClass string

User object class. Default inetorgperson (string)

UserSearchAttribute string

User search attribute. Default uid|sn|givenName (string)

Servers []string

OpenLdap servers list (list)

ServiceAccountDistinguishedName string

Service account DN for access OpenLdap service (string)

ServiceAccountPassword string

Service account password for access OpenLdap service (string)

TestPassword string

Password for test access to OpenLdap service (string)

TestUsername string

Username for test access to OpenLdap service (string)

UserSearchBase string

User search base DN (string)

AccessMode string

Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

AllowedPrincipalIds []string

Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: openldap_user://<DN> openldap_group://<DN> (list)

Annotations map[string]interface{}

Annotations of the resource (map)

Certificate string

Base64 encoded CA certificate for TLS if self-signed. Use filebase64() for encoding file (string)

ConnectionTimeout int

OpenLdap connection timeout. Default 5000 (int)

Enabled bool

Enable auth config provider. Default true (bool)

GroupDnAttribute string

Group DN attribute. Default entryDN (string)

GroupMemberMappingAttribute string

Group member mapping attribute. Default member (string)

GroupMemberUserAttribute string

Group member user attribute. Default entryDN (string)

GroupNameAttribute string

Group name attribute. Default cn (string)

GroupObjectClass string

Group object class. Default groupOfNames (string)

GroupSearchAttribute string

Group search attribute. Default cn (string)

GroupSearchBase string

Group search base (string)

Labels map[string]interface{}

Labels of the resource (map)

NestedGroupMembershipEnabled bool

Nested group membership enable. Default false (bool)

Port int

OpenLdap port. Default 389 (int)

Tls bool

Enable TLS connection (bool)

UserDisabledBitMask int

User disabled bit mask (int)

UserEnabledAttribute string

User enable attribute (string)

UserLoginAttribute string

User login attribute. Default uid (string)

UserMemberAttribute string

User member attribute. Default memberOf (string)

UserNameAttribute string

User name attribute. Default givenName (string)

UserObjectClass string

User object class. Default inetorgperson (string)

UserSearchAttribute string

User search attribute. Default uid|sn|givenName (string)

servers string[]

OpenLdap servers list (list)

serviceAccountDistinguishedName string

Service account DN for access OpenLdap service (string)

serviceAccountPassword string

Service account password for access OpenLdap service (string)

testPassword string

Password for test access to OpenLdap service (string)

testUsername string

Username for test access to OpenLdap service (string)

userSearchBase string

User search base DN (string)

accessMode string

Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

allowedPrincipalIds string[]

Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: openldap_user://<DN> openldap_group://<DN> (list)

annotations {[key: string]: any}

Annotations of the resource (map)

certificate string

Base64 encoded CA certificate for TLS if self-signed. Use filebase64() for encoding file (string)

connectionTimeout number

OpenLdap connection timeout. Default 5000 (int)

enabled boolean

Enable auth config provider. Default true (bool)

groupDnAttribute string

Group DN attribute. Default entryDN (string)

groupMemberMappingAttribute string

Group member mapping attribute. Default member (string)

groupMemberUserAttribute string

Group member user attribute. Default entryDN (string)

groupNameAttribute string

Group name attribute. Default cn (string)

groupObjectClass string

Group object class. Default groupOfNames (string)

groupSearchAttribute string

Group search attribute. Default cn (string)

groupSearchBase string

Group search base (string)

labels {[key: string]: any}

Labels of the resource (map)

nestedGroupMembershipEnabled boolean

Nested group membership enable. Default false (bool)

port number

OpenLdap port. Default 389 (int)

tls boolean

Enable TLS connection (bool)

userDisabledBitMask number

User disabled bit mask (int)

userEnabledAttribute string

User enable attribute (string)

userLoginAttribute string

User login attribute. Default uid (string)

userMemberAttribute string

User member attribute. Default memberOf (string)

userNameAttribute string

User name attribute. Default givenName (string)

userObjectClass string

User object class. Default inetorgperson (string)

userSearchAttribute string

User search attribute. Default uid|sn|givenName (string)

servers Sequence[str]

OpenLdap servers list (list)

service_account_distinguished_name str

Service account DN for access OpenLdap service (string)

service_account_password str

Service account password for access OpenLdap service (string)

test_password str

Password for test access to OpenLdap service (string)

test_username str

Username for test access to OpenLdap service (string)

user_search_base str

User search base DN (string)

access_mode str

Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

allowed_principal_ids Sequence[str]

Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: openldap_user://<DN> openldap_group://<DN> (list)

annotations Mapping[str, Any]

Annotations of the resource (map)

certificate str

Base64 encoded CA certificate for TLS if self-signed. Use filebase64() for encoding file (string)

connection_timeout int

OpenLdap connection timeout. Default 5000 (int)

enabled bool

Enable auth config provider. Default true (bool)

group_dn_attribute str

Group DN attribute. Default entryDN (string)

group_member_mapping_attribute str

Group member mapping attribute. Default member (string)

group_member_user_attribute str

Group member user attribute. Default entryDN (string)

group_name_attribute str

Group name attribute. Default cn (string)

group_object_class str

Group object class. Default groupOfNames (string)

group_search_attribute str

Group search attribute. Default cn (string)

group_search_base str

Group search base (string)

labels Mapping[str, Any]

Labels of the resource (map)

nested_group_membership_enabled bool

Nested group membership enable. Default false (bool)

port int

OpenLdap port. Default 389 (int)

tls bool

Enable TLS connection (bool)

user_disabled_bit_mask int

User disabled bit mask (int)

user_enabled_attribute str

User enable attribute (string)

user_login_attribute str

User login attribute. Default uid (string)

user_member_attribute str

User member attribute. Default memberOf (string)

user_name_attribute str

User name attribute. Default givenName (string)

user_object_class str

User object class. Default inetorgperson (string)

user_search_attribute str

User search attribute. Default uid|sn|givenName (string)

Outputs

All input properties are implicitly available as output properties. Additionally, the AuthConfigOpenLdap resource produces the following output properties:

Id string
The provider-assigned unique ID for this managed resource.
Name string

(Computed) The name of the resource (string)

Type string

(Computed) The type of the resource (string)

Id string
The provider-assigned unique ID for this managed resource.
Name string

(Computed) The name of the resource (string)

Type string

(Computed) The type of the resource (string)

id string
The provider-assigned unique ID for this managed resource.
name string

(Computed) The name of the resource (string)

type string

(Computed) The type of the resource (string)

id str
The provider-assigned unique ID for this managed resource.
name str

(Computed) The name of the resource (string)

type str

(Computed) The type of the resource (string)

Look up an Existing AuthConfigOpenLdap Resource

Get an existing AuthConfigOpenLdap resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: AuthConfigOpenLdapState, opts?: CustomResourceOptions): AuthConfigOpenLdap
@staticmethod
def get(resource_name: str, id: str, opts: Optional[ResourceOptions] = None, access_mode: Optional[str] = None, allowed_principal_ids: Optional[Sequence[str]] = None, annotations: Optional[Mapping[str, Any]] = None, certificate: Optional[str] = None, connection_timeout: Optional[int] = None, enabled: Optional[bool] = None, group_dn_attribute: Optional[str] = None, group_member_mapping_attribute: Optional[str] = None, group_member_user_attribute: Optional[str] = None, group_name_attribute: Optional[str] = None, group_object_class: Optional[str] = None, group_search_attribute: Optional[str] = None, group_search_base: Optional[str] = None, labels: Optional[Mapping[str, Any]] = None, name: Optional[str] = None, nested_group_membership_enabled: Optional[bool] = None, port: Optional[int] = None, servers: Optional[Sequence[str]] = None, service_account_distinguished_name: Optional[str] = None, service_account_password: Optional[str] = None, test_password: Optional[str] = None, test_username: Optional[str] = None, tls: Optional[bool] = None, type: Optional[str] = None, user_disabled_bit_mask: Optional[int] = None, user_enabled_attribute: Optional[str] = None, user_login_attribute: Optional[str] = None, user_member_attribute: Optional[str] = None, user_name_attribute: Optional[str] = None, user_object_class: Optional[str] = None, user_search_attribute: Optional[str] = None, user_search_base: Optional[str] = None) -> AuthConfigOpenLdap
func GetAuthConfigOpenLdap(ctx *Context, name string, id IDInput, state *AuthConfigOpenLdapState, opts ...ResourceOption) (*AuthConfigOpenLdap, error)
public static AuthConfigOpenLdap Get(string name, Input<string> id, AuthConfigOpenLdapState? state, CustomResourceOptions? opts = null)
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.

The following state arguments are supported:

AccessMode string

Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

AllowedPrincipalIds List<string>

Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: openldap_user://<DN> openldap_group://<DN> (list)

Annotations Dictionary<string, object>

Annotations of the resource (map)

Certificate string

Base64 encoded CA certificate for TLS if self-signed. Use filebase64() for encoding file (string)

ConnectionTimeout int

OpenLdap connection timeout. Default 5000 (int)

Enabled bool

Enable auth config provider. Default true (bool)

GroupDnAttribute string

Group DN attribute. Default entryDN (string)

GroupMemberMappingAttribute string

Group member mapping attribute. Default member (string)

GroupMemberUserAttribute string

Group member user attribute. Default entryDN (string)

GroupNameAttribute string

Group name attribute. Default cn (string)

GroupObjectClass string

Group object class. Default groupOfNames (string)

GroupSearchAttribute string

Group search attribute. Default cn (string)

GroupSearchBase string

Group search base (string)

Labels Dictionary<string, object>

Labels of the resource (map)

Name string

(Computed) The name of the resource (string)

NestedGroupMembershipEnabled bool

Nested group membership enable. Default false (bool)

Port int

OpenLdap port. Default 389 (int)

Servers List<string>

OpenLdap servers list (list)

ServiceAccountDistinguishedName string

Service account DN for access OpenLdap service (string)

ServiceAccountPassword string

Service account password for access OpenLdap service (string)

TestPassword string

Password for test access to OpenLdap service (string)

TestUsername string

Username for test access to OpenLdap service (string)

Tls bool

Enable TLS connection (bool)

Type string

(Computed) The type of the resource (string)

UserDisabledBitMask int

User disabled bit mask (int)

UserEnabledAttribute string

User enable attribute (string)

UserLoginAttribute string

User login attribute. Default uid (string)

UserMemberAttribute string

User member attribute. Default memberOf (string)

UserNameAttribute string

User name attribute. Default givenName (string)

UserObjectClass string

User object class. Default inetorgperson (string)

UserSearchAttribute string

User search attribute. Default uid|sn|givenName (string)

UserSearchBase string

User search base DN (string)

AccessMode string

Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

AllowedPrincipalIds []string

Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: openldap_user://<DN> openldap_group://<DN> (list)

Annotations map[string]interface{}

Annotations of the resource (map)

Certificate string

Base64 encoded CA certificate for TLS if self-signed. Use filebase64() for encoding file (string)

ConnectionTimeout int

OpenLdap connection timeout. Default 5000 (int)

Enabled bool

Enable auth config provider. Default true (bool)

GroupDnAttribute string

Group DN attribute. Default entryDN (string)

GroupMemberMappingAttribute string

Group member mapping attribute. Default member (string)

GroupMemberUserAttribute string

Group member user attribute. Default entryDN (string)

GroupNameAttribute string

Group name attribute. Default cn (string)

GroupObjectClass string

Group object class. Default groupOfNames (string)

GroupSearchAttribute string

Group search attribute. Default cn (string)

GroupSearchBase string

Group search base (string)

Labels map[string]interface{}

Labels of the resource (map)

Name string

(Computed) The name of the resource (string)

NestedGroupMembershipEnabled bool

Nested group membership enable. Default false (bool)

Port int

OpenLdap port. Default 389 (int)

Servers []string

OpenLdap servers list (list)

ServiceAccountDistinguishedName string

Service account DN for access OpenLdap service (string)

ServiceAccountPassword string

Service account password for access OpenLdap service (string)

TestPassword string

Password for test access to OpenLdap service (string)

TestUsername string

Username for test access to OpenLdap service (string)

Tls bool

Enable TLS connection (bool)

Type string

(Computed) The type of the resource (string)

UserDisabledBitMask int

User disabled bit mask (int)

UserEnabledAttribute string

User enable attribute (string)

UserLoginAttribute string

User login attribute. Default uid (string)

UserMemberAttribute string

User member attribute. Default memberOf (string)

UserNameAttribute string

User name attribute. Default givenName (string)

UserObjectClass string

User object class. Default inetorgperson (string)

UserSearchAttribute string

User search attribute. Default uid|sn|givenName (string)

UserSearchBase string

User search base DN (string)

accessMode string

Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

allowedPrincipalIds string[]

Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: openldap_user://<DN> openldap_group://<DN> (list)

annotations {[key: string]: any}

Annotations of the resource (map)

certificate string

Base64 encoded CA certificate for TLS if self-signed. Use filebase64() for encoding file (string)

connectionTimeout number

OpenLdap connection timeout. Default 5000 (int)

enabled boolean

Enable auth config provider. Default true (bool)

groupDnAttribute string

Group DN attribute. Default entryDN (string)

groupMemberMappingAttribute string

Group member mapping attribute. Default member (string)

groupMemberUserAttribute string

Group member user attribute. Default entryDN (string)

groupNameAttribute string

Group name attribute. Default cn (string)

groupObjectClass string

Group object class. Default groupOfNames (string)

groupSearchAttribute string

Group search attribute. Default cn (string)

groupSearchBase string

Group search base (string)

labels {[key: string]: any}

Labels of the resource (map)

name string

(Computed) The name of the resource (string)

nestedGroupMembershipEnabled boolean

Nested group membership enable. Default false (bool)

port number

OpenLdap port. Default 389 (int)

servers string[]

OpenLdap servers list (list)

serviceAccountDistinguishedName string

Service account DN for access OpenLdap service (string)

serviceAccountPassword string

Service account password for access OpenLdap service (string)

testPassword string

Password for test access to OpenLdap service (string)

testUsername string

Username for test access to OpenLdap service (string)

tls boolean

Enable TLS connection (bool)

type string

(Computed) The type of the resource (string)

userDisabledBitMask number

User disabled bit mask (int)

userEnabledAttribute string

User enable attribute (string)

userLoginAttribute string

User login attribute. Default uid (string)

userMemberAttribute string

User member attribute. Default memberOf (string)

userNameAttribute string

User name attribute. Default givenName (string)

userObjectClass string

User object class. Default inetorgperson (string)

userSearchAttribute string

User search attribute. Default uid|sn|givenName (string)

userSearchBase string

User search base DN (string)

access_mode str

Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

allowed_principal_ids Sequence[str]

Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: openldap_user://<DN> openldap_group://<DN> (list)

annotations Mapping[str, Any]

Annotations of the resource (map)

certificate str

Base64 encoded CA certificate for TLS if self-signed. Use filebase64() for encoding file (string)

connection_timeout int

OpenLdap connection timeout. Default 5000 (int)

enabled bool

Enable auth config provider. Default true (bool)

group_dn_attribute str

Group DN attribute. Default entryDN (string)

group_member_mapping_attribute str

Group member mapping attribute. Default member (string)

group_member_user_attribute str

Group member user attribute. Default entryDN (string)

group_name_attribute str

Group name attribute. Default cn (string)

group_object_class str

Group object class. Default groupOfNames (string)

group_search_attribute str

Group search attribute. Default cn (string)

group_search_base str

Group search base (string)

labels Mapping[str, Any]

Labels of the resource (map)

name str

(Computed) The name of the resource (string)

nested_group_membership_enabled bool

Nested group membership enable. Default false (bool)

port int

OpenLdap port. Default 389 (int)

servers Sequence[str]

OpenLdap servers list (list)

service_account_distinguished_name str

Service account DN for access OpenLdap service (string)

service_account_password str

Service account password for access OpenLdap service (string)

test_password str

Password for test access to OpenLdap service (string)

test_username str

Username for test access to OpenLdap service (string)

tls bool

Enable TLS connection (bool)

type str

(Computed) The type of the resource (string)

user_disabled_bit_mask int

User disabled bit mask (int)

user_enabled_attribute str

User enable attribute (string)

user_login_attribute str

User login attribute. Default uid (string)

user_member_attribute str

User member attribute. Default memberOf (string)

user_name_attribute str

User name attribute. Default givenName (string)

user_object_class str

User object class. Default inetorgperson (string)

user_search_attribute str

User search attribute. Default uid|sn|givenName (string)

user_search_base str

User search base DN (string)

Package Details

Repository
https://github.com/pulumi/pulumi-rancher2
License
Apache-2.0
Notes
This Pulumi package is based on the rancher2 Terraform Provider.